diff --git a/docs/cce/umn/ALL_META.TXT.json b/docs/cce/umn/ALL_META.TXT.json index a55f31336..076f195d6 100644 --- a/docs/cce/umn/ALL_META.TXT.json +++ b/docs/cce/umn/ALL_META.TXT.json @@ -45,9 +45,9 @@ "node_id":"cce_productdesc_0003.xml", "product_code":"cce", "code":"3", - "des":"CCE is a container service developed on Docker and Kubernetes. It offers a wide range of features that allow you to run containers on a large scale. CCE containers are hi", + "des":"CCE is a container service developed on Docker and Kubernetes. It offers a wide range of features that allow you to run containers in large clusters. CCE containers are h", "doc_type":"usermanual2", - "kw":"Product Advantages,Service Overview,User Guide", + "kw":"Docker,CCE Advantages,Service Overview,User Guide", "search_title":"", "metedata":[ { @@ -55,7 +55,7 @@ "documenttype":"usermanual" } ], - "title":"Product Advantages", + "title":"CCE Advantages", "githuburl":"" }, { @@ -135,9 +135,9 @@ "node_id":"cce_productdesc_0018.xml", "product_code":"cce", "code":"8", - "des":"Multi-cloud deployment and disaster recoveryTo ensure high service availability, services need to be deployed on container services of multiple clouds. When a cloud is fa", + "des":"Multi-cloud deployment, DR, and backupTo ensure high service availability, services need to be deployed on container services of multiple clouds. When a cloud is faulty, ", "doc_type":"usermanual2", - "kw":"Hybrid Cloud,Application Scenarios,User Guide", + "kw":"Hybrid Clouds,Application Scenarios,User Guide", "search_title":"", "metedata":[ { @@ -145,7 +145,7 @@ "documenttype":"usermanual" } ], - "title":"Hybrid Cloud", + "title":"Hybrid Clouds", "githuburl":"" }, { @@ -191,7 +191,7 @@ "code":"11", "des":"CCE needs to be interconnected with the following cloud services. It requires permissions to access these cloud services.", "doc_type":"usermanual2", - "kw":"ECS,VPC,ELB,SWR,EVS,OBS,cloud storage for data of any size,SFS,AOM,Related Services,Service Overview", + "kw":"VPC,ELB,SWR,EVS,OBS,cloud storage for data of any size,SFS,AOM,Related Services,Service Overview,Use", "search_title":"", "metedata":[ { @@ -608,11 +608,29 @@ "title":"Kubernetes Version Release Notes", "githuburl":"" }, + { + "uri":"cce_bulletin_0104.html", + "node_id":"cce_bulletin_0104.xml", + "product_code":"cce", + "code":"34", + "des":"CCE allows you to create Kubernetes 1.32 clusters. This section describes the changes made in Kubernetes 1.32.New and Enhanced FeaturesAPI Changes and RemovalsEnhanced Ku", + "doc_type":"usermanual2", + "kw":"Kubernetes 1.32 Release Notes,Kubernetes Version Release Notes,User Guide", + "search_title":"", + "metedata":[ + { + "prodname":"cce", + "documenttype":"usermanual" + } + ], + "title":"Kubernetes 1.32 Release Notes", + "githuburl":"" + }, { "uri":"cce_bulletin_0099.html", "node_id":"cce_bulletin_0099.xml", "product_code":"cce", - "code":"34", + "code":"35", "des":"CCE allows you to create Kubernetes 1.31 clusters. This section describes the changes made in Kubernetes 1.31.New and Enhanced FeaturesAPI Changes and RemovalsEnhanced Ku", "doc_type":"usermanual2", "kw":"Kubernetes 1.31 Release Notes,Kubernetes Version Release Notes,User Guide", @@ -630,7 +648,7 @@ "uri":"cce_bulletin_0095.html", "node_id":"cce_bulletin_0095.xml", "product_code":"cce", - "code":"35", + "code":"36", "des":"CCE allows you to create Kubernetes 1.30 clusters. This section describes the changes made in Kubernetes 1.30.New and Enhanced FeaturesAPI Changes and RemovalsEnhanced Ku", "doc_type":"usermanual2", "kw":"Kubernetes 1.30 Release Notes,Kubernetes Version Release Notes,User Guide", @@ -648,7 +666,7 @@ "uri":"cce_bulletin_0089.html", "node_id":"cce_bulletin_0089.xml", "product_code":"cce", - "code":"36", + "code":"37", "des":"CCE allows you to create Kubernetes 1.29 clusters. This section describes the changes made in Kubernetes 1.29.New and Enhanced FeaturesAPI Changes and RemovalsIncompatibl", "doc_type":"usermanual2", "kw":"Kubernetes 1.29 Release Notes,Kubernetes Version Release Notes,User Guide", @@ -666,7 +684,7 @@ "uri":"cce_bulletin_0068.html", "node_id":"cce_bulletin_0068.xml", "product_code":"cce", - "code":"37", + "code":"38", "des":"CCE allows you to create Kubernetes 1.28 clusters. This section describes the changes made in Kubernetes 1.28.Important NotesNew and Enhanced FeaturesAPI Changes and Remo", "doc_type":"usermanual2", "kw":"Kubernetes 1.28 Release Notes,Kubernetes Version Release Notes,User Guide", @@ -684,7 +702,7 @@ "uri":"cce_bulletin_0059.html", "node_id":"cce_bulletin_0059.xml", "product_code":"cce", - "code":"38", + "code":"39", "des":"CCE allows you to create Kubernetes 1.27 clusters. This section describes the changes made in Kubernetes 1.27 compared with Kubernetes 1.25.New FeaturesDeprecations and R", "doc_type":"usermanual2", "kw":"Kubernetes 1.27 Release Notes,Kubernetes Version Release Notes,User Guide", @@ -702,10 +720,10 @@ "uri":"cce_bulletin_0058.html", "node_id":"cce_bulletin_0058.xml", "product_code":"cce", - "code":"39", + "code":"40", "des":"This section describes the changes made in Kubernetes 1.25 compared with Kubernetes 1.23.New FeaturesDeprecations and RemovalsEnhanced Kubernetes 1.25 on CCEReferencesKub", "doc_type":"usermanual2", - "kw":"Kubernetes 1.25 (EOM) Release Notes,Kubernetes Version Release Notes,User Guide", + "kw":"Kubernetes 1.25 Release Notes,Kubernetes Version Release Notes,User Guide", "search_title":"", "metedata":[ { @@ -713,14 +731,14 @@ "documenttype":"usermanual" } ], - "title":"Kubernetes 1.25 (EOM) Release Notes", + "title":"Kubernetes 1.25 Release Notes", "githuburl":"" }, { "uri":"cce_bulletin_0027.html", "node_id":"cce_bulletin_0027.xml", "product_code":"cce", - "code":"40", + "code":"41", "des":"This section describes the updates in CCE Kubernetes 1.23.Kubernetes v1.23 Release NotesFlexVolume is deprecated. Use CSI.HorizontalPodAutoscaler v2 is promoted to GA, an", "doc_type":"usermanual2", "kw":"Kubernetes 1.23 (EOM) Release Notes,Kubernetes Version Release Notes,User Guide", @@ -738,7 +756,7 @@ "uri":"cce_bulletin_0026.html", "node_id":"cce_bulletin_0026.xml", "product_code":"cce", - "code":"41", + "code":"42", "des":"This section describes the updates in CCE Kubernetes 1.21.Kubernetes v1.21 Release NotesCronJob is now in the stable state, and the version number changes to batch/v1.The", "doc_type":"usermanual2", "kw":"Kubernetes 1.21 (EOM) Release Notes,Kubernetes Version Release Notes,User Guide", @@ -756,7 +774,7 @@ "uri":"cce_whsnew_0010.html", "node_id":"cce_whsnew_0010.xml", "product_code":"cce", - "code":"42", + "code":"43", "des":"This section describes the updates in CCE Kubernetes 1.19.Kubernetes v1.19 Release NotesvSphere in-tree volumes can be migrated to vSphere CSI drivers. The in-tree vSpher", "doc_type":"usermanual2", "kw":"Kubernetes 1.19 (EOM) Release Notes,Kubernetes Version Release Notes,User Guide", @@ -774,7 +792,7 @@ "uri":"cce_whsnew_0007.html", "node_id":"cce_whsnew_0007.xml", "product_code":"cce", - "code":"43", + "code":"44", "des":"This section describes the updates in CCE Kubernetes 1.17.All resources in the apps/v1beta1 and apps/v1beta2 API versions are no longer served. Migrate to use the apps/v1", "doc_type":"usermanual2", "kw":"Kubernetes 1.17 (EOM) Release Notes,Kubernetes Version Release Notes,User Guide", @@ -792,7 +810,7 @@ "uri":"cce_10_0405.html", "node_id":"cce_10_0405.xml", "product_code":"cce", - "code":"44", + "code":"45", "des":"In CCE clusters of v1.25, containerd is the default runtime for nodes, except for nodes running EulerOS 2.5. In addition, clusters of v1.25 or later no longer support Eul", "doc_type":"usermanual2", "kw":"Patch Version Release Notes,Cluster Version Release Notes,User Guide", @@ -810,7 +828,7 @@ "uri":"cce_10_0298.html", "node_id":"cce_10_0298.xml", "product_code":"cce", - "code":"45", + "code":"46", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual2", "kw":"Creating a Cluster", @@ -828,7 +846,7 @@ "uri":"cce_10_0342.html", "node_id":"cce_10_0342.xml", "product_code":"cce", - "code":"46", + "code":"47", "des":"CCE provides different types of clusters for you to select. The following table lists the differences between them.", "doc_type":"usermanual2", "kw":"Comparison Between Cluster Types,Creating a Cluster,User Guide", @@ -846,8 +864,8 @@ "uri":"cce_10_0028.html", "node_id":"cce_10_0028.xml", "product_code":"cce", - "code":"47", - "des":"On the CCE console, you can easily create Kubernetes clusters. After a cluster is created, the master node is hosted by CCE. You only need to create worker nodes. In this", + "code":"48", + "des":"CCE standard and Turbo clusters provide enterprise-class Kubernetes cluster hosting service that supports full lifecycle management of containerized applications. They of", "doc_type":"usermanual2", "kw":"Creating a CCE Standard/Turbo Cluster,Creating a Cluster,User Guide", "search_title":"", @@ -864,7 +882,7 @@ "uri":"cce_10_0349.html", "node_id":"cce_10_0349.xml", "product_code":"cce", - "code":"48", + "code":"49", "des":"kube-proxy is a key component of a Kubernetes cluster. It is used for load balancing and forwarding data between a Service and its backend pods.CCE supports the iptables ", "doc_type":"usermanual2", "kw":"kube-proxy,iptables,IP Virtual Server (IPVS),forwarding modes,Comparing iptables and IPVS,Creating a", @@ -882,10 +900,10 @@ "uri":"cce_10_0140.html", "node_id":"cce_10_0140.xml", "product_code":"cce", - "code":"49", + "code":"50", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual2", - "kw":"Connecting to a Cluster", + "kw":"Accessing a Cluster", "search_title":"", "metedata":[ { @@ -893,17 +911,35 @@ "documenttype":"usermanual" } ], - "title":"Connecting to a Cluster", + "title":"Accessing a Cluster", + "githuburl":"" + }, + { + "uri":"cce_10_0961.html", + "node_id":"cce_10_0961.xml", + "product_code":"cce", + "code":"51", + "des":"Accessing a cluster involves establishing communication with it and executing cluster management tasks. A CCE cluster is a distributed system consisting of multiple nodes", + "doc_type":"usermanual2", + "kw":"Cluster Access Overview,Accessing a Cluster,User Guide", + "search_title":"", + "metedata":[ + { + "prodname":"cce", + "documenttype":"usermanual" + } + ], + "title":"Cluster Access Overview", "githuburl":"" }, { "uri":"cce_10_0107.html", "node_id":"cce_10_0107.xml", "product_code":"cce", - "code":"50", + "code":"52", "des":"kubectl is a command-line tool provided by Kubernetes, enabling you to manage cluster resources, view cluster status, deploy applications, and debug issues through the CL", "doc_type":"usermanual2", - "kw":"Intranet access,Internet access,kubectl,intranet access,Internet access,Two-Way Authentication for D", + "kw":"Intranet access,Internet access,kubectl,intranet access,Internet access,Two-Way Domain Name Trust,Er", "search_title":"", "metedata":[ { @@ -918,10 +954,10 @@ "uri":"cce_10_0175.html", "node_id":"cce_10_0175.xml", "product_code":"cce", - "code":"51", + "code":"53", "des":"X.509 certificates are essential for verifying identities and encrypting communication within CCE clusters. These certificates enable authorized clients to access target ", "doc_type":"usermanual2", - "kw":"X.509 certificate,Accessing a Cluster Using an X.509 Certificate,Connecting to a Cluster,User Guide", + "kw":"X.509 certificate,Accessing a Cluster Using an X.509 Certificate,Accessing a Cluster,User Guide", "search_title":"", "metedata":[ { @@ -936,10 +972,10 @@ "uri":"cce_10_0367.html", "node_id":"cce_10_0367.xml", "product_code":"cce", - "code":"52", + "code":"54", "des":"Subject Alternative Name (SAN) enables certificates to be associated with multiple values, including IP addresses and domain names. A SAN is usually used by the client to", "doc_type":"usermanual2", - "kw":"SAN,X.509 certificate,Accessing a Cluster Using a Custom Domain Name,Connecting to a Cluster,User Gu", + "kw":"SAN,X.509 certificate,Accessing a Cluster Using a Custom Domain Name,Accessing a Cluster,User Guide", "search_title":"", "metedata":[ { @@ -954,10 +990,10 @@ "uri":"cce_10_0864.html", "node_id":"cce_10_0864.xml", "product_code":"cce", - "code":"53", + "code":"55", "des":"You can bind an EIP to an API server of a Kubernetes cluster so that the API server can access the Internet.Binding an EIP to an API server for Internet access can pose a", "doc_type":"usermanual2", - "kw":"Configuring a Cluster's API Server for Internet Access,Connecting to a Cluster,User Guide", + "kw":"Configuring a Cluster's API Server for Internet Access,Accessing a Cluster,User Guide", "search_title":"", "metedata":[ { @@ -972,10 +1008,10 @@ "uri":"cce_10_0744.html", "node_id":"cce_10_0744.xml", "product_code":"cce", - "code":"54", + "code":"56", "des":"In multi-tenant scenarios, CCE generates a unique credential (such as a kubeconfig file or an X.509 certificate) for each user to access their designated cluster. These c", "doc_type":"usermanual2", - "kw":"Revoking a Cluster Access Credential,Connecting to a Cluster,User Guide", + "kw":"Revoking a Cluster Access Credential,Accessing a Cluster,User Guide", "search_title":"", "metedata":[ { @@ -990,10 +1026,10 @@ "uri":"cce_10_0031.html", "node_id":"cce_10_0031.xml", "product_code":"cce", - "code":"55", + "code":"57", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual2", - "kw":"Managing a Cluster", + "kw":"Managing Clusters", "search_title":"", "metedata":[ { @@ -1001,17 +1037,35 @@ "documenttype":"usermanual" } ], - "title":"Managing a Cluster", + "title":"Managing Clusters", + "githuburl":"" + }, + { + "uri":"cce_10_0962.html", + "node_id":"cce_10_0962.xml", + "product_code":"cce", + "code":"58", + "des":"Efficient, stable operation of containerized applications relies on proper management of CCE standard or Turbo clusters. CCE standard and Turbo clusters offer comprehensi", + "doc_type":"usermanual2", + "kw":"Cluster configuration parameters,change,Cluster Management Overview,Managing Clusters,User Guide", + "search_title":"", + "metedata":[ + { + "prodname":"cce", + "documenttype":"usermanual" + } + ], + "title":"Cluster Management Overview", "githuburl":"" }, { "uri":"cce_10_0213.html", "node_id":"cce_10_0213.xml", "product_code":"cce", - "code":"56", + "code":"59", "des":"Cluster configuration parameters are underlying rules that define node behavior, resource allocation, communication rules, and scaling policies in a distributed system. T", "doc_type":"usermanual2", - "kw":"Cluster configuration parameters,cluster configuration parameters,Cluster configuration parameters,C", + "kw":"Cluster configuration parameters,cluster configuration parameters,Cluster configuration parameters,k", "search_title":"", "metedata":[ { @@ -1026,10 +1080,10 @@ "uri":"cce_10_0602.html", "node_id":"cce_10_0602.xml", "product_code":"cce", - "code":"57", + "code":"60", "des":"Cluster overload occurs when system load such as request volume or resource usage exceeds the system's processing capacity, leading to degraded performance or system fail", "doc_type":"usermanual2", - "kw":"Enabling Overload Control for a Cluster,Managing a Cluster,User Guide", + "kw":"Enabling Overload Control for a Cluster,Managing Clusters,User Guide", "search_title":"", "metedata":[ { @@ -1044,10 +1098,10 @@ "uri":"cce_10_0403.html", "node_id":"cce_10_0403.xml", "product_code":"cce", - "code":"58", + "code":"61", "des":"A cluster scale specifies the maximum number of nodes a cluster can manage. If the current cluster scale cannot meet your requirements, you can scale it out.A cluster tha", "doc_type":"usermanual2", - "kw":"scale it out,Changing a Cluster Scale,Managing a Cluster,User Guide", + "kw":"scale it out,Changing a Cluster Scale,Managing Clusters,User Guide", "search_title":"", "metedata":[ { @@ -1062,10 +1116,10 @@ "uri":"cce_10_0426.html", "node_id":"cce_10_0426.xml", "product_code":"cce", - "code":"59", + "code":"62", "des":"When creating a cluster, you can customize a node security group to centrally manage network security policies. For a created cluster, you can change its default node sec", "doc_type":"usermanual2", - "kw":"Changing the Default Security Group of a Node,Managing a Cluster,User Guide", + "kw":"Changing the Default Security Group of a Node,Managing Clusters,User Guide", "search_title":"", "metedata":[ { @@ -1080,10 +1134,10 @@ "uri":"cce_10_0212.html", "node_id":"cce_10_0212.xml", "product_code":"cce", - "code":"60", + "code":"63", "des":"Deleting a cluster will delete the workloads and Services in the cluster, and the deleted data cannot be recovered. Before performing this operation, ensure that related ", "doc_type":"usermanual2", - "kw":"Deleting a Cluster,Managing a Cluster,User Guide", + "kw":"Deleting a Cluster,Managing Clusters,User Guide", "search_title":"", "metedata":[ { @@ -1098,10 +1152,10 @@ "uri":"cce_10_0927.html", "node_id":"cce_10_0927.xml", "product_code":"cce", - "code":"61", + "code":"64", "des":"Unexpected deletion of clusters can occur in practice, especially when multiple users share an account and accidentally delete clusters that do not belong to them. To pre", "doc_type":"usermanual2", - "kw":"Preventing Cluster Deletion,Managing a Cluster,User Guide", + "kw":"Preventing Cluster Deletion,Managing Clusters,User Guide", "search_title":"", "metedata":[ { @@ -1116,10 +1170,10 @@ "uri":"cce_10_0214.html", "node_id":"cce_10_0214.xml", "product_code":"cce", - "code":"62", + "code":"65", "des":"If a cluster is not needed temporarily, hibernate it to reduce costs.After a cluster is hibernated, resources such as workloads cannot be created or managed in the cluste", "doc_type":"usermanual2", - "kw":"Hibernating or Waking Up a Cluster,Managing a Cluster,User Guide", + "kw":"Hibernating or Waking Up a Cluster,Managing Clusters,User Guide", "search_title":"", "metedata":[ { @@ -1134,7 +1188,7 @@ "uri":"cce_10_0215.html", "node_id":"cce_10_0215.xml", "product_code":"cce", - "code":"63", + "code":"66", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual2", "kw":"Upgrading a Cluster", @@ -1152,7 +1206,7 @@ "uri":"cce_10_0197.html", "node_id":"cce_10_0197.xml", "product_code":"cce", - "code":"64", + "code":"67", "des":"CCE strictly complies with community consistency authentication. It releases three Kubernetes versions each year and offers a maintenance period of at least 24 months aft", "doc_type":"usermanual2", "kw":"cluster upgrade process,Node Priority,In-place upgrade,Cluster Upgrade Overview,Upgrading a Cluster,", @@ -1170,7 +1224,7 @@ "uri":"cce_10_0302.html", "node_id":"cce_10_0302.xml", "product_code":"cce", - "code":"65", + "code":"68", "des":"Before the upgrade, you can check whether your cluster can be upgraded and which versions are available on the CCE console. For details, see Cluster Upgrade Overview.Befo", "doc_type":"usermanual2", "kw":"Deprecated APIs,Before You Start,Upgrading a Cluster,User Guide", @@ -1188,7 +1242,7 @@ "uri":"cce_10_0560.html", "node_id":"cce_10_0560.xml", "product_code":"cce", - "code":"66", + "code":"69", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual2", "kw":"Performing Post-Upgrade Verification", @@ -1206,7 +1260,7 @@ "uri":"cce_10_0568.html", "node_id":"cce_10_0568.xml", "product_code":"cce", - "code":"67", + "code":"70", "des":"After a cluster is upgraded, check whether the cluster is in the Running state.CCE automatically checks your cluster status. Go to the cluster list page and confirm the c", "doc_type":"usermanual2", "kw":"Cluster Status Check,Performing Post-Upgrade Verification,User Guide", @@ -1224,7 +1278,7 @@ "uri":"cce_10_0569.html", "node_id":"cce_10_0569.xml", "product_code":"cce", - "code":"68", + "code":"71", "des":"After a cluster is upgraded, check whether nodes in the cluster are in the Running state.CCE automatically checks your node statuses. Go to the node list page and confirm", "doc_type":"usermanual2", "kw":"Node Status Check,Performing Post-Upgrade Verification,User Guide", @@ -1242,7 +1296,7 @@ "uri":"cce_10_0567.html", "node_id":"cce_10_0567.xml", "product_code":"cce", - "code":"69", + "code":"72", "des":"After a cluster is upgraded, check whether there are any nodes that skip the upgrade in the cluster. These nodes may affect the proper running of the cluster.CCE automati", "doc_type":"usermanual2", "kw":"Node Skipping Check,Performing Post-Upgrade Verification,User Guide", @@ -1260,7 +1314,7 @@ "uri":"cce_10_0561.html", "node_id":"cce_10_0561.xml", "product_code":"cce", - "code":"70", + "code":"73", "des":"After a cluster is upgraded, check whether its services are running properly.Different services have different verification mode. Select a suitable one and verify the ser", "doc_type":"usermanual2", "kw":"Service Check,Performing Post-Upgrade Verification,User Guide", @@ -1278,7 +1332,7 @@ "uri":"cce_10_0565.html", "node_id":"cce_10_0565.xml", "product_code":"cce", - "code":"71", + "code":"74", "des":"Check whether nodes can be created in the cluster.If nodes cannot be created in your cluster after the cluster is upgraded, contact technical support.", "doc_type":"usermanual2", "kw":"New Node Check,Performing Post-Upgrade Verification,User Guide", @@ -1296,7 +1350,7 @@ "uri":"cce_10_0566.html", "node_id":"cce_10_0566.xml", "product_code":"cce", - "code":"72", + "code":"75", "des":"Check whether pods can be created on the existing nodes after the cluster is upgraded.Check whether pods can be created on new nodes after the cluster is upgraded.After c", "doc_type":"usermanual2", "kw":"New Pod Check,Performing Post-Upgrade Verification,User Guide", @@ -1314,7 +1368,7 @@ "uri":"cce_10_0210.html", "node_id":"cce_10_0210.xml", "product_code":"cce", - "code":"73", + "code":"76", "des":"This section describes how to migrate services from a cluster of an earlier version to a cluster of a later version in CCE.This operation is applicable when a cross-versi", "doc_type":"usermanual2", "kw":"Migrating Services Across Clusters of Different Versions,Upgrading a Cluster,User Guide", @@ -1332,7 +1386,7 @@ "uri":"cce_10_0550.html", "node_id":"cce_10_0550.xml", "product_code":"cce", - "code":"74", + "code":"77", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual2", "kw":"Troubleshooting for Pre-upgrade Check Exceptions", @@ -1350,7 +1404,7 @@ "uri":"cce_10_0549.html", "node_id":"cce_10_0549.xml", "product_code":"cce", - "code":"75", + "code":"78", "des":"The system automatically checks a cluster before its upgrade. If the cluster does not meet the pre-upgrade check conditions, the upgrade cannot continue. To avoid risks, ", "doc_type":"usermanual2", "kw":"Pre-upgrade Check,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -1368,7 +1422,7 @@ "uri":"cce_10_0431.html", "node_id":"cce_10_0431.xml", "product_code":"cce", - "code":"76", + "code":"79", "des":"Check the following items:Check whether the node is available.Check whether the node OS supports the upgrade.Check whether the node is marked with unexpected node pool la", "doc_type":"usermanual2", "kw":"Node Restrictions,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -1386,7 +1440,7 @@ "uri":"cce_10_0432.html", "node_id":"cce_10_0432.xml", "product_code":"cce", - "code":"77", + "code":"80", "des":"Check whether the target cluster is under upgrade management.CCE may temporarily restrict the cluster upgrade due to the following reasons:The cluster is identified as th", "doc_type":"usermanual2", "kw":"Upgrade Management,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -1404,7 +1458,7 @@ "uri":"cce_10_0433.html", "node_id":"cce_10_0433.xml", "product_code":"cce", - "code":"78", + "code":"81", "des":"Check the following items:Check whether the add-on status is normal.Check whether the add-on supports the target version.Scenario 1: The add-on malfunctions.Log in to the", "doc_type":"usermanual2", "kw":"Add-ons,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -1422,7 +1476,7 @@ "uri":"cce_10_0434.html", "node_id":"cce_10_0434.xml", "product_code":"cce", - "code":"79", + "code":"82", "des":"Check whether the current HelmRelease record contains discarded Kubernetes APIs that are not supported by the target cluster version. If yes, the Helm chart may be unavai", "doc_type":"usermanual2", "kw":"Helm Charts,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -1440,7 +1494,7 @@ "uri":"cce_10_0435.html", "node_id":"cce_10_0435.xml", "product_code":"cce", - "code":"80", + "code":"83", "des":"Check whether your master nodes can be accessed using SSH.There is a low probability that the SSH connectivity check fails due to network fluctuations. Perform the pre-up", "doc_type":"usermanual2", "kw":"SSH Connectivity of Master Nodes,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -1458,7 +1512,7 @@ "uri":"cce_10_0436.html", "node_id":"cce_10_0436.xml", "product_code":"cce", - "code":"81", + "code":"84", "des":"Check the node pool status.Check whether the node pool OS or container runtime is supported after the upgrade.Scenario: The node pool malfunctions.Log in to the CCE conso", "doc_type":"usermanual2", "kw":"Node Pools,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -1476,7 +1530,7 @@ "uri":"cce_10_0437.html", "node_id":"cce_10_0437.xml", "product_code":"cce", - "code":"82", + "code":"85", "des":"Check whether the Protocol & Port of the worker node security groups is set to ICMP: All and whether the security group rule with the source IP address set to the master ", "doc_type":"usermanual2", "kw":"Security Groups,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -1494,7 +1548,7 @@ "uri":"cce_10_0439.html", "node_id":"cce_10_0439.xml", "product_code":"cce", - "code":"83", + "code":"86", "des":"Check whether nodes need to be migrated.This issue is caused by either an error in the node's package pull component or the absence of key system components on the node, ", "doc_type":"usermanual2", "kw":"Residual Nodes,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -1512,8 +1566,8 @@ "uri":"cce_10_0440.html", "node_id":"cce_10_0440.xml", "product_code":"cce", - "code":"84", - "des":"Check whether there are discarded resources in the clusters.Scenario 1: The Service in the clusters of v1.25 or later has discarded annotation tolerate-unready-endpoints.", + "code":"87", + "des":"Check whether there are discarded resources in the clusters.Scenario 1: The Service in the clusters of v1.25 or later has deprecated annotation tolerate-unready-endpoints", "doc_type":"usermanual2", "kw":"Discarded Kubernetes Resources,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", "search_title":"", @@ -1530,7 +1584,7 @@ "uri":"cce_10_0441.html", "node_id":"cce_10_0441.xml", "product_code":"cce", - "code":"85", + "code":"88", "des":"Read the version compatibility differences and ensure that they are not affected. The patch upgrade does not involve version compatibility differences.", "doc_type":"usermanual2", "kw":"Compatibility Risks,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -1548,7 +1602,7 @@ "uri":"cce_10_0442.html", "node_id":"cce_10_0442.xml", "product_code":"cce", - "code":"86", + "code":"89", "des":"Check whether cce-agent on the current node is of the latest version.Scenario 1: The error message \"you cce-agent no update, please restart it\" is displayed.This issue oc", "doc_type":"usermanual2", "kw":"CCE Agent Versions,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -1566,7 +1620,7 @@ "uri":"cce_10_0443.html", "node_id":"cce_10_0443.xml", "product_code":"cce", - "code":"87", + "code":"90", "des":"Check whether the node's CPU usage is above 90%.Upgrade the cluster during off-peak hours.Check whether too many pods are deployed on the node. If yes, reschedule pods to", "doc_type":"usermanual2", "kw":"Node CPU Usage,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -1584,7 +1638,7 @@ "uri":"cce_10_0444.html", "node_id":"cce_10_0444.xml", "product_code":"cce", - "code":"88", + "code":"91", "des":"Check the following items:Check whether the key CRD packageversions.version.cce.io of the cluster is deleted.Check whether the cluster key CRD network-attachment-definiti", "doc_type":"usermanual2", "kw":"CRDs,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -1602,8 +1656,8 @@ "uri":"cce_10_0445.html", "node_id":"cce_10_0445.xml", "product_code":"cce", - "code":"89", - "des":"Check the following items:Check whether the key data disks on the node meet the upgrade requirements.Check whether the /tmp directory has 500 MB available space.During th", + "code":"92", + "des":"Check the following items:Check whether the key data disks on the node meet the upgrade requirements.Check whether the /tmp directory has 500 MB of available space.During", "doc_type":"usermanual2", "kw":"Node Disks,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", "search_title":"", @@ -1620,7 +1674,7 @@ "uri":"cce_10_0446.html", "node_id":"cce_10_0446.xml", "product_code":"cce", - "code":"90", + "code":"93", "des":"Check the following items:Check whether the DNS configuration of the current node can resolve the OBS address.Check whether the current node can access the OBS address of", "doc_type":"usermanual2", "kw":"Node DNS,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -1638,8 +1692,8 @@ "uri":"cce_10_0447.html", "node_id":"cce_10_0447.xml", "product_code":"cce", - "code":"91", - "des":"Check whether the owner and owner group of the files in the /var/paas directory used by the CCE are both paas.Scenario 1: The error message \"xx file permission has been c", + "code":"94", + "des":"Check whether the root directory permissions are properly assigned.Scenario 1: The error message \"user paas must have at least read and execute permissions on the root di", "doc_type":"usermanual2", "kw":"Node Key Directory File Permissions,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", "search_title":"", @@ -1656,8 +1710,8 @@ "uri":"cce_10_0448.html", "node_id":"cce_10_0448.xml", "product_code":"cce", - "code":"92", - "des":"Check whether the kubelet on the node is running properly.Scenario 1: The kubelet status is abnormal.If the kubelet malfunctions, the node will be unavailable. Restore th", + "code":"95", + "des":"Check whether the kubelet on the node is running properly.Scenario: The kubelet status is abnormal.If the kubelet malfunctions, the node will be unavailable. Restore the ", "doc_type":"usermanual2", "kw":"kubelet,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", "search_title":"", @@ -1674,8 +1728,8 @@ "uri":"cce_10_0449.html", "node_id":"cce_10_0449.xml", "product_code":"cce", - "code":"93", - "des":"Check whether the node's memory usage is above 90%.Upgrade the cluster during off-peak hours.Check whether too many pods are deployed on the node. If yes, reschedule pods", + "code":"96", + "des":"Check whether the node's memory usage is above 90%.Upgrade the cluster during off-peak hours.Log in to the node, run the top command to obtain the memory usage of the pro", "doc_type":"usermanual2", "kw":"Node Memory,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", "search_title":"", @@ -1692,7 +1746,7 @@ "uri":"cce_10_0450.html", "node_id":"cce_10_0450.xml", "product_code":"cce", - "code":"94", + "code":"97", "des":"Check whether the clock synchronization server ntpd or chronyd of the node is running properly.Scenario 1: ntpd is running abnormally.Log in to the node and run the syste", "doc_type":"usermanual2", "kw":"Node Clock Synchronization Server,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -1710,7 +1764,7 @@ "uri":"cce_10_0451.html", "node_id":"cce_10_0451.xml", "product_code":"cce", - "code":"95", + "code":"98", "des":"Check whether the OS kernel version of the node is supported by CCE.Case 1: The node image is not a standard CCE image.CCE nodes run depending on the initial standard ker", "doc_type":"usermanual2", "kw":"Node OS,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -1728,7 +1782,7 @@ "uri":"cce_10_0452.html", "node_id":"cce_10_0452.xml", "product_code":"cce", - "code":"96", + "code":"99", "des":"Verify that the master nodes in your cluster have more than 2 CPU cores.The master nodes have only 2 CPU cores, which may lead to a cluster upgrade failure.Contact techni", "doc_type":"usermanual2", "kw":"Node CPU Cores,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -1746,7 +1800,7 @@ "uri":"cce_10_0453.html", "node_id":"cce_10_0453.xml", "product_code":"cce", - "code":"97", + "code":"100", "des":"Check whether the Python commands are available on a node.If the command output is not 0, the check fails.Reset the node or manually install Python before attempting the ", "doc_type":"usermanual2", "kw":"Node Python Commands,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -1764,7 +1818,7 @@ "uri":"cce_10_0455.html", "node_id":"cce_10_0455.xml", "product_code":"cce", - "code":"98", + "code":"101", "des":"Check whether the nodes in the cluster are ready.Scenario 1: The nodes are in the unavailable status.Log in to the CCE console and click the cluster name to access the cl", "doc_type":"usermanual2", "kw":"Node Readiness,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -1782,7 +1836,7 @@ "uri":"cce_10_0456.html", "node_id":"cce_10_0456.xml", "product_code":"cce", - "code":"99", + "code":"102", "des":"Check whether journald of a node is normal.Log in to the node and run the systemctl is-active systemd-journald command to obtain the running status of journald. If the co", "doc_type":"usermanual2", "kw":"Node journald,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -1800,7 +1854,7 @@ "uri":"cce_10_0457.html", "node_id":"cce_10_0457.xml", "product_code":"cce", - "code":"100", + "code":"103", "des":"Check whether the containerd.sock file is on the node. This file affects the startup of container runtime in the Euler OS.Scenario: The Docker used by the node is the cus", "doc_type":"usermanual2", "kw":"containerd.sock,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -1818,7 +1872,7 @@ "uri":"cce_10_0458.html", "node_id":"cce_10_0458.xml", "product_code":"cce", - "code":"101", + "code":"104", "des":"This check item is not typical and implies that an internal error was found during the pre-upgrade check.Perform the pre-upgrade check again.If it fails again, submit a s", "doc_type":"usermanual2", "kw":"Internal Error,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -1836,7 +1890,7 @@ "uri":"cce_10_0459.html", "node_id":"cce_10_0459.xml", "product_code":"cce", - "code":"102", + "code":"105", "des":"Check whether there are inaccessible mount points on the node.Scenario: There are inaccessible mount points on the node.If NFS (such as obsfs or SFS) is used by the node ", "doc_type":"usermanual2", "kw":"Node Mount Points,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -1854,7 +1908,7 @@ "uri":"cce_10_0460.html", "node_id":"cce_10_0460.xml", "product_code":"cce", - "code":"103", + "code":"106", "des":"Check whether the taint needed for cluster upgrade exists on the node.Scenario 1: The node is skipped during the cluster upgrade.If the version of the node is different f", "doc_type":"usermanual2", "kw":"Kubernetes Node Taints,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -1872,7 +1926,7 @@ "uri":"cce_10_0478.html", "node_id":"cce_10_0478.xml", "product_code":"cce", - "code":"104", + "code":"107", "des":"Check whether there are any compatibility restrictions on the current Everest add-on.There are compatibility restrictions on the current Everest add-on and it cannot be u", "doc_type":"usermanual2", "kw":"Everest Restrictions,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -1890,7 +1944,7 @@ "uri":"cce_10_0479.html", "node_id":"cce_10_0479.xml", "product_code":"cce", - "code":"105", + "code":"108", "des":"Check whether there are compatibility limitations between the current and target cce-controller-hpa add-on versions.There are compatibility limitations between the curren", "doc_type":"usermanual2", "kw":"cce-hpa-controller Limitations,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -1908,7 +1962,7 @@ "uri":"cce_10_0480.html", "node_id":"cce_10_0480.xml", "product_code":"cce", - "code":"106", + "code":"109", "des":"Check whether the current cluster version and the target version support enhanced CPU policy.Scenario: Only the current cluster version supports the enhanced CPU policy f", "doc_type":"usermanual2", "kw":"Enhanced CPU Policies,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -1926,7 +1980,7 @@ "uri":"cce_10_0484.html", "node_id":"cce_10_0484.xml", "product_code":"cce", - "code":"107", + "code":"110", "des":"Check whether the container runtime and network components on the worker nodes are healthy.Issue 1: CNI Agent is not active.If your cluster version is earlier than v1.17.", "doc_type":"usermanual2", "kw":"Health of Worker Node Components,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -1944,7 +1998,7 @@ "uri":"cce_10_0485.html", "node_id":"cce_10_0485.xml", "product_code":"cce", - "code":"108", + "code":"111", "des":"Check whether cluster components such as the Kubernetes component, container runtime component, and network component are running properly before the upgrade.Perform the ", "doc_type":"usermanual2", "kw":"Health of Master Node Components,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -1962,7 +2016,7 @@ "uri":"cce_10_0486.html", "node_id":"cce_10_0486.xml", "product_code":"cce", - "code":"109", + "code":"112", "des":"Check whether the resources of Kubernetes components, such as etcd and kube-controller-manager, exceed the upper limit.Solution 1: Reduce Kubernetes resources that are ne", "doc_type":"usermanual2", "kw":"Memory Resource Limit of Kubernetes Components,Troubleshooting for Pre-upgrade Check Exceptions,User", @@ -1980,7 +2034,7 @@ "uri":"cce_10_0487.html", "node_id":"cce_10_0487.xml", "product_code":"cce", - "code":"110", + "code":"113", "des":"The system scans the audit logs of the past day to check whether the user calls the deprecated APIs of the target Kubernetes version.Due to the limited time range of audi", "doc_type":"usermanual2", "kw":"Discarded Kubernetes APIs,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -1998,7 +2052,7 @@ "uri":"cce_10_0488.html", "node_id":"cce_10_0488.xml", "product_code":"cce", - "code":"111", + "code":"114", "des":"If IPv6 is enabled for a CCE Turbo cluster, check whether the target cluster version supports IPv6.CCE Turbo clusters support IPv6 since v1.23. This feature is available ", "doc_type":"usermanual2", "kw":"IPv6 Support in CCE Turbo Clusters,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -2016,7 +2070,7 @@ "uri":"cce_10_0489.html", "node_id":"cce_10_0489.xml", "product_code":"cce", - "code":"112", + "code":"115", "des":"Check whether NetworkManager of a node is normal.Log in to the node and run the systemctl is-active NetworkManager command to obtain the running status of NetworkManager.", "doc_type":"usermanual2", "kw":"NetworkManager,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -2034,7 +2088,7 @@ "uri":"cce_10_0490.html", "node_id":"cce_10_0490.xml", "product_code":"cce", - "code":"113", + "code":"116", "des":"Check the ID file format.", "doc_type":"usermanual2", "kw":"Node ID File,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -2052,8 +2106,8 @@ "uri":"cce_10_0491.html", "node_id":"cce_10_0491.xml", "product_code":"cce", - "code":"114", - "des":"When you upgrade a cluster to v1.19 or later, the system checks whether the following configuration files have been modified on the backend:/opt/cloud/cce/kubernetes/kube", + "code":"117", + "des":"When you upgrade a cluster to v1.19 or later, CCE checks whether the following configuration files have been modified on the backend:/opt/cloud/cce/kubernetes/kubelet/kub", "doc_type":"usermanual2", "kw":"Node Configuration Consistency,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", "search_title":"", @@ -2070,7 +2124,7 @@ "uri":"cce_10_0492.html", "node_id":"cce_10_0492.xml", "product_code":"cce", - "code":"115", + "code":"118", "des":"Check whether the configuration files of key components exist on the node.The following table lists the files to be checked.Reset the node. For details, see Resetting a N", "doc_type":"usermanual2", "kw":"Node Configuration File,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -2088,7 +2142,7 @@ "uri":"cce_10_0493.html", "node_id":"cce_10_0493.xml", "product_code":"cce", - "code":"116", + "code":"119", "des":"Check whether the current CoreDNS key configuration Corefile is different from the Helm release record. The difference may be overwritten during the add-on upgrade, affec", "doc_type":"usermanual2", "kw":"CoreDNS Configuration Consistency,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -2106,7 +2160,7 @@ "uri":"cce_10_0494.html", "node_id":"cce_10_0494.xml", "product_code":"cce", - "code":"117", + "code":"120", "des":"Check whether the sudo commands and sudo-related files of the node are working.Scenario 1: The sudo command fails to be executed.During the in-place cluster upgrade, the ", "doc_type":"usermanual2", "kw":"sudo,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -2124,8 +2178,8 @@ "uri":"cce_10_0495.html", "node_id":"cce_10_0495.xml", "product_code":"cce", - "code":"118", - "des":"Whether some key commands that the node upgrade depends on are workingScenario 1: Executing the package manager command failed.Executing the rpm or dpkg command failed. I", + "code":"121", + "des":"Whether some key commands that the node upgrade depends on are workingScenario 1: The RPM package manager command fails to be executed.The rpm command fails to be execute", "doc_type":"usermanual2", "kw":"Key Node Commands,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", "search_title":"", @@ -2142,7 +2196,7 @@ "uri":"cce_10_0496.html", "node_id":"cce_10_0496.xml", "product_code":"cce", - "code":"119", + "code":"122", "des":"Check whether the docker/containerd.sock file is directly mounted to the pods on a node. During an upgrade, Docker or containerd restarts and the sock file on the host ch", "doc_type":"usermanual2", "kw":"Mounting of a Sock File on a Node,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -2160,7 +2214,7 @@ "uri":"cce_10_0497.html", "node_id":"cce_10_0497.xml", "product_code":"cce", - "code":"120", + "code":"123", "des":"Check whether the certificate used by an HTTPS load balancer has been modified on ELB.The certificate referenced by an HTTPS ingress created on CCE is modified on the ELB", "doc_type":"usermanual2", "kw":"HTTPS Load Balancer Certificate Consistency,Troubleshooting for Pre-upgrade Check Exceptions,User Gu", @@ -2178,8 +2232,8 @@ "uri":"cce_10_0498.html", "node_id":"cce_10_0498.xml", "product_code":"cce", - "code":"121", - "des":"Check whether the default mount directory and soft link on the node have been manually mounted or modified.Non-shared diskBy default, /var/lib/docker, containerd, or /mnt", + "code":"124", + "des":"This section describes how to diagnose and fix node-mount failures caused by CCE storage misconfigurations.Check item 1: mount point conflictsCheck ContentVerify that all", "doc_type":"usermanual2", "kw":"Node Mounting,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", "search_title":"", @@ -2196,7 +2250,7 @@ "uri":"cce_10_0499.html", "node_id":"cce_10_0499.xml", "product_code":"cce", - "code":"122", + "code":"125", "des":"Check whether user paas is allowed to log in to a node.Run the following command to check whether user paas is allowed to log in to a node:If the permissions assigned to ", "doc_type":"usermanual2", "kw":"Login Permissions of User paas on a Node,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -2214,7 +2268,7 @@ "uri":"cce_10_0500.html", "node_id":"cce_10_0500.xml", "product_code":"cce", - "code":"123", + "code":"126", "des":"Check whether the load balancer associated with a Service is allocated with a private IPv4 address.Solution 1: Delete the Service that is associated with a load balancer ", "doc_type":"usermanual2", "kw":"Private IPv4 Addresses of Load Balancers,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -2232,7 +2286,7 @@ "uri":"cce_10_0501.html", "node_id":"cce_10_0501.xml", "product_code":"cce", - "code":"124", + "code":"127", "des":"Check the historical upgrade records of the cluster and confirm that the current version of the cluster meets the requirements for upgrading to the target version.Upgradi", "doc_type":"usermanual2", "kw":"Historical Upgrade Records,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -2250,7 +2304,7 @@ "uri":"cce_10_0502.html", "node_id":"cce_10_0502.xml", "product_code":"cce", - "code":"125", + "code":"128", "des":"Check whether the CIDR block of the cluster management plane is the same as that configured on the backbone network.The CIDR block of the management plane has been modifi", "doc_type":"usermanual2", "kw":"CIDR Block of the Cluster Management Plane,Troubleshooting for Pre-upgrade Check Exceptions,User Gui", @@ -2268,10 +2322,10 @@ "uri":"cce_10_0503.html", "node_id":"cce_10_0503.xml", "product_code":"cce", - "code":"126", - "des":"CCE AI Suite (NVIDIA GPU) is involved in the upgrade, which may affect the GPU driver installation during the creation of a GPU node.The driver of CCE AI Suite (NVIDIA GP", + "code":"129", + "des":"Check whether CCE AI Suite (NVIDIA GPU) involved in the upgrade affects the GPU driver installation when creating a GPU node.The driver of CCE AI Suite (NVIDIA GPU) needs", "doc_type":"usermanual2", - "kw":"CCE AI Suite (NVIDIA GPU),Troubleshooting for Pre-upgrade Check Exceptions,User Guide", + "kw":"CCE AI Suite (NVIDIA GPU) Exceptions,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", "search_title":"", "metedata":[ { @@ -2279,14 +2333,14 @@ "documenttype":"usermanual" } ], - "title":"CCE AI Suite (NVIDIA GPU)", + "title":"CCE AI Suite (NVIDIA GPU) Exceptions", "githuburl":"" }, { "uri":"cce_10_0504.html", "node_id":"cce_10_0504.xml", "product_code":"cce", - "code":"127", + "code":"130", "des":"Check whether the default system parameter settings on your nodes are modified.If the MTU value of the bond0 network on your BMS node is not the default value 1500, this ", "doc_type":"usermanual2", "kw":"Nodes' System Parameters,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -2304,8 +2358,8 @@ "uri":"cce_10_0505.html", "node_id":"cce_10_0505.xml", "product_code":"cce", - "code":"128", - "des":"Check whether there are residual package version data in the current cluster.A message is displayed indicating that there are residual 10.12.1.109 CRD resources in your c", + "code":"131", + "des":"Check whether there is residual package version data in the current cluster.A message is displayed indicating that there are residual 10.12.1.109 CRD resources in your cl", "doc_type":"usermanual2", "kw":"Residual Package Version Data,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", "search_title":"", @@ -2322,7 +2376,7 @@ "uri":"cce_10_0506.html", "node_id":"cce_10_0506.xml", "product_code":"cce", - "code":"129", + "code":"132", "des":"Check whether the commands required for the upgrade are available on the node.The cluster upgrade failure is typically caused by the lack of key node commands that are re", "doc_type":"usermanual2", "kw":"Node Commands,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -2340,7 +2394,7 @@ "uri":"cce_10_0507.html", "node_id":"cce_10_0507.xml", "product_code":"cce", - "code":"130", + "code":"133", "des":"Check whether swap has been enabled on CCE nodes.By default, swap is disabled on CCE nodes. Check the necessity of enabling swap manually and determine the impact of disa", "doc_type":"usermanual2", "kw":"Node Swap,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -2358,7 +2412,7 @@ "uri":"cce_10_0508.html", "node_id":"cce_10_0508.xml", "product_code":"cce", - "code":"131", + "code":"134", "des":"Check item 1: Check whether there is an Nginx Ingress route whose ingress type is not specified (kubernetes.io/ingress.class: nginx is not added to annotations) in the cl", "doc_type":"usermanual2", "kw":"NGINX Ingress Controller,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -2376,7 +2430,7 @@ "uri":"cce_10_0510.html", "node_id":"cce_10_0510.xml", "product_code":"cce", - "code":"132", + "code":"135", "des":"Check whether the service pods running on a containerd node are restarted when containerd is upgraded.containerd on your node may need to be restarted. To minimize the im", "doc_type":"usermanual2", "kw":"containerd Pod Restart Risks,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -2394,7 +2448,7 @@ "uri":"cce_10_0511.html", "node_id":"cce_10_0511.xml", "product_code":"cce", - "code":"133", + "code":"136", "des":"Check whether the configuration of CCE AI Suite (NVIDIA GPU) in a cluster has been intrusively modified. If so, upgrading the cluster may fail.", "doc_type":"usermanual2", "kw":"Key CCE AI Suite (NVIDIA GPU) Parameters,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -2412,7 +2466,7 @@ "uri":"cce_10_0512.html", "node_id":"cce_10_0512.xml", "product_code":"cce", - "code":"134", + "code":"137", "des":"Check whether GPU service pods are rebuilt in a cluster when kubelet is restarted during the upgrade of the cluster.Upgrade the cluster when the impact on services is con", "doc_type":"usermanual2", "kw":"GPU Pod Rebuild Risks,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -2430,7 +2484,7 @@ "uri":"cce_10_0513.html", "node_id":"cce_10_0513.xml", "product_code":"cce", - "code":"135", + "code":"138", "des":"Check whether ELB listener access control has been configured using annotations for the Services in the current cluster.If so, check whether their configurations are corr", "doc_type":"usermanual2", "kw":"ELB Listener Access Control,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -2448,7 +2502,7 @@ "uri":"cce_10_0514.html", "node_id":"cce_10_0514.xml", "product_code":"cce", - "code":"136", + "code":"139", "des":"Check whether the flavor of the master nodes in the cluster is the same as the actual flavor of these nodes.This issue is typically caused by modifications made to the ma", "doc_type":"usermanual2", "kw":"Master Node Flavor,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -2466,7 +2520,7 @@ "uri":"cce_10_0515.html", "node_id":"cce_10_0515.xml", "product_code":"cce", - "code":"137", + "code":"140", "des":"Check whether the number of available IP addresses in the cluster subnet supports rolling upgrade.Rolling upgrade is not supported if there are not enough IP addresses in", "doc_type":"usermanual2", "kw":"Subnet Quota of Master Nodes,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -2484,7 +2538,7 @@ "uri":"cce_10_0516.html", "node_id":"cce_10_0516.xml", "product_code":"cce", - "code":"138", + "code":"141", "des":"Check whether an alarm is generated when a cluster is upgraded to v1.27 or later. Do not use Docker in clusters of versions later than 1.27.If your node's runtime is not ", "doc_type":"usermanual2", "kw":"Node Runtime,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -2502,7 +2556,7 @@ "uri":"cce_10_0517.html", "node_id":"cce_10_0517.xml", "product_code":"cce", - "code":"139", + "code":"142", "des":"Check whether an alarm is generated when a cluster is upgraded to v1.27 or later. Do not use Docker in clusters of versions later than 1.27.If your node pool's runtime is", "doc_type":"usermanual2", "kw":"Node Pool Runtime,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -2520,7 +2574,7 @@ "uri":"cce_10_0518.html", "node_id":"cce_10_0518.xml", "product_code":"cce", - "code":"140", + "code":"143", "des":"Check the number of images on your node. If there are more than 1000 images, it takes a long time for Docker to start, affecting the standard Docker output and functions ", "doc_type":"usermanual2", "kw":"Number of Node Images,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -2538,10 +2592,10 @@ "uri":"cce_10_0520.html", "node_id":"cce_10_0520.xml", "product_code":"cce", - "code":"141", - "des":"Check whether the target version supports secret encryption. If it does not, clusters that have this feature enabled cannot be upgraded to the target version.Secret encry", + "code":"144", + "des":"Check whether the target version supports at-rest encryption for secrets. If it does not, clusters that have this feature enabled cannot be upgraded to the target version", "doc_type":"usermanual2", - "kw":"Compatibility Check of Secret Encryption,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", + "kw":"Compatibility Check of At-Rest Encryption for Secrets,Troubleshooting for Pre-upgrade Check Exceptio", "search_title":"", "metedata":[ { @@ -2549,14 +2603,14 @@ "documenttype":"usermanual" } ], - "title":"Compatibility Check of Secret Encryption", + "title":"Compatibility Check of At-Rest Encryption for Secrets", "githuburl":"" }, { "uri":"cce_10_0521.html", "node_id":"cce_10_0521.xml", "product_code":"cce", - "code":"142", + "code":"145", "des":"Make sure that CCE AI Suite (NVIDIA GPU) and Ubuntu nodes are compatible before using them in a cluster. If the Ubuntu kernel is 5.15.0-113-generic, the driver of the GPU", "doc_type":"usermanual2", "kw":"Compatibility Between the Ubuntu Kernel and GPU Driver,Troubleshooting for Pre-upgrade Check Excepti", @@ -2574,7 +2628,7 @@ "uri":"cce_10_0522.html", "node_id":"cce_10_0522.xml", "product_code":"cce", - "code":"143", + "code":"146", "des":"An unfinished drainage task is detected in the cluster, which may resume after the upgrade. If this happens, running pods will be evicted, which could impact your service", "doc_type":"usermanual2", "kw":"Drainage Tasks,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -2592,7 +2646,7 @@ "uri":"cce_10_0523.html", "node_id":"cce_10_0523.xml", "product_code":"cce", - "code":"144", + "code":"147", "des":"Check the number of image layers on your node. If there are more than 5000 layers, it will take a long time for Docker or containerd to start, affecting the stdout of Doc", "doc_type":"usermanual2", "kw":"Image Layers on a Node,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -2610,7 +2664,7 @@ "uri":"cce_10_0524.html", "node_id":"cce_10_0524.xml", "product_code":"cce", - "code":"145", + "code":"148", "des":"Check whether your cluster is eligible for a rolling upgrade. The result shows that the rolling upgrade is not supported.Rolling upgrades cannot be performed if the tenan", "doc_type":"usermanual2", "kw":"Cluster Rolling Upgrade,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -2628,7 +2682,7 @@ "uri":"cce_10_0525.html", "node_id":"cce_10_0525.xml", "product_code":"cce", - "code":"146", + "code":"149", "des":"Check whether the number of certificates on your node is greater than 1000. During an upgrade, certificate files will be processed in batches. An excessive number of cert", "doc_type":"usermanual2", "kw":"Rotation Certificates,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -2646,7 +2700,7 @@ "uri":"cce_10_0526.html", "node_id":"cce_10_0526.xml", "product_code":"cce", - "code":"147", + "code":"150", "des":"Check whether any modifications have been made to the listener, forwarding policy, forwarding rule, backend cloud server group, backend cloud server, or certificate confi", "doc_type":"usermanual2", "kw":"Ingress and ELB Configuration Consistency,Troubleshooting for Pre-upgrade Check Exceptions,User Guid", @@ -2664,7 +2718,7 @@ "uri":"cce_10_0527.html", "node_id":"cce_10_0527.xml", "product_code":"cce", - "code":"148", + "code":"151", "des":"Check the network policy settings on the master nodes in your cluster. If any manual modifications have been made, they will be reset during the upgrade.Check whether net", "doc_type":"usermanual2", "kw":"Network Policies of Cluster Network Components,Troubleshooting for Pre-upgrade Check Exceptions,User", @@ -2682,7 +2736,7 @@ "uri":"cce_10_0528.html", "node_id":"cce_10_0528.xml", "product_code":"cce", - "code":"149", + "code":"152", "des":"Check whether the nic-max-above-warm-target value configured for the network component of the current cluster exceeds the maximum value allowed.Determine the scope of imp", "doc_type":"usermanual2", "kw":"Cluster and Node Pool Configurations,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -2700,7 +2754,7 @@ "uri":"cce_10_0529.html", "node_id":"cce_10_0529.xml", "product_code":"cce", - "code":"150", + "code":"153", "des":"Check whether the time zone of the master nodes matches the cluster's time zone. If they are different, the master nodes will be updated to match the cluster's time zone ", "doc_type":"usermanual2", "kw":"Time Zone of Master Nodes,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -2718,7 +2772,7 @@ "uri":"cce_10_0530.html", "node_id":"cce_10_0530.xml", "product_code":"cce", - "code":"151", + "code":"154", "des":"Check whether the SNATIPRanges value has changed after the upgrade. This check is available only for CCE Turbo clusters.In a CCE Turbo cluster, the CIDR blocks in SNATIPR", "doc_type":"usermanual2", "kw":"SNATIPRanges,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", @@ -2736,8 +2790,8 @@ "uri":"cce_10_0531.html", "node_id":"cce_10_0531.xml", "product_code":"cce", - "code":"152", - "des":"Manual modifications to add-on configuration parameters (typically ConfigMaps), instead of modifications through the CCE console or APIs, may be overwritten after an upgr", + "code":"155", + "des":"Manual modifications to add-on configuration parameters (typically ConfigMaps), instead of modifications through the CCE console or add-on API updates, may be overwritten", "doc_type":"usermanual2", "kw":"Add-on Configuration Consistency,Troubleshooting for Pre-upgrade Check Exceptions,User Guide", "search_title":"", @@ -2754,7 +2808,7 @@ "uri":"cce_10_0183.html", "node_id":"cce_10_0183.xml", "product_code":"cce", - "code":"153", + "code":"156", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual2", "kw":"Nodes", @@ -2772,7 +2826,7 @@ "uri":"cce_10_0180.html", "node_id":"cce_10_0180.xml", "product_code":"cce", - "code":"154", + "code":"157", "des":"A container cluster consists of a set of worker machines, called nodes, that run containerized applications. A node can be a virtual machine (VM) or a physical machine (P", "doc_type":"usermanual2", "kw":"paas,user group,Node Overview,Nodes,User Guide", @@ -2790,7 +2844,7 @@ "uri":"cce_10_0462.html", "node_id":"cce_10_0462.xml", "product_code":"cce", - "code":"155", + "code":"158", "des":"Container engines, one of the most important components of Kubernetes, manage the lifecycle of images and containers. The kubelet interacts with a container runtime throu", "doc_type":"usermanual2", "kw":"Container Engines,Nodes,User Guide", @@ -2808,7 +2862,7 @@ "uri":"cce_10_0476.html", "node_id":"cce_10_0476.xml", "product_code":"cce", - "code":"156", + "code":"159", "des":"This section describes the mappings between released cluster versions and OS versions.", "doc_type":"usermanual2", "kw":"Node OSs,Nodes,User Guide", @@ -2826,8 +2880,8 @@ "uri":"cce_10_0363.html", "node_id":"cce_10_0363.xml", "product_code":"cce", - "code":"157", - "des":"At least one cluster has been created.A key pair has been created for identity authentication upon remote node login.The DNS configuration of a subnet where a node is loc", + "code":"160", + "des":"At least one cluster is available.A key pair is available for remote node login using key-pair authentication. If you use a password for login, skip this step.If you use ", "doc_type":"usermanual2", "kw":"Creating a Node,Nodes,User Guide", "search_title":"", @@ -2844,8 +2898,8 @@ "uri":"cce_10_0198.html", "node_id":"cce_10_0198.xml", "product_code":"cce", - "code":"158", - "des":"In CCE, you can create a node (Creating a Node) or add existing nodes (ECSs) to your cluster for management.When accepting an ECS, you can reset the ECS OS to a standard ", + "code":"161", + "des":"In CCE, you can create a node (Creating a Node) or add existing nodes (ECSs) to your cluster for management.When accepting an ECS, you can reset its OS to a standard publ", "doc_type":"usermanual2", "kw":"Accepting Nodes for Management,Nodes,User Guide", "search_title":"", @@ -2862,8 +2916,8 @@ "uri":"cce_10_0185.html", "node_id":"cce_10_0185.xml", "product_code":"cce", - "code":"159", - "des":"Before you log in to a node using SSH, ensure that the SSH port (22 by default) is enabled in the security group of the node.Before you log in to a node (an ECS) using SS", + "code":"162", + "des":"Before you log in to a node using SSH, ensure the SSH port (22 by default) is enabled in the security group of the node.Before you log in to a node (an ECS) via SSH over ", "doc_type":"usermanual2", "kw":"Logging In to a Node,Nodes,User Guide", "search_title":"", @@ -2880,7 +2934,7 @@ "uri":"cce_10_0672.html", "node_id":"cce_10_0672.xml", "product_code":"cce", - "code":"160", + "code":"163", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual2", "kw":"node labels", @@ -2898,7 +2952,7 @@ "uri":"cce_10_0004.html", "node_id":"cce_10_0004.xml", "product_code":"cce", - "code":"161", + "code":"164", "des":"You can add different labels to nodes and define different attributes for labels. By using these node labels, you can quickly understand the characteristics of each node.", "doc_type":"usermanual2", "kw":"node labels,Inherent Label of a Node,Managing Node Labels,Management Nodes,User Guide", @@ -2916,7 +2970,7 @@ "uri":"cce_10_0352.html", "node_id":"cce_10_0352.xml", "product_code":"cce", - "code":"162", + "code":"165", "des":"Taints enable a node to repel specific pods to prevent these pods from being scheduled to the node.On the CCE console, you can also batch manage nodes' taints.Enter the k", "doc_type":"usermanual2", "kw":"NoSchedule,PreferNoSchedule,NoExecute,System Taints,Managing Node Taints,Management Nodes,User Guide", @@ -2934,7 +2988,7 @@ "uri":"cce_10_0003.html", "node_id":"cce_10_0003.xml", "product_code":"cce", - "code":"163", + "code":"166", "des":"You can reset a node to modify the node configuration, such as the node OS and login mode.Resetting a node will reinstall the node OS and the Kubernetes software on the n", "doc_type":"usermanual2", "kw":"reset a node,Resetting a Node,Management Nodes,User Guide", @@ -2952,7 +3006,7 @@ "uri":"cce_10_0338.html", "node_id":"cce_10_0338.xml", "product_code":"cce", - "code":"164", + "code":"167", "des":"Removing a node from a cluster will re-install the node OS and clear CCE components on the node.Removing a node will not delete the server corresponding to the node. You ", "doc_type":"usermanual2", "kw":"Removing a Node,Management Nodes,User Guide", @@ -2970,10 +3024,10 @@ "uri":"cce_10_0184.html", "node_id":"cce_10_0184.xml", "product_code":"cce", - "code":"165", + "code":"168", "des":"Each node in a cluster is a cloud server or physical machine. After a cluster node is created, you can change the cloud server name or specifications as required. Modifyi", "doc_type":"usermanual2", - "kw":"synchronize the ECS,Synchronizing the Data of Cloud Servers,Management Nodes,User Guide", + "kw":"synchronize it,Synchronizing the Data of Cloud Servers,Management Nodes,User Guide", "search_title":"", "metedata":[ { @@ -2988,7 +3042,7 @@ "uri":"cce_10_0605.html", "node_id":"cce_10_0605.xml", "product_code":"cce", - "code":"166", + "code":"169", "des":"After you enable nodal drainage on the console, CCE configures the node to be non-schedulable and securely evicts all pods that comply with Rules for Draining Nodes on th", "doc_type":"usermanual2", "kw":"nodal drainage,nodal drainage,Draining a Node,Management Nodes,User Guide", @@ -3006,8 +3060,8 @@ "uri":"cce_10_0186.html", "node_id":"cce_10_0186.xml", "product_code":"cce", - "code":"167", - "des":"If a node is no longer needed, delete it from the node list on the CCE console if the node is billed on a pay-per-use basis. Do not manually remove nodes using kubectl de", + "code":"170", + "des":"If a node is no longer needed, delete it on the CCE console if the node is billed on a pay-per-use basis. Do not manually remove nodes using kubectl delete node, as this ", "doc_type":"usermanual2", "kw":"Deleting a Node,Management Nodes,User Guide", "search_title":"", @@ -3024,7 +3078,7 @@ "uri":"cce_10_0036.html", "node_id":"cce_10_0036.xml", "product_code":"cce", - "code":"168", + "code":"171", "des":"When a node in the cluster is stopped, all services on that node will also be stopped, and the node will no longer be available for scheduling. Check if your services wil", "doc_type":"usermanual2", "kw":"Stopping a Node,Management Nodes,User Guide", @@ -3042,7 +3096,7 @@ "uri":"cce_10_0276.html", "node_id":"cce_10_0276.xml", "product_code":"cce", - "code":"169", + "code":"172", "des":"In a rolling upgrade, a new node is created, existing workloads are migrated to the new node, and then the old node is deleted. Figure 1 shows the migration process.The o", "doc_type":"usermanual2", "kw":"Performing Rolling Upgrade for Nodes,Management Nodes,User Guide", @@ -3060,7 +3114,7 @@ "uri":"cce_10_0704.html", "node_id":"cce_10_0704.xml", "product_code":"cce", - "code":"170", + "code":"173", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual2", "kw":"Node O&M", @@ -3078,10 +3132,10 @@ "uri":"cce_10_0178.html", "node_id":"cce_10_0178.xml", "product_code":"cce", - "code":"171", + "code":"174", "des":"Some node resources are used to run mandatory Kubernetes system components and resources to make the node as part of your cluster. Therefore, the total number of node res", "doc_type":"usermanual2", - "kw":"total number of node resources,Node Resource Reservation Policy,Node O&M,User Guide", + "kw":"total number of node resources,Node Resource Reservation Rules,Node O&M,User Guide", "search_title":"", "metedata":[ { @@ -3089,14 +3143,14 @@ "documenttype":"usermanual" } ], - "title":"Node Resource Reservation Policy", + "title":"Node Resource Reservation Rules", "githuburl":"" }, { "uri":"cce_10_0341.html", "node_id":"cce_10_0341.xml", "product_code":"cce", - "code":"172", + "code":"175", "des":"This section describes how to allocate data disk space to nodes so that you can configure the data disk space accordingly.In clusters of a version earlier than v1.23.18-r", "doc_type":"usermanual2", "kw":"Data Disk Space Allocation,Container engine and container image space,container engine and container", @@ -3114,8 +3168,8 @@ "uri":"cce_10_0348.html", "node_id":"cce_10_0348.xml", "product_code":"cce", - "code":"173", - "des":"The maximum number of pods that can be created on a node is calculated based on the cluster type:When creating a cluster in the VPC network model, follow the and specify", + "code":"176", + "des":"The maximum number of pods that can be created on a node is calculated based on the cluster type:The number of allocatable pod IP addresses on a node is the maximum numbe", "doc_type":"usermanual2", "kw":"Maximum Number of Pods on a Node,alpha.cce/fixPoolMask,maximum number of pods,Maximum Number of Pods", "search_title":"", @@ -3132,7 +3186,7 @@ "uri":"cce_10_0883.html", "node_id":"cce_10_0883.xml", "product_code":"cce", - "code":"174", + "code":"177", "des":"To maintain the stability of nodes, CCE stores Kubernetes and container runtime components on separate data disks. Kubernetes uses the /mnt/paas/kubernetes directory, and", "doc_type":"usermanual2", "kw":"Differences in kubelet and Runtime Component Configurations Between CCE and the Native Community,Nod", @@ -3150,7 +3204,7 @@ "uri":"cce_10_0601.html", "node_id":"cce_10_0601.xml", "product_code":"cce", - "code":"175", + "code":"178", "des":"As of Kubernetes v1.24, dockershim has been deprecated. To maintain compatibility and ensure continued support for future Kubernetes releases, switch your node's containe", "doc_type":"usermanual2", "kw":"Migrating Nodes from Docker to containerd,Node O&M,User Guide", @@ -3168,8 +3222,8 @@ "uri":"cce_10_0659.html", "node_id":"cce_10_0659.xml", "product_code":"cce", - "code":"176", - "des":"The node fault detection function depends on the NPD add-on. The add-on instances run on nodes and monitor nodes. This section describes how to enable node fault detectio", + "code":"179", + "des":"Node fault detection depends on the CCE Node Problem Detector add-on (CCE Node Problem Detector). The add-on instance runs on each node to monitor node faults. This secti", "doc_type":"usermanual2", "kw":"Node Fault Detection,Check Items,Configuring Node Fault Detection Policies,Node O&M,User Guide", "search_title":"", @@ -3183,10 +3237,10 @@ "githuburl":"" }, { - "uri":"cce_bestpractice_10020.html", - "node_id":"cce_bestpractice_10020.xml", + "uri":"cce_bestpractice_10020_0.html", + "node_id":"cce_bestpractice_10020_0.xml", "product_code":"cce", - "code":"177", + "code":"180", "des":"When creating a node, use the pre- or -installation commands to install tools or perform security hardening on the node. This section provides guidance for you to correct", "doc_type":"usermanual2", "kw":"Executing the Pre- or Post-installation Commands During Node Creation,Node O&M,User Guide", @@ -3204,7 +3258,7 @@ "uri":"cce_10_0035.html", "node_id":"cce_10_0035.xml", "product_code":"cce", - "code":"178", + "code":"181", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual2", "kw":"Node Pools", @@ -3222,7 +3276,7 @@ "uri":"cce_10_0081.html", "node_id":"cce_10_0081.xml", "product_code":"cce", - "code":"179", + "code":"182", "des":"CCE introduces node pools to help you better manage nodes in Kubernetes clusters. A node pool contains one node or a group of nodes with identical configuration in a clus", "doc_type":"usermanual2", "kw":"DefaultPool,DefaultPool,Deploying a Workload in a Specified Node Pool,Node Pool Overview,Node Pools,", @@ -3240,7 +3294,7 @@ "uri":"cce_10_0012.html", "node_id":"cce_10_0012.xml", "product_code":"cce", - "code":"180", + "code":"183", "des":"This section describes how to create a node pool and perform operations on the node pool. For details about how a node pool works, see Node Pool Overview.Basic SettingsNo", "doc_type":"usermanual2", "kw":"Creating a Node Pool,Node Pools,User Guide", @@ -3258,7 +3312,7 @@ "uri":"cce_10_0658.html", "node_id":"cce_10_0658.xml", "product_code":"cce", - "code":"181", + "code":"184", "des":"You can specify a specification in a node pool for scaling.The default node pool does not support scaling. Use Creating a Node to add a node.Resize: Add or reduce nodes f", "doc_type":"usermanual2", "kw":"Scaling a Node Pool,Node Pools,User Guide", @@ -3276,10 +3330,10 @@ "uri":"cce_10_0222.html", "node_id":"cce_10_0222.xml", "product_code":"cce", - "code":"182", + "code":"185", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual2", - "kw":"Managing a Node Pool", + "kw":"Managing Node Pools", "search_title":"", "metedata":[ { @@ -3287,17 +3341,17 @@ "documenttype":"usermanual" } ], - "title":"Managing a Node Pool", + "title":"Managing Node Pools", "githuburl":"" }, { "uri":"cce_10_0653.html", "node_id":"cce_10_0653.xml", "product_code":"cce", - "code":"183", + "code":"186", "des":"Changes to the container engine, OS, or pre-/post-installation script in a node pool take effect only on new nodes. To synchronize the modification onto existing nodes, m", "doc_type":"usermanual2", - "kw":"base size,Updating a Node Pool,Managing a Node Pool,User Guide", + "kw":"base size,Updating a Node Pool,Managing Node Pools,User Guide", "search_title":"", "metedata":[ { @@ -3312,10 +3366,10 @@ "uri":"cce_10_0727.html", "node_id":"cce_10_0727.xml", "product_code":"cce", - "code":"184", + "code":"187", "des":"Auto Scaling (AS) enables elastic scaling of nodes in a node pool based on scaling policies. Without this function, you have to manually adjust the number of nodes in a n", "doc_type":"usermanual2", - "kw":"Updating an AS Configuration,Managing a Node Pool,User Guide", + "kw":"Updating an AS Configuration,Managing Node Pools,User Guide", "search_title":"", "metedata":[ { @@ -3330,10 +3384,10 @@ "uri":"cce_10_0652.html", "node_id":"cce_10_0652.xml", "product_code":"cce", - "code":"185", - "des":"The default node pool does not support the management operations described in this section.CCE allows you to highly customize Kubernetes parameter settings on core compon", + "code":"188", + "des":"If the default node configurations of in cluster do not meet service requirements, you can customize parameters for core components, such as kubelet, kube-proxy, and the ", "doc_type":"usermanual2", - "kw":"Modifying Node Pool Configurations,Managing a Node Pool,User Guide", + "kw":"Modifying Node Pool Configurations,Managing Node Pools,User Guide", "search_title":"", "metedata":[ { @@ -3348,10 +3402,10 @@ "uri":"cce_10_0886.html", "node_id":"cce_10_0886.xml", "product_code":"cce", - "code":"186", + "code":"189", "des":"If you want to add a newly created ECS to a node pool in a cluster, or remove a node from a node pool and add it to the node pool again, accept the node.When an ECS is ac", "doc_type":"usermanual2", - "kw":"Accepting Nodes in a Node Pool,Managing a Node Pool,User Guide", + "kw":"Accepting Nodes in a Node Pool,Managing Node Pools,User Guide", "search_title":"", "metedata":[ { @@ -3366,10 +3420,10 @@ "uri":"cce_10_0655.html", "node_id":"cce_10_0655.xml", "product_code":"cce", - "code":"187", + "code":"190", "des":"You can copy the configuration of an existing node pool on the CCE console to create new node pools.", "doc_type":"usermanual2", - "kw":"Copying a Node Pool,Managing a Node Pool,User Guide", + "kw":"Copying a Node Pool,Managing Node Pools,User Guide", "search_title":"", "metedata":[ { @@ -3384,10 +3438,10 @@ "uri":"cce_10_0654.html", "node_id":"cce_10_0654.xml", "product_code":"cce", - "code":"188", + "code":"191", "des":"After the configuration of a node pool is updated, some configurations cannot be automatically synchronized for existing nodes. You can manually synchronize configuration", "doc_type":"usermanual2", - "kw":"Synchronizing Node Pools,Managing a Node Pool,User Guide", + "kw":"Synchronizing Node Pools,Managing Node Pools,User Guide", "search_title":"", "metedata":[ { @@ -3402,10 +3456,10 @@ "uri":"cce_10_0660.html", "node_id":"cce_10_0660.xml", "product_code":"cce", - "code":"189", + "code":"192", "des":"After CCE releases a new OS image, if existing nodes cannot be automatically upgraded, you can manually upgrade them in batches.This section describes how to upgrade an O", "doc_type":"usermanual2", - "kw":"Upgrading an OS,Managing a Node Pool,User Guide", + "kw":"Upgrading an OS,Managing Node Pools,User Guide", "search_title":"", "metedata":[ { @@ -3420,10 +3474,10 @@ "uri":"cce_10_0656.html", "node_id":"cce_10_0656.xml", "product_code":"cce", - "code":"190", + "code":"193", "des":"You can migrate nodes between node pools within a cluster. Table 1 lists migration scenarios.Migration scenariosMigration ScenarioMigrationOperationSource Node PoolTarget", "doc_type":"usermanual2", - "kw":"Migrating a Node,Managing a Node Pool,User Guide", + "kw":"Migrating a Node,Managing Node Pools,User Guide", "search_title":"", "metedata":[ { @@ -3438,10 +3492,10 @@ "uri":"cce_10_0657.html", "node_id":"cce_10_0657.xml", "product_code":"cce", - "code":"191", - "des":"Deleting a node pool will delete nodes in the pool. Pods on these nodes will be automatically migrated to available nodes in other node pools.Deleting a node pool will de", + "code":"194", + "des":"Deleting a node pool will delete nodes in the pool. Pods on these nodes will be automatically migrated to available nodes in other node pools.Deleting a node will cause P", "doc_type":"usermanual2", - "kw":"Deleting a Node Pool,Managing a Node Pool,User Guide", + "kw":"Deleting a Node Pool,Managing Node Pools,User Guide", "search_title":"", "metedata":[ { @@ -3456,7 +3510,7 @@ "uri":"cce_10_0046.html", "node_id":"cce_10_0046.xml", "product_code":"cce", - "code":"192", + "code":"195", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual2", "kw":"Workloads", @@ -3474,10 +3528,10 @@ "uri":"cce_10_0006.html", "node_id":"cce_10_0006.xml", "product_code":"cce", - "code":"193", + "code":"196", "des":"A workload is an application running on Kubernetes. No matter how many components are there in your workload, you can run it in a group of Kubernetes pods. A workload is ", "doc_type":"usermanual2", - "kw":"Deployments,StatefulSets,DaemonSets,jobs,cron jobs,Overview,Workloads,User Guide", + "kw":"Deployments,StatefulSets,DaemonSets,jobs,cron jobs,Workload Overview,Workloads,User Guide", "search_title":"", "metedata":[ { @@ -3485,14 +3539,14 @@ "documenttype":"usermanual" } ], - "title":"Overview", + "title":"Workload Overview", "githuburl":"" }, { "uri":"cce_10_0673.html", "node_id":"cce_10_0673.xml", "product_code":"cce", - "code":"194", + "code":"197", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual2", "kw":"Creating a Workload", @@ -3510,8 +3564,8 @@ "uri":"cce_10_0047.html", "node_id":"cce_10_0047.xml", "product_code":"cce", - "code":"195", - "des":"Deployments are workloads (for example, Nginx) that do not store any data or status. You can create Deployments on the CCE console or by running kubectl commands.Before c", + "code":"198", + "des":"A Deployment is a Kubernetes application that does not retain data or state while running. Each pod of the same Deployment is identical, allowing for seamless creation, d", "doc_type":"usermanual2", "kw":"create a workload using kubectl,Creating a Deployment,Creating a Workload,User Guide", "search_title":"", @@ -3528,8 +3582,8 @@ "uri":"cce_10_0048.html", "node_id":"cce_10_0048.xml", "product_code":"cce", - "code":"196", - "des":"StatefulSets are a type of workloads whose data or status is stored while they are running. For example, MySQL is a StatefulSet because it needs to store new data.A conta", + "code":"199", + "des":"A StatefulSet is an application that needs to retain data or state while running. StatefulSets are ideal for stateful applications, such as databases, cache services, and", "doc_type":"usermanual2", "kw":"Using kubectl,Creating a StatefulSet,Creating a Workload,User Guide", "search_title":"", @@ -3546,8 +3600,8 @@ "uri":"cce_10_0216.html", "node_id":"cce_10_0216.xml", "product_code":"cce", - "code":"197", - "des":"CCE provides deployment and management capabilities for multiple types of containers and supports features of container workloads, including creation, configuration, moni", + "code":"200", + "des":"A DaemonSet is a Kubernetes workload type that ensures a pod runs on all or selected nodes in a cluster. When a new node is added to the cluster, the DaemonSet controller", "doc_type":"usermanual2", "kw":"create a workload using kubectl,Creating a DaemonSet,Creating a Workload,User Guide", "search_title":"", @@ -3564,8 +3618,8 @@ "uri":"cce_10_0150.html", "node_id":"cce_10_0150.xml", "product_code":"cce", - "code":"198", - "des":"Jobs are short-lived and run for a certain time to completion. They can be executed immediately after being deployed. It is completed after it exits normally (exit 0).A j", + "code":"201", + "des":"A job is a Kubernetes workload designed for managing batch processing tasks, handling one-time or short-lived tasks. Unlike long-running services managed by Deployments o", "doc_type":"usermanual2", "kw":"Creating a Job,Creating a Workload,User Guide", "search_title":"", @@ -3582,10 +3636,10 @@ "uri":"cce_10_0151.html", "node_id":"cce_10_0151.xml", "product_code":"cce", - "code":"199", - "des":"A CronJob runs on a repeating schedule. You can perform time synchronization for all active nodes at a fixed time point.A CronJob runs periodically at the specified time.", + "code":"202", + "des":"A CronJob is a Kubernetes workload designed to run periodic tasks, similar to crontab in Linux. CronJobs follow a Cron format. They periodically execute jobs at predefine", "doc_type":"usermanual2", - "kw":"time synchronization,Creating a CronJob,Creating a Workload,User Guide", + "kw":"Creating a CronJob,Creating a Workload,User Guide", "search_title":"", "metedata":[ { @@ -3600,7 +3654,7 @@ "uri":"cce_10_0130.html", "node_id":"cce_10_0130.xml", "product_code":"cce", - "code":"200", + "code":"203", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual2", "kw":"Configuring a Workload", @@ -3618,7 +3672,7 @@ "uri":"cce_10_0463.html", "node_id":"cce_10_0463.xml", "product_code":"cce", - "code":"201", + "code":"204", "des":"Compared with a common runtime, a secure runtime allows each container (pod) to run on its own micro-VM with a separate OS kernel. This ensures secure isolation at the vi", "doc_type":"usermanual2", "kw":"Secure Runtime and Common Runtime,Configuring a Workload,User Guide", @@ -3636,8 +3690,8 @@ "uri":"cce_10_0354.html", "node_id":"cce_10_0354.xml", "product_code":"cce", - "code":"202", - "des":"When creating a workload, you can configure containers to use the same time zone as the node. You can enable time zone synchronization when creating a workload.The time z", + "code":"205", + "des":"When creating a workload, you can enable time zone synchronization, so that the container can use the same time zone as the node.Configure the following parameters:hostPa", "doc_type":"usermanual2", "kw":"Configuring Time Zone Synchronization,Configuring a Workload,User Guide", "search_title":"", @@ -3654,7 +3708,7 @@ "uri":"cce_10_0353.html", "node_id":"cce_10_0353.xml", "product_code":"cce", - "code":"203", + "code":"206", "des":"When a workload is created, the container image is pulled from the image repository to the node. The image is also pulled when the workload is restarted or upgraded.By de", "doc_type":"usermanual2", "kw":"Configuring an Image Pull Policy,Configuring a Workload,User Guide", @@ -3672,8 +3726,8 @@ "uri":"cce_10_0009.html", "node_id":"cce_10_0009.xml", "product_code":"cce", - "code":"204", - "des":"CCE allows you to create workloads using images pulled from third-party image repositories.Generally, a third-party image repository can be accessed only after authentica", + "code":"207", + "des":"Third-party images are container images provided by organizations or individuals other than the official image repository and SWR image repository. These images typically", "doc_type":"usermanual2", "kw":"Using Third-Party Images,Configuring a Workload,User Guide", "search_title":"", @@ -3690,7 +3744,7 @@ "uri":"cce_10_0163.html", "node_id":"cce_10_0163.xml", "product_code":"cce", - "code":"205", + "code":"208", "des":"CCE allows you to set resource requirements and limits, such as CPU and RAM, for added containers during workload creation. Kubernetes also allows using YAML to set requi", "doc_type":"usermanual2", "kw":"ephemeral storage,Configuring Container Specifications,Configuring a Workload,User Guide", @@ -3708,10 +3762,10 @@ "uri":"cce_10_0105.html", "node_id":"cce_10_0105.xml", "product_code":"cce", - "code":"206", - "des":"CCE provides callback functions for the lifecycle management of containerized applications. For example, if you want a container to perform a certain operation before sto", + "code":"209", + "des":"Container lifecycle hooks are core mechanisms provided by Kubernetes that enable you to insert custom logic at key phases throughout the container lifecycle. These hooks ", "doc_type":"usermanual2", - "kw":"Startup Command,Post-Start,Pre-Stop,Configuring Container Lifecycle Parameters,Configuring a Workloa", + "kw":"Configuring the Container Lifecycle,Configuring a Workload,User Guide", "search_title":"", "metedata":[ { @@ -3719,17 +3773,17 @@ "documenttype":"usermanual" } ], - "title":"Configuring Container Lifecycle Parameters", + "title":"Configuring the Container Lifecycle", "githuburl":"" }, { "uri":"cce_10_0112.html", "node_id":"cce_10_0112.xml", "product_code":"cce", - "code":"207", - "des":"Health check regularly checks the health status of containers during container running. If the health check function is not configured, a pod cannot detect application ex", + "code":"210", + "des":"Health check regularly checks the health of containers when the containers are running. If health check is not configured, a pod cannot detect application exceptions or a", "doc_type":"usermanual2", - "kw":"Health check,HTTP request,TCP port,CLI,Configuring Container Health Check,Configuring a Workload,Use", + "kw":"Health check,Liveness probe,Readiness probe,Startup probe,HTTP,TCP,Command,Configuring Container Hea", "search_title":"", "metedata":[ { @@ -3744,8 +3798,8 @@ "uri":"cce_10_0113.html", "node_id":"cce_10_0113.xml", "product_code":"cce", - "code":"208", - "des":"An environment variable is a variable whose value can affect the way a running container will behave. You can modify environment variables even after workloads are deploy", + "code":"211", + "des":"Container environment variables (for example, DB_HOST=db.example.com) are configuration parameters dynamically transferred when a container is running. They allow you to ", "doc_type":"usermanual2", "kw":"Configuring Environment Variables,Configuring a Workload,User Guide", "search_title":"", @@ -3762,10 +3816,10 @@ "uri":"cce_10_0397.html", "node_id":"cce_10_0397.xml", "product_code":"cce", - "code":"209", - "des":"In actual applications, upgrade is a common operation. A Deployment, StatefulSet, or DaemonSet can easily support application upgrade.You can set different upgrade polici", + "code":"212", + "des":"After a workload is created, you can upgrade it and roll it back. The flexible upgrade and rollback mechanism enables smooth version transitions without interrupting serv", "doc_type":"usermanual2", - "kw":"Configuring Workload Upgrade Policies,Configuring a Workload,User Guide", + "kw":"Upgrading and Rolling Back a Workload,Configuring a Workload,User Guide", "search_title":"", "metedata":[ { @@ -3773,14 +3827,14 @@ "documenttype":"usermanual" } ], - "title":"Configuring Workload Upgrade Policies", + "title":"Upgrading and Rolling Back a Workload", "githuburl":"" }, { "uri":"cce_10_0728.html", "node_id":"cce_10_0728.xml", "product_code":"cce", - "code":"210", + "code":"213", "des":"Tolerations allow the scheduler to schedule pods to nodes with target taints. Tolerances work with node taints. Each node allows one or more taints. If no tolerance is co", "doc_type":"usermanual2", "kw":"Configuring Tolerance Policies,Configuring a Workload,User Guide", @@ -3798,8 +3852,8 @@ "uri":"cce_10_0386.html", "node_id":"cce_10_0386.xml", "product_code":"cce", - "code":"211", - "des":"CCE allows you to add annotations to a YAML file to realize some advanced pod functions. The following table describes the annotations you can add.When you create a workl", + "code":"214", + "des":"To support multi-dimensional metadata management, Kubernetes offers labels and annotations. They both attach metadata to resources in the format of key-value pairs, but t", "doc_type":"usermanual2", "kw":"Configuring Labels and Annotations,Configuring a Workload,User Guide", "search_title":"", @@ -3816,7 +3870,7 @@ "uri":"cce_10_0889.html", "node_id":"cce_10_0889.xml", "product_code":"cce", - "code":"212", + "code":"215", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual2", "kw":"Scheduling a Workload", @@ -3834,7 +3888,7 @@ "uri":"cce_10_0232.html", "node_id":"cce_10_0232.xml", "product_code":"cce", - "code":"213", + "code":"216", "des":"Kubernetes schedules workloads based on pods. After you create a workload, the scheduler automatically assigns pods. For example, the scheduler distributes pods to nodes ", "doc_type":"usermanual2", "kw":"Overview,Scheduling a Workload,User Guide", @@ -3852,8 +3906,8 @@ "uri":"cce_10_0891.html", "node_id":"cce_10_0891.xml", "product_code":"cce", - "code":"214", - "des":"To select a node for scheduling in Kubernetes, simply configure the nodeSelector field in the workload. This field allows you to configure the label of the desired node t", + "code":"217", + "des":"In Kubernetes, to schedule a workload to a specified node, simply configure the nodeSelector field in the workload. By setting the target node label in this field, Kubern", "doc_type":"usermanual2", "kw":"Configuring Specified Node Scheduling (nodeSelector),Scheduling a Workload,User Guide", "search_title":"", @@ -3870,7 +3924,7 @@ "uri":"cce_10_0892.html", "node_id":"cce_10_0892.xml", "product_code":"cce", - "code":"215", + "code":"218", "des":"Kubernetes can schedule workload pods to affinity nodes based on their labels and label values. For example, some nodes support GPU computing, and node affinity schedulin", "doc_type":"usermanual2", "kw":"Specify node,Specify node pool,Configuring Node Affinity Scheduling (nodeAffinity),Scheduling a Work", @@ -3888,7 +3942,7 @@ "uri":"cce_10_0893.html", "node_id":"cce_10_0893.xml", "product_code":"cce", - "code":"216", + "code":"219", "des":"Kubernetes offers workload affinity and anti-affinity scheduling, which allows for flexible scheduling of new workloads on either related or unrelated nodes. This results", "doc_type":"usermanual2", "kw":"Configuring Workload Affinity or Anti-affinity Scheduling (podAffinity or podAntiAffinity),Schedulin", @@ -3906,7 +3960,7 @@ "uri":"cce_10_00356.html", "node_id":"cce_10_00356.xml", "product_code":"cce", - "code":"217", + "code":"220", "des":"If you encounter unexpected problems when using a container, you can log in to the container to debug it.The example output is as follows:NAME ", "doc_type":"usermanual2", "kw":"Logging In to a Container,Workloads,User Guide", @@ -3924,10 +3978,10 @@ "uri":"cce_10_0007.html", "node_id":"cce_10_0007.xml", "product_code":"cce", - "code":"218", - "des":"After a workload is created, you can upgrade, log, monitor, roll back, or delete the workload, as well as edit its YAML file.Workload/Job managementOperationDescriptionMo", + "code":"221", + "des":"After a workload is created, you can upgrade it, edit its YAML file, view logs and monitoring data, roll it back, and delete it.Workload/Job managementOperationDescriptio", "doc_type":"usermanual2", - "kw":"Managing Workloads,Workloads,User Guide", + "kw":"Managing Labels,Managing Workloads,Workloads,User Guide", "search_title":"", "metedata":[ { @@ -3942,7 +3996,7 @@ "uri":"cce_10_0833.html", "node_id":"cce_10_0833.xml", "product_code":"cce", - "code":"219", + "code":"222", "des":"Custom Resource Definition (CRD) is an extension of Kubernetes APIs. When default Kubernetes resources cannot meet service requirements, you can use CRDs to define new re", "doc_type":"usermanual2", "kw":"Managing Custom Resources,Workloads,User Guide", @@ -3960,7 +4014,7 @@ "uri":"cce_10_0465.html", "node_id":"cce_10_0465.xml", "product_code":"cce", - "code":"220", + "code":"223", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual2", "kw":"Pod Security", @@ -3978,7 +4032,7 @@ "uri":"cce_10_0275.html", "node_id":"cce_10_0275.xml", "product_code":"cce", - "code":"221", + "code":"224", "des":"A pod security policy (PSP) is a cluster-level resource that controls sensitive security aspects of the pod specification. The PodSecurityPolicy object in Kubernetes defi", "doc_type":"usermanual2", "kw":"Configuring a Pod Security Policy,Pod Security,User Guide", @@ -3996,7 +4050,7 @@ "uri":"cce_10_0466.html", "node_id":"cce_10_0466.xml", "product_code":"cce", - "code":"222", + "code":"225", "des":"Before using pod security admission, understand Kubernetes Pod Security Standards. These standards define different isolation levels for pods. They let you define how you", "doc_type":"usermanual2", "kw":"Configuring Pod Security Admission,Pod Security,User Guide", @@ -4010,11 +4064,29 @@ "title":"Configuring Pod Security Admission", "githuburl":"" }, + { + "uri":"cce_10_1006.html", + "node_id":"cce_10_1006.xml", + "product_code":"cce", + "code":"226", + "des":"Application Armor (AppArmor) is a security module of the Linux kernel, which is usually used in OSs such as Ubuntu. AppArmor allows system administrators to associate eac", + "doc_type":"usermanual2", + "kw":"Using AppArmor to Confine Container Access to Resources,Pod Security,User Guide", + "search_title":"", + "metedata":[ + { + "prodname":"cce", + "documenttype":"usermanual" + } + ], + "title":"Using AppArmor to Confine Container Access to Resources", + "githuburl":"" + }, { "uri":"cce_10_0674.html", "node_id":"cce_10_0674.xml", "product_code":"cce", - "code":"223", + "code":"227", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual2", "kw":"Scheduling", @@ -4032,10 +4104,10 @@ "uri":"cce_10_0702.html", "node_id":"cce_10_0702.xml", "product_code":"cce", - "code":"224", - "des":"CCE supports different types of resource scheduling and task scheduling, improving application performance and overall cluster resource utilization. This section describe", + "code":"228", + "des":"CCE supports multiple resource and task scheduling policies to enhance application performance and overall cluster resource utilization. This section describes the main f", "doc_type":"usermanual2", - "kw":"Overview,Scheduling,User Guide", + "kw":"Scheduling Overview,Scheduling,User Guide", "search_title":"", "metedata":[ { @@ -4043,14 +4115,14 @@ "documenttype":"usermanual" } ], - "title":"Overview", + "title":"Scheduling Overview", "githuburl":"" }, { "uri":"cce_10_0551.html", "node_id":"cce_10_0551.xml", "product_code":"cce", - "code":"225", + "code":"229", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual2", "kw":"CPU Scheduling", @@ -4068,7 +4140,7 @@ "uri":"cce_10_0351.html", "node_id":"cce_10_0351.xml", "product_code":"cce", - "code":"226", + "code":"230", "des":"By default, kubelet uses CFS quotas to enforce pod CPU limits. When a node runs many CPU-bound pods, the workload can move to different CPU cores depending on whether the", "doc_type":"usermanual2", "kw":"CPU Policy,CPU Scheduling,User Guide", @@ -4086,8 +4158,8 @@ "uri":"cce_10_0552.html", "node_id":"cce_10_0552.xml", "product_code":"cce", - "code":"227", - "des":"Kubernetes provides two CPU policies: none and static.none: The CPU policy is disabled by default, indicating the existing scheduling behavior.static: The static CPU core", + "code":"231", + "des":"Kubernetes provides two CPU policies: none and static.none: The CPU policy is disabled by default, indicating the existing scheduling behavior.static: The static CPU pinn", "doc_type":"usermanual2", "kw":"Enhanced CPU Policy,CPU Scheduling,User Guide", "search_title":"", @@ -4104,7 +4176,7 @@ "uri":"cce_10_0720.html", "node_id":"cce_10_0720.xml", "product_code":"cce", - "code":"228", + "code":"232", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual2", "kw":"GPU Scheduling", @@ -4118,12 +4190,102 @@ "title":"GPU Scheduling", "githuburl":"" }, + { + "uri":"cce_10_0845.html", + "node_id":"cce_10_0845.xml", + "product_code":"cce", + "code":"233", + "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "doc_type":"usermanual2", + "kw":"GPU Driver Version", + "search_title":"", + "metedata":[ + { + "prodname":"cce", + "documenttype":"usermanual" + } + ], + "title":"GPU Driver Version", + "githuburl":"" + }, + { + "uri":"cce_10_0846.html", + "node_id":"cce_10_0846.xml", + "product_code":"cce", + "code":"234", + "des":"Before using GPU-accelerated ECSs, install the necessary NVIDIA infrastructure software to enable accelerated GPU computing. To use GPUs, select and install the appropria", + "doc_type":"usermanual2", + "kw":"Selecting a GPU Driver Version for Nodes,GPU Driver Version,User Guide", + "search_title":"", + "metedata":[ + { + "prodname":"cce", + "documenttype":"usermanual" + } + ], + "title":"Selecting a GPU Driver Version for Nodes", + "githuburl":"" + }, + { + "uri":"cce_10_0847.html", + "node_id":"cce_10_0847.xml", + "product_code":"cce", + "code":"235", + "des":"This section describes the recommended driver versions for CCE clusters. If you use a non-recommended GPU driver version, make sure to check its compatibility with the mo", + "doc_type":"usermanual2", + "kw":"Recommended GPU Driver Versions for CCE,GPU Driver Version,User Guide", + "search_title":"", + "metedata":[ + { + "prodname":"cce", + "documenttype":"usermanual" + } + ], + "title":"Recommended GPU Driver Versions for CCE", + "githuburl":"" + }, + { + "uri":"cce_10_0848.html", + "node_id":"cce_10_0848.xml", + "product_code":"cce", + "code":"236", + "des":"You can use the CCE AI Suite (NVIDIA GPU) add-on to configure the driver file path for a node. After the node is restarted, the driver will be installed automatically. Al", + "doc_type":"usermanual2", + "kw":"Manually Upgrading the Driver Version of a GPU Node,GPU Driver Version,User Guide", + "search_title":"", + "metedata":[ + { + "prodname":"cce", + "documenttype":"usermanual" + } + ], + "title":"Manually Upgrading the Driver Version of a GPU Node", + "githuburl":"" + }, + { + "uri":"cce_10_0849.html", + "node_id":"cce_10_0849.xml", + "product_code":"cce", + "code":"237", + "des":"To ensure proper functioning of GPU nodes, upgrade the NVIDIA driver version if it does not match the CUDA library you use. It is recommended that you use node pools to e", + "doc_type":"usermanual2", + "kw":"Upgrading the Driver Version of a GPU Node Using a Node Pool,GPU Driver Version,User Guide", + "search_title":"", + "metedata":[ + { + "prodname":"cce", + "documenttype":"usermanual" + } + ], + "title":"Upgrading the Driver Version of a GPU Node Using a Node Pool", + "githuburl":"" + }, { "uri":"cce_10_0345.html", "node_id":"cce_10_0345.xml", "product_code":"cce", - "code":"229", - "des":"You can use GPUs in CCE containers.A GPU node has been created. For details, see Creating a Node.The CCE AI Suite (NVIDIA GPU) add-on has been installed, with the selecte", + "code":"238", + "des":"CCE standard and Turbo clusters support Kubernetes' default GPU scheduling mode. This mode uses a device plugin to manage GPUs as a standard resource type. After the CCE ", "doc_type":"usermanual2", "kw":"Default GPU Scheduling in Kubernetes,GPU Scheduling,User Guide", "search_title":"", @@ -4136,14 +4298,140 @@ "title":"Default GPU Scheduling in Kubernetes", "githuburl":"" }, + { + "uri":"cce_10_0643.html", + "node_id":"cce_10_0643.xml", + "product_code":"cce", + "code":"239", + "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "doc_type":"usermanual2", + "kw":"GPU Virtualization", + "search_title":"", + "metedata":[ + { + "prodname":"cce", + "documenttype":"usermanual" + } + ], + "title":"GPU Virtualization", + "githuburl":"" + }, + { + "uri":"cce_10_0644.html", + "node_id":"cce_10_0644.xml", + "product_code":"cce", + "code":"240", + "des":"CCE uses xGPU virtualization technologies to dynamically divide the GPU memory and computing power. A single GPU can be virtualized into a maximum of 20 virtual GPU devic", + "doc_type":"usermanual2", + "kw":"Overview,GPU Virtualization,User Guide", + "search_title":"", + "metedata":[ + { + "prodname":"cce", + "documenttype":"usermanual" + } + ], + "title":"Overview", + "githuburl":"" + }, + { + "uri":"cce_10_0645.html", + "node_id":"cce_10_0645.xml", + "product_code":"cce", + "code":"241", + "des":"CCE uses xGPU virtualization technologies to dynamically divide the GPU memory and computing power. A single GPU can be virtualized into a maximum of 20 virtual GPU devic", + "doc_type":"usermanual2", + "kw":"Preparing Virtualized GPU Resources,GPU Virtualization,User Guide", + "search_title":"", + "metedata":[ + { + "prodname":"cce", + "documenttype":"usermanual" + } + ], + "title":"Preparing Virtualized GPU Resources", + "githuburl":"" + }, + { + "uri":"cce_10_0646.html", + "node_id":"cce_10_0646.xml", + "product_code":"cce", + "code":"242", + "des":"This section describes how to use the GPU virtualization capability to isolate the computing power from the GPU memory and efficiently use GPU device resources.You have p", + "doc_type":"usermanual2", + "kw":"Using GPU Virtualization,GPU Virtualization,User Guide", + "search_title":"", + "metedata":[ + { + "prodname":"cce", + "documenttype":"usermanual" + } + ], + "title":"Using GPU Virtualization", + "githuburl":"" + }, + { + "uri":"cce_10_0742.html", + "node_id":"cce_10_0742.xml", + "product_code":"cce", + "code":"243", + "des":"With GPU virtualization enabled, workloads can still use nvidia.com/gpu (Kubernetes' default GPU scheduling) while optionally adding fine-grained isolation via volcano.sh", + "doc_type":"usermanual2", + "kw":"Enabling Kubernetes' Default GPU Scheduling in GPU Virtualization,GPU Virtualization,User Guide", + "search_title":"", + "metedata":[ + { + "prodname":"cce", + "documenttype":"usermanual" + } + ], + "title":"Enabling Kubernetes' Default GPU Scheduling in GPU Virtualization", + "githuburl":"" + }, + { + "uri":"cce_10_0965.html", + "node_id":"cce_10_0965.xml", + "product_code":"cce", + "code":"244", + "des":"In AI training, inference, and scientific computing, a single GPU often falls short due to limited compute power or memory. Multiple GPUs are therefore needed to work tog", + "doc_type":"usermanual2", + "kw":"Equal Distribution Scheduling on Virtual GPUs,GPU Virtualization,User Guide", + "search_title":"", + "metedata":[ + { + "prodname":"cce", + "documenttype":"usermanual" + } + ], + "title":"Equal Distribution Scheduling on Virtual GPUs", + "githuburl":"" + }, + { + "uri":"cce_10_1016.html", + "node_id":"cce_10_1016.xml", + "product_code":"cce", + "code":"245", + "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "doc_type":"usermanual2", + "kw":"GPU Monitoring", + "search_title":"", + "metedata":[ + { + "prodname":"cce", + "documenttype":"usermanual" + } + ], + "title":"GPU Monitoring", + "githuburl":"" + }, { "uri":"cce_10_0955.html", "node_id":"cce_10_0955.xml", "product_code":"cce", - "code":"230", + "code":"246", "des":"The CCE AI Suite (NVIDIA GPU) add-on provides GPU monitoring metrics. This add-on offers additional GPU observability options. This section describes the metrics provided", "doc_type":"usermanual2", - "kw":"GPU Metrics,GPU Scheduling,User Guide", + "kw":"GPU Metrics,GPU Monitoring,User Guide", "search_title":"", "metedata":[ { @@ -4154,11 +4442,83 @@ "title":"GPU Metrics", "githuburl":"" }, + { + "uri":"cce_10_0741.html", + "node_id":"cce_10_0741.xml", + "product_code":"cce", + "code":"247", + "des":"Monitoring GPU metrics optimizes performance, identifies faults quickly, and allocates resources efficiently. It improves GPU utilization and lowers O&M costs. Using Prom", + "doc_type":"usermanual2", + "kw":"Comprehensive Monitoring of GPU, Virtualization, and Pod Resource Metrics,GPU Monitoring,User Guide", + "search_title":"", + "metedata":[ + { + "prodname":"cce", + "documenttype":"usermanual" + } + ], + "title":"Comprehensive Monitoring of GPU, Virtualization, and Pod Resource Metrics", + "githuburl":"" + }, + { + "uri":"cce_10_1017.html", + "node_id":"cce_10_1017.xml", + "product_code":"cce", + "code":"248", + "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "doc_type":"usermanual2", + "kw":"GPU Auto Scaling", + "search_title":"", + "metedata":[ + { + "prodname":"cce", + "documenttype":"usermanual" + } + ], + "title":"GPU Auto Scaling", + "githuburl":"" + }, + { + "uri":"cce_10_0844.html", + "node_id":"cce_10_0844.xml", + "product_code":"cce", + "code":"249", + "des":"In a standard or Turbo cluster, you can configure HPA policies for workloads that use GPU resources based on GPU monitoring metrics. This enables applications to automati", + "doc_type":"usermanual2", + "kw":"Configuring Workload Scaling Based on GPU Monitoring Metrics,GPU Auto Scaling,User Guide", + "search_title":"", + "metedata":[ + { + "prodname":"cce", + "documenttype":"usermanual" + } + ], + "title":"Configuring Workload Scaling Based on GPU Monitoring Metrics", + "githuburl":"" + }, + { + "uri":"cce_10_0779.html", + "node_id":"cce_10_0779.xml", + "product_code":"cce", + "code":"250", + "des":"In a Kubernetes environment, managing GPU resources is complex, and diagnosing and recovering from faults can be challenging and costly. When a GPU becomes faulty, the CC", + "doc_type":"usermanual2", + "kw":"GPU Fault Handling,GPU Scheduling,User Guide", + "search_title":"", + "metedata":[ + { + "prodname":"cce", + "documenttype":"usermanual" + } + ], + "title":"GPU Fault Handling", + "githuburl":"" + }, { "uri":"cce_10_0423.html", "node_id":"cce_10_0423.xml", "product_code":"cce", - "code":"231", + "code":"251", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual2", "kw":"Volcano Scheduling", @@ -4176,10 +4536,10 @@ "uri":"cce_10_0721.html", "node_id":"cce_10_0721.xml", "product_code":"cce", - "code":"232", + "code":"252", "des":"Volcano is a batch processing platform that runs on Kubernetes for machine learning, deep learning, bioinformatics, genomics, and other big data applications. It provides", "doc_type":"usermanual2", - "kw":"Overview,Volcano Scheduling,User Guide", + "kw":"Volcano Scheduling Overview,Volcano Scheduling,User Guide", "search_title":"", "metedata":[ { @@ -4187,14 +4547,14 @@ "documenttype":"usermanual" } ], - "title":"Overview", + "title":"Volcano Scheduling Overview", "githuburl":"" }, { "uri":"cce_10_0722.html", "node_id":"cce_10_0722.xml", "product_code":"cce", - "code":"233", + "code":"253", "des":"Volcano is a Kubernetes-based batch processing platform with high-performance general computing capabilities like task scheduling engine, heterogeneous chip management, a", "doc_type":"usermanual2", "kw":"Scheduling Workloads,Volcano Scheduling,User Guide", @@ -4212,7 +4572,7 @@ "uri":"cce_10_0768.html", "node_id":"cce_10_0768.xml", "product_code":"cce", - "code":"234", + "code":"254", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual2", "kw":"Resource Usage-based Scheduling", @@ -4230,8 +4590,8 @@ "uri":"cce_10_0773.html", "node_id":"cce_10_0773.xml", "product_code":"cce", - "code":"235", - "des":"Bin packing is an optimization algorithm that aims to properly allocate resources to each job and get the jobs done using the minimum amount of resources. After bin packi", + "code":"255", + "des":"Bin packing is an optimization algorithm that aims to properly allocate resources to each job and get the jobs done using the minimum number of resources. After bin packi", "doc_type":"usermanual2", "kw":"Bin Packing,Resource Usage-based Scheduling,User Guide", "search_title":"", @@ -4248,7 +4608,7 @@ "uri":"cce_10_0766.html", "node_id":"cce_10_0766.xml", "product_code":"cce", - "code":"236", + "code":"256", "des":"Scheduling in a cluster is the process of binding pending pods to nodes, and is performed by a component called kube-scheduler or Volcano Scheduler. The scheduler uses a ", "doc_type":"usermanual2", "kw":"Descheduling,Resource Usage-based Scheduling,User Guide", @@ -4266,7 +4626,7 @@ "uri":"cce_10_0767.html", "node_id":"cce_10_0767.xml", "product_code":"cce", - "code":"237", + "code":"257", "des":"In scenarios such as node pool replacement and rolling node upgrade, an old resource pool needs to be replaced with a new one. To prevent the node pool replacement from a", "doc_type":"usermanual2", "kw":"Node Pool Affinity,Resource Usage-based Scheduling,User Guide", @@ -4284,7 +4644,7 @@ "uri":"cce_10_0789.html", "node_id":"cce_10_0789.xml", "product_code":"cce", - "code":"238", + "code":"258", "des":"Volcano Scheduler offers CPU and memory load-aware scheduling for pods and preferentially schedules pods to the node with the lightest load to balance node loads. This pr", "doc_type":"usermanual2", "kw":"Load-aware Scheduling,Resource Usage-based Scheduling,User Guide", @@ -4302,7 +4662,7 @@ "uri":"cce_10_0813.html", "node_id":"cce_10_0813.xml", "product_code":"cce", - "code":"239", + "code":"259", "des":"Volcano scheduling involves node filtering and scoring, which is used to filter the nodes meeting scheduling conditions and score the filtered nodes to find the one with ", "doc_type":"usermanual2", "kw":"Configuration Cases for Resource Usage-based Scheduling,Resource Usage-based Scheduling,User Guide", @@ -4320,7 +4680,7 @@ "uri":"cce_10_0774.html", "node_id":"cce_10_0774.xml", "product_code":"cce", - "code":"240", + "code":"260", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual2", "kw":"Priority-based Scheduling", @@ -4338,7 +4698,7 @@ "uri":"cce_10_0775.html", "node_id":"cce_10_0775.xml", "product_code":"cce", - "code":"241", + "code":"261", "des":"A pod priority indicates the importance of a pod relative to other pods. Volcano supports pod PriorityClasses in Kubernetes. After PriorityClasses are configured, the sch", "doc_type":"usermanual2", "kw":"Priority-based Scheduling,Priority-based Scheduling,User Guide", @@ -4356,7 +4716,7 @@ "uri":"cce_10_0776.html", "node_id":"cce_10_0776.xml", "product_code":"cce", - "code":"242", + "code":"262", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual2", "kw":"AI Performance-based Scheduling", @@ -4374,7 +4734,7 @@ "uri":"cce_10_0777.html", "node_id":"cce_10_0777.xml", "product_code":"cce", - "code":"243", + "code":"263", "des":"Dominant Resource Fairness (DRF) is a scheduling algorithm based on the dominant resource of a container group. DRF scheduling can be used to enhance the service throughp", "doc_type":"usermanual2", "kw":"DRF,AI Performance-based Scheduling,User Guide", @@ -4392,7 +4752,7 @@ "uri":"cce_10_0778.html", "node_id":"cce_10_0778.xml", "product_code":"cce", - "code":"244", + "code":"264", "des":"Gang scheduling is a scheduling algorithm that schedules correlated processes or threads to run simultaneously on different processors. It meets the scheduling requiremen", "doc_type":"usermanual2", "kw":"Gang,AI Performance-based Scheduling,User Guide", @@ -4410,7 +4770,7 @@ "uri":"cce_10_0425.html", "node_id":"cce_10_0425.xml", "product_code":"cce", - "code":"245", + "code":"265", "des":"In non-uniform memory access (NUMA) architecture, a NUMA node is a fundamental component that includes a processor and local memory. These nodes are physically separate b", "doc_type":"usermanual2", "kw":"NUMA Affinity Scheduling,Volcano Scheduling,User Guide", @@ -4428,7 +4788,7 @@ "uri":"cce_10_0709.html", "node_id":"cce_10_0709.xml", "product_code":"cce", - "code":"246", + "code":"266", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual2", "kw":"Cloud Native Hybrid Deployment", @@ -4446,7 +4806,7 @@ "uri":"cce_10_0384.html", "node_id":"cce_10_0384.xml", "product_code":"cce", - "code":"247", + "code":"267", "des":"Many services see surges in traffic. To ensure performance and stability, resources are often requested at the maximum needed. However, the surges may ebb very shortly an", "doc_type":"usermanual2", "kw":"Dynamic Resource Oversubscription,Cloud Native Hybrid Deployment,User Guide", @@ -4464,10 +4824,10 @@ "uri":"cce_10_0020.html", "node_id":"cce_10_0020.xml", "product_code":"cce", - "code":"248", + "code":"268", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual2", - "kw":"Network", + "kw":"Networking", "search_title":"", "metedata":[ { @@ -4475,17 +4835,17 @@ "documenttype":"usermanual" } ], - "title":"Network", + "title":"Networking", "githuburl":"" }, { "uri":"cce_10_0010.html", "node_id":"cce_10_0010.xml", "product_code":"cce", - "code":"249", - "des":"You can learn about a cluster network from the following two aspects:What is a cluster network like? A cluster consists of multiple nodes, and pods (or containers) are ru", + "code":"269", + "des":"The CCE cluster network architecture is based on the Kubernetes native network model. Combined with the cloud infrastructure capabilities, the architecture builds a three", "doc_type":"usermanual2", - "kw":"Overview,Network,User Guide", + "kw":"Networking Overview,Networking,User Guide", "search_title":"", "metedata":[ { @@ -4493,17 +4853,17 @@ "documenttype":"usermanual" } ], - "title":"Overview", + "title":"Networking Overview", "githuburl":"" }, { "uri":"cce_10_0280.html", "node_id":"cce_10_0280.xml", "product_code":"cce", - "code":"250", + "code":"270", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual2", - "kw":"Container Network", + "kw":"Container Networks", "search_title":"", "metedata":[ { @@ -4511,17 +4871,17 @@ "documenttype":"usermanual" } ], - "title":"Container Network", + "title":"Container Networks", "githuburl":"" }, { "uri":"cce_10_0281.html", "node_id":"cce_10_0281.xml", "product_code":"cce", - "code":"251", - "des":"The container network assigns IP addresses to pods in a cluster and provides networking services. In CCE, you can select the following network models for your cluster:Clo", + "code":"271", + "des":"A container network assigns IP addresses to pods in a cluster and provides networking services. In CCE, you can select the following network models for your cluster:Cloud", "doc_type":"usermanual2", - "kw":"Overview,Container Network,User Guide", + "kw":"Overview,Container Networks,User Guide", "search_title":"", "metedata":[ { @@ -4536,7 +4896,7 @@ "uri":"cce_10_0678.html", "node_id":"cce_10_0678.xml", "product_code":"cce", - "code":"252", + "code":"272", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual2", "kw":"Cloud Native Network 2.0 Settings", @@ -4554,8 +4914,8 @@ "uri":"cce_10_0284.html", "node_id":"cce_10_0284.xml", "product_code":"cce", - "code":"253", - "des":"Cloud Native Network 2.0 is a proprietary, next-generation container network model that combines the elastic network interfaces (ENIs) and supplementary network interface", + "code":"273", + "des":"The proprietary, next-generation Cloud Native Network 2.0 combines the network interfaces and supplementary network interfaces of VPC. This allows you to bind network int", "doc_type":"usermanual2", "kw":"Cloud Native Network 2.0,Cloud Native Network 2.0 Settings,User Guide", "search_title":"", @@ -4572,10 +4932,10 @@ "uri":"cce_10_0906.html", "node_id":"cce_10_0906.xml", "product_code":"cce", - "code":"254", - "des":"If the pod subnet configured during CCE Turbo cluster creation cannot meet service expansion requirements, you can add a pod subnet for the cluster.This function is avail", + "code":"274", + "des":"If the pod subnet configured during CCE Turbo cluster creation cannot meet service expansion requirements, you can add a pod subnet for the cluster.This function is only ", "doc_type":"usermanual2", - "kw":"Configuring a Default Container Subnet for a CCE Turbo Cluster,Cloud Native Network 2.0 Settings,Use", + "kw":"Adding or Deleting the Default Pod Subnet of a CCE Turbo Cluster,Cloud Native Network 2.0 Settings,U", "search_title":"", "metedata":[ { @@ -4583,69 +4943,15 @@ "documenttype":"usermanual" } ], - "title":"Configuring a Default Container Subnet for a CCE Turbo Cluster", - "githuburl":"" - }, - { - "uri":"cce_10_0897.html", - "node_id":"cce_10_0897.xml", - "product_code":"cce", - "code":"255", - "des":"In Cloud Native Network 2.0, pods use ENIs or sub-ENIs of the VPC. You can configure a security group for a pod using a pod's annotation.Configure a security group in eit", - "doc_type":"usermanual2", - "kw":"Binding a Security Group to a Pod Using an Annotation,Cloud Native Network 2.0 Settings,User Guide", - "search_title":"", - "metedata":[ - { - "prodname":"cce", - "documenttype":"usermanual" - } - ], - "title":"Binding a Security Group to a Pod Using an Annotation", - "githuburl":"" - }, - { - "uri":"cce_10_0288.html", - "node_id":"cce_10_0288.xml", - "product_code":"cce", - "code":"256", - "des":"In Cloud Native Network 2.0, pods use VPC ENIs or sub-ENIs for networking. You can directly bind security groups and EIPs to pods. To bind CCE pods with security groups, ", - "doc_type":"usermanual2", - "kw":"Binding a Security Group to a Workload Using a Security Group Policy,Cloud Native Network 2.0 Settin", - "search_title":"", - "metedata":[ - { - "prodname":"cce", - "documenttype":"usermanual" - } - ], - "title":"Binding a Security Group to a Workload Using a Security Group Policy", - "githuburl":"" - }, - { - "uri":"cce_10_0196.html", - "node_id":"cce_10_0196.xml", - "product_code":"cce", - "code":"257", - "des":"In a CCE Turbo cluster, you can configure subnets and security groups for containers by namespace or workload using NetworkAttachmentDefinition CRDs. To configure a parti", - "doc_type":"usermanual2", - "kw":"Binding a Subnet and Security Group to a Namespace or Workload Using a Container Network Configurati", - "search_title":"", - "metedata":[ - { - "prodname":"cce", - "documenttype":"usermanual" - } - ], - "title":"Binding a Subnet and Security Group to a Namespace or Workload Using a Container Network Configuration", + "title":"Adding or Deleting the Default Pod Subnet of a CCE Turbo Cluster", "githuburl":"" }, { "uri":"cce_10_0603.html", "node_id":"cce_10_0603.xml", "product_code":"cce", - "code":"258", - "des":"In Cloud Native Network 2.0, each pod is associated with an ENI, providing a static IP address to the StatefulSet pods (container ENI). This is a common practice in acces", + "code":"275", + "des":"In Cloud Native Network 2.0, each pod is assigned a VPC network interface with a static IP address. This is particularly applicable to StatefulSet pods. This practice is ", "doc_type":"usermanual2", "kw":"Configuring a Static IP Address for a Pod,Cloud Native Network 2.0 Settings,User Guide", "search_title":"", @@ -4662,8 +4968,8 @@ "uri":"cce_10_0734.html", "node_id":"cce_10_0734.xml", "product_code":"cce", - "code":"259", - "des":"In Cloud Native Network 2.0, pods use VPC ENIs or sub-ENIs for networking. You can directly bind EIPs to pods.To associate an EIP with a pod, simply set the value of the ", + "code":"276", + "des":"In Cloud Native Network 2.0, pods use VPC elastic network interfaces or supplementary network interfaces for networking. You can directly bind and EIPs to pods.To associa", "doc_type":"usermanual2", "kw":"Configuring an EIP for a Pod,Cloud Native Network 2.0 Settings,User Guide", "search_title":"", @@ -4680,7 +4986,7 @@ "uri":"cce_10_0651.html", "node_id":"cce_10_0651.xml", "product_code":"cce", - "code":"260", + "code":"277", "des":"In Cloud Native Network 2.0, static public IP addresses (EIPs) can be assigned to StatefulSets or pods created directly.You can configure a static EIP for a pod only in C", "doc_type":"usermanual2", "kw":"static EIPs,Configuring a Static EIP for a Pod,Cloud Native Network 2.0 Settings,User Guide", @@ -4698,10 +5004,10 @@ "uri":"cce_10_0604.html", "node_id":"cce_10_0604.xml", "product_code":"cce", - "code":"261", - "des":"By default, pods with IPv6 dual-stack ENIs can access only the IPv6 private network. To access the public network, configure shared bandwidth for such pods.Only CCE Turbo", + "code":"278", + "des":"By default, pods with IPv6 dual-stack network interfaces can access only the IPv6 private network. To access the public network, configure shared bandwidth for such pods.", "doc_type":"usermanual2", - "kw":"Configuring Shared Bandwidth for a Pod with IPv6 Dual-Stack ENIs,Cloud Native Network 2.0 Settings,U", + "kw":"Configuring Shared Bandwidth for a Pod with IPv6 Dual-Stack Network Interfaces,Cloud Native Network ", "search_title":"", "metedata":[ { @@ -4709,14 +5015,119 @@ "documenttype":"usermanual" } ], - "title":"Configuring Shared Bandwidth for a Pod with IPv6 Dual-Stack ENIs", + "title":"Configuring Shared Bandwidth for a Pod with IPv6 Dual-Stack Network Interfaces", + "githuburl":"" + }, + { + "uri":"cce_10_1077.html", + "node_id":"cce_10_1077.xml", + "product_code":"cce", + "code":"279", + "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "doc_type":"usermanual2", + "kw":"Configuring a Security Group for a Workload in a CCE Turbo Cluster", + "search_title":"", + "metedata":[ + { + + } + ], + "title":"Configuring a Security Group for a Workload in a CCE Turbo Cluster", + "githuburl":"" + }, + { + "uri":"cce_10_1078.html", + "node_id":"cce_10_1078.xml", + "product_code":"cce", + "code":"280", + "des":"In CCE Turbo clusters, pods can be directly bound to security groups using VPC network interfaces or supplementary network interfaces. CCE Turbo provides multi-dimensiona", + "doc_type":"usermanual2", + "kw":"Comparison of Workload Security Group Configuration Methods,Configuring a Security Group for a Workl", + "search_title":"", + "metedata":[ + { + + } + ], + "title":"Comparison of Workload Security Group Configuration Methods", + "githuburl":"" + }, + { + "uri":"cce_10_0897.html", + "node_id":"cce_10_0897.xml", + "product_code":"cce", + "code":"281", + "des":"In cloud native network 2.0, pods use VPC network interfaces or supplementary network interfaces for networking, which allow you to configure security groups. You can bin", + "doc_type":"usermanual2", + "kw":"Binding a Security Group to a Pod Using an Annotation,Configuring a Security Group for a Workload in", + "search_title":"", + "metedata":[ + { + "prodname":"cce", + "documenttype":"usermanual" + } + ], + "title":"Binding a Security Group to a Pod Using an Annotation", + "githuburl":"" + }, + { + "uri":"cce_10_0288.html", + "node_id":"cce_10_0288.xml", + "product_code":"cce", + "code":"282", + "des":"In Cloud Native Network 2.0, pods use VPC elastic network interfaces or supplementary network interfaces for networking. You can directly bind security groups and EIPs to", + "doc_type":"usermanual2", + "kw":"Binding a Security Group to a Workload Using a Security Group Policy,Configuring a Security Group fo", + "search_title":"", + "metedata":[ + { + "prodname":"cce", + "documenttype":"usermanual" + } + ], + "title":"Binding a Security Group to a Workload Using a Security Group Policy", + "githuburl":"" + }, + { + "uri":"cce_10_1079.html", + "node_id":"cce_10_1079.xml", + "product_code":"cce", + "code":"283", + "des":"In Cloud Native Network 2.0, pods can be directly bound to security groups using VPC network interfaces or supplementary network interfaces. CCE Turbo allows you to confi", + "doc_type":"usermanual2", + "kw":"Using Node Pool Settings to Bind the Default Security Group to Pods in the Node Pool,Configuring a S", + "search_title":"", + "metedata":[ + { + + } + ], + "title":"Using Node Pool Settings to Bind the Default Security Group to Pods in the Node Pool", + "githuburl":"" + }, + { + "uri":"cce_10_0196.html", + "node_id":"cce_10_0196.xml", + "product_code":"cce", + "code":"284", + "des":"In a CCE Turbo cluster, you can configure subnets and security groups for containers by namespace or workload using NetworkAttachmentDefinition CRDs. To configure a parti", + "doc_type":"usermanual2", + "kw":"Binding a Subnet and Security Group to a Namespace or Workload Using a Container Network Configurati", + "search_title":"", + "metedata":[ + { + "prodname":"cce", + "documenttype":"usermanual" + } + ], + "title":"Binding a Subnet and Security Group to a Namespace or Workload Using a Container Network Configuration", "githuburl":"" }, { "uri":"cce_10_0904.html", "node_id":"cce_10_0904.xml", "product_code":"cce", - "code":"262", + "code":"285", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual2", "kw":"VPC Network Settings", @@ -4734,7 +5145,7 @@ "uri":"cce_10_0283.html", "node_id":"cce_10_0283.xml", "product_code":"cce", - "code":"263", + "code":"286", "des":"The VPC network model seamlessly combines VPC routing with the underlying network, making it ideal for high-performance scenarios. However, the maximum number of nodes al", "doc_type":"usermanual2", "kw":"VPC Network Model,VPC Network Settings,User Guide", @@ -4752,10 +5163,10 @@ "uri":"cce_10_0680.html", "node_id":"cce_10_0680.xml", "product_code":"cce", - "code":"264", + "code":"287", "des":"If the container CIDR block configured during CCE cluster creation cannot meet service expansion requirements, you can add a container CIDR block for the cluster.This fun", "doc_type":"usermanual2", - "kw":"Adding a Container CIDR Block for a Cluster,VPC Network Settings,User Guide", + "kw":"Expanding the Container CIDR Block of a Cluster That Uses a VPC Network,VPC Network Settings,User Gu", "search_title":"", "metedata":[ { @@ -4763,14 +5174,14 @@ "documenttype":"usermanual" } ], - "title":"Adding a Container CIDR Block for a Cluster", + "title":"Expanding the Container CIDR Block of a Cluster That Uses a VPC Network", "githuburl":"" }, { "uri":"cce_10_0677.html", "node_id":"cce_10_0677.xml", "product_code":"cce", - "code":"265", + "code":"288", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual2", "kw":"Tunnel Network Settings", @@ -4788,8 +5199,8 @@ "uri":"cce_10_0282.html", "node_id":"cce_10_0282.xml", "product_code":"cce", - "code":"266", - "des":"A container tunnel network creates a separate network plane for containers by using tunnel encapsulation on the host network plane. The container tunnel network of a CCE ", + "code":"289", + "des":"A container tunnel network creates a separate network plane for containers by using tunnel encapsulation on the host network plane. This network model uses VXLAN for tunn", "doc_type":"usermanual2", "kw":"Tunnel Network Model,Tunnel Network Settings,User Guide", "search_title":"", @@ -4806,7 +5217,7 @@ "uri":"cce_10_0675.html", "node_id":"cce_10_0675.xml", "product_code":"cce", - "code":"267", + "code":"290", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual2", "kw":"Pod Network Settings", @@ -4824,8 +5235,8 @@ "uri":"cce_10_0402.html", "node_id":"cce_10_0402.xml", "product_code":"cce", - "code":"268", - "des":"Kubernetes allows pods to directly use the host/node network. When a pod is configured with hostNetwork: true, applications running in the pod can directly view the netwo", + "code":"291", + "des":"Generally, containers in a pod use the network set up using Kubernetes network plugins. These plugins ensure network communications between pods. However, you may need to", "doc_type":"usermanual2", "kw":"Configuring hostNetwork for Pods,Pod Network Settings,User Guide", "search_title":"", @@ -4842,7 +5253,7 @@ "uri":"cce_10_0382.html", "node_id":"cce_10_0382.xml", "product_code":"cce", - "code":"269", + "code":"292", "des":"Bandwidth preemption occurs between different containers deployed on the same node, which may cause service jitter. You can configure bandwidth limitation for the pod to ", "doc_type":"usermanual2", "kw":"Configuring QoS for a Pod,Pod Network Settings,User Guide", @@ -4860,8 +5271,8 @@ "uri":"cce_10_0059.html", "node_id":"cce_10_0059.xml", "product_code":"cce", - "code":"270", - "des":"Network policies are designed by Kubernetes to restrict pod access. It is equivalent to a firewall at the application layer to enhance network security. The capabilities ", + "code":"293", + "des":"Network policies are designed by Kubernetes to restrict pod access. Like a firewall at the application layer, network policies enhance network security. The capabilities ", "doc_type":"usermanual2", "kw":"Configuring Network Policies to Restrict Pod Access,Pod Network Settings,User Guide", "search_title":"", @@ -4878,8 +5289,8 @@ "uri":"cce_10_0945.html", "node_id":"cce_10_0945.xml", "product_code":"cce", - "code":"271", - "des":"DataPlane V2 can be enabled for clusters that use Cloud Native 2.0 networks. After this function is enabled, eBPF redirection will be enabled for the capability of networ", + "code":"294", + "des":"DataPlane V2 can be enabled for clusters that use VPC networks or Cloud Native 2.0 networks. Once enabled, eBPF redirection is supported, which allows the use of network ", "doc_type":"usermanual2", "kw":"DataPlane V2 Network Acceleration,Pod Network Settings,User Guide", "search_title":"", @@ -4896,10 +5307,10 @@ "uri":"cce_10_0247.html", "node_id":"cce_10_0247.xml", "product_code":"cce", - "code":"272", + "code":"295", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual2", - "kw":"Service", + "kw":"Services", "search_title":"", "metedata":[ { @@ -4907,17 +5318,17 @@ "documenttype":"usermanual" } ], - "title":"Service", + "title":"Services", "githuburl":"" }, { "uri":"cce_10_0249.html", "node_id":"cce_10_0249.xml", "product_code":"cce", - "code":"273", - "des":"After a pod is created, accessing it directly can result in certain problems:The pod can be deleted and recreated at any time by a controller such as a Deployment. If the", + "code":"296", + "des":"In Kubernetes, a Service makes an application running on a set of pods network-accessible. It provides a consistent DNS name for these pods and distributes traffic across", "doc_type":"usermanual2", - "kw":"Overview,Service,User Guide", + "kw":"kube-proxy,iptables,IPVS,Service Overview,Services,User Guide", "search_title":"", "metedata":[ { @@ -4925,17 +5336,17 @@ "documenttype":"usermanual" } ], - "title":"Overview", + "title":"Service Overview", "githuburl":"" }, { "uri":"cce_10_0011.html", "node_id":"cce_10_0011.xml", "product_code":"cce", - "code":"274", - "des":"ClusterIP Services allow workloads in the same cluster to use their cluster-internal domain names to access each other.The cluster-internal domain name format is

Solution

Do not run an untrusted container image in the cluster before the vulnerabilities are fixed.

-

CCE will release a new version of the add-on to fix these vulnerabilities. For details, see CCE AI Suite (NVIDIA GPU) Release History.

+

CCE has released a new version of the CCE AI Suite (NVIDIA GPU) add-on to fix these vulnerabilities. Upgrade the add-on to the fixed version. For details, see CCE AI Suite (NVIDIA GPU) Release History.

Helpful Links

NVIDIA Container Toolkit Security Bulletin: https://nvidia.custhelp.com/app/answers/detail/a_id/5659

diff --git a/docs/cce/umn/cce_01_0300.html b/docs/cce/umn/cce_01_0300.html index 64e8fb822..182de047c 100644 --- a/docs/cce/umn/cce_01_0300.html +++ b/docs/cce/umn/cce_01_0300.html @@ -8,7 +8,16 @@ -

2025-07-25

+

2025-09-12

+ +

Add:

+ +

Update:

+ + + +

2025-07-25

Added Notice of the NVIDIA Container Toolkit Container Escape Vulnerabilities (CVE-2025-23266 and CVE-2025-23267).

@@ -48,7 +57,7 @@

2025-03-31

Update:

- +

2025-03-10

diff --git a/docs/cce/umn/cce_10_0003.html b/docs/cce/umn/cce_10_0003.html index 918af2b25..1663fcf25 100644 --- a/docs/cce/umn/cce_10_0003.html +++ b/docs/cce/umn/cce_10_0003.html @@ -4,11 +4,11 @@

Scenario

You can reset a node to modify the node configuration, such as the node OS and login mode.

Resetting a node will reinstall the node OS and the Kubernetes software on the node. If a node is unavailable because you modify the node configuration, you can reset the node to rectify the fault.

-

Notes and Constraints

  • To enable node resetting in CCE standard clusters or CCE Turbo clusters, the version must be v1.13 or later.
+

Notes and Constraints

  • Node resetting in CCE standard clusters or CCE Turbo clusters is supported for cluster versions v1.13 and later.
-

Precautions

  • Only worker nodes can be reset. If the node is still unavailable after the resetting, delete the node and create a new one.
  • After a node is reset, the node OS will be reinstalled. Before resetting a node, drain the node to gracefully evict the pods running on the node to other available nodes. Perform this operation during off-peak hours.
  • After a node is reset, its system disk and data disks will be cleared. Back up important data before resetting a node.
  • If you reset a worker node that has an additional data disk attached on the ECS console, the attachment will be removed. To keep the data, you need to reattach the disk.
  • The IP addresses of the workload pods on the node will change, but the container network access is not affected.
  • There is remaining EVS disk quota.
  • When a node is reset, the backend will make it unschedulable.
  • Resetting a node will clear the Kubernetes labels and taints you added (those added by editing a node pool will not be lost). As a result, node-specific resources (such as local storage and workloads scheduled to this node) may be unavailable.
  • Resetting a node will cause PVC/PV data loss for the local PV associated with the node. These PVCs and PVs cannot be restored or used again. In this scenario, the pod that uses the local PV is evicted from the node. A new pod is created and stays in the pending state. This is because the PVC used by the pod has a node label, due to which the pod cannot be scheduled. After the node is reset, the pod may be scheduled to the reset node. In this case, the pod remains in the creating state because the underlying logical volume corresponding to the PVC does not exist.
+

Precautions

  • Only worker nodes can be reset. If the node is still unavailable after the resetting, delete the node and create a new one.
  • After a node is reset, its OS will be reinstalled. Before resetting a node, drain it to gracefully evict the pods running on the node to other available nodes. Perform this operation during off-peak hours. If pods remain when the node is reset, CCE will evict them. If a Pod Disruption Budget (PDB) policy is configured for your pods, they may fail to be evicted. In this case, the node will be forcibly reset after a period of time.
  • After a node is reset, its system disk and data disks will be cleared. Back up important data before resetting a node.
  • If an ECS node has a raw data disk attached (not using LVM), detach it before resetting the node. After resetting, the original attachment information will be cleared. Re-attach the disk to the ECS node to retain the data.
  • The IP addresses of the workload pods on the node will change, but the container network access is not affected.
  • There is remaining EVS disk quota.
  • When a node is reset, the backend will make it unschedulable.
  • Resetting a node will clear the Kubernetes labels and taints you added (those added by editing a node pool will not be lost). As a result, node-specific resources (such as local storage and workloads scheduled to this node) may be unavailable.
  • Resetting a node will cause PVC/PV data loss for the local PV associated with the node. These PVCs and PVs cannot be restored or used again. In this scenario, the pod that uses the local PV is evicted from the node. A new pod is created and stays in the pending state. This is because the PVC used by the pod has a node label, due to which the pod cannot be scheduled. After the node is reset, the pod may be scheduled to the reset node. In this case, the pod remains in the creating state because the underlying logical volume corresponding to the PVC does not exist.
-

Resetting Nodes in the Default Pool

  1. Log in to the CCE console and click the cluster name to access the cluster console.
  2. In the navigation pane, choose Nodes. On the displayed page, click the Nodes tab.
  3. In the node list of the default pool, select one or more nodes to be reset and choose More > Reset Node in the Operation column.
  4. In the displayed dialog box, click Next.
  5. Specify node parameters.

    Compute Settings +

    Resetting Nodes in the Default Pool

    1. Log in to the CCE console and click the cluster name to access the cluster console.
    2. In the navigation pane, choose Nodes. On the displayed page, click the Nodes tab.
    3. In the node list of the default pool, select one or more nodes to be reset and choose More > Reset Node in the Operation column.
    4. In the displayed dialog box, click Next.
    5. Specify node parameters.

      Compute Settings
      - @@ -112,14 +112,16 @@ - - @@ -130,7 +132,7 @@

      Resetting Nodes in a Node Pool

      • When resetting a node in a node pool, you can only change its storage configuration. All other configurations will follow the settings of the node pool.
      • Resetting a node will execute the pre- and post-installation scripts in the current node pool and update the security group configurations to those of the node pool.
      -
      1. Log in to the CCE console and click the cluster name to access the cluster console.
      2. In the navigation pane, choose Nodes. On the displayed page, click the Nodes tab.
      3. In the node list of the target node pool, select a node to be reset and choose More > Reset Node in the Operation column.
      4. Modify the node storage parameters.

        +

        1. Log in to the CCE console and click the cluster name to access the cluster console.
        2. In the navigation pane, choose Nodes. On the displayed page, click the Nodes tab.
        3. In the node list of the target node pool, select a node to be reset and choose More > Reset Node in the Operation column.
        4. Modify the node storage parameters.

      Table 1 Configuration parameters

      Parameter

      Description

      @@ -67,9 +67,9 @@

      Data Disk

      • At least one default data disk must be added for storing container runtime and kubelet components if System Component Storage is set to Data Disk. This data disk cannot be deleted or detached. Otherwise, the node will be unavailable. This function is available for clusters of a version earlier than v1.23.18-r0, v1.25.13-r0, v1.27.10-r0, v1.28.8-r0, or v1.29.4-r0.
      • If System Component Storage is set to System Disk, you do not need to add a default data disk. In this case, all data disks are common ones: You can set the data disk size to a value ranging from 10 GiB to 32768 GiB. The default value is 100 GiB. This function is available for clusters of v1.23.18-r0, v1.25.13-r0, v1.27.10-r0, v1.28.8-r0, v1.29.4-r0, or later versions.
      +
      • At least one default data disk must be added for storing container runtime and kubelet components if System Component Storage is set to Data Disk. This data disk cannot be deleted or detached. Otherwise, the node will be unavailable.
      • If System Component Storage is set to System Disk, you do not need to add a default data disk. In this case, all data disks are common ones: You can set the data disk size to a value ranging from 10 GiB to 32768 GiB. The default value is 100 GiB. This function is available for clusters of v1.23.18-r0, v1.25.13-r0, v1.27.10-r0, v1.28.8-r0, v1.29.4-r0, or later versions.

      Click Expand to configure Data Disk Space Allocation. This allocates space for container engines, images, and ephemeral storage to ensure their proper running. For details about how to allocate data disk space, see Space Allocation of a Data Disk.

      -

      For other data disks, a raw disk is created without any processing by default. You can also click Expand and select Mount Disk to mount the data disk to a specified directory. Data disks can also be used as local PVs or local EVs.

      +

      For other data disks, a raw disk is created without any processing by default. You can also click Expand and select Mount Disk to mount the data disk to a specified directory.

      Pre-installation Command

      Installation script command, in which Chinese characters are not allowed. The script command will be Base64-transcoded. The characters of both the pre-installation and post-installation scripts are centrally calculated, and the total number of characters after transcoding cannot exceed 10240.

      +

      Installation script command. The script command will be Base64-transcoded. The characters of both the pre-installation and post-installation scripts are centrally calculated, and the total number of characters after transcoding cannot exceed 10240.

      The script will be executed before Kubernetes software is installed. Note that if the script is incorrect, Kubernetes software may fail to be installed.

      Post-installation Command

      Installation script command, in which Chinese characters are not allowed. The script command will be Base64-transcoded. The characters of both the pre-installation and post-installation scripts are centrally calculated, and the total number of characters after transcoding cannot exceed 10240.

      -

      The script will be executed after Kubernetes software is installed, which does not affect the installation.

      +

      Installation script command. The script command will be Base64-transcoded. The characters of both the pre-installation and post-installation scripts are centrally calculated, and the total number of characters after transcoding cannot exceed 10240.

      +
      The script will be executed after Kubernetes software is installed, which does not affect the installation. During post-installation script execution, pods can be scheduled normally. However, if the script execution times out, node installation will fail. To prevent pods from being scheduled to nodes with incomplete script execution, enable the option to schedule pods only after the post-installation script execution completes.
      CAUTION:

      Do not use the reboot command in the post-installation script to restart the system immediately. Instead, use the shutdown -r 1 command to restart the system with a one-minute delay.

      +
      +
      - @@ -94,7 +94,7 @@
      Table 4 Configuration parameters

      Parameter

      Description

      diff --git a/docs/cce/umn/cce_10_0004.html b/docs/cce/umn/cce_10_0004.html index d0603b5f5..a95557391 100644 --- a/docs/cce/umn/cce_10_0004.html +++ b/docs/cce/umn/cce_10_0004.html @@ -29,7 +29,7 @@

      New: node.kubernetes.io/baremetal

      Old: failure-domain.beta.kubernetes.io/is-baremetal

      Whether the node is a bare metal node

      +

      Whether it is a bare metal node

      false indicates that the node is not a bare metal node.
      -

      Adding or Deleting a Node Label

      1. Log in to the CCE console and click the cluster name to access the cluster console.
      2. In the navigation pane, choose Nodes. On the displayed page, click the Nodes tab, select the target node and click Labels and Taints in the upper left corner.
      3. In the displayed dialog box, click Add operation under Batch Operation, and then choose Add/Update or Delete.

        Enter the key and value of the label to be added or deleted, and click OK.

        +

        Adding or Deleting a Node Label

        1. Log in to the CCE console and click the cluster name to access the cluster console.
        2. In the navigation pane, choose Nodes. On the displayed page, click the Nodes tab, select the target node and click Labels and Taints in the upper left corner.
        3. In the displayed dialog box, click Add operation under Batch Operation, and then choose Add/Update or Delete.

          Enter the key and value of the label to be added or deleted, and click OK.

          For example, the key is deploy_qa and the value is true, indicating that the node is used to deploy the QA (test) environment.

        4. After the label is added, check the added label in node data.
        diff --git a/docs/cce/umn/cce_10_0006.html b/docs/cce/umn/cce_10_0006.html index 428e6f516..9c0e119a6 100644 --- a/docs/cce/umn/cce_10_0006.html +++ b/docs/cce/umn/cce_10_0006.html @@ -1,6 +1,6 @@ -

        Overview

        +

        Workload Overview

        A workload is an application running on Kubernetes. No matter how many components are there in your workload, you can run it in a group of Kubernetes pods. A workload is an abstract model of a group of pods in Kubernetes. Workloads in Kubernetes are classified as Deployments, StatefulSets, DaemonSets, jobs, and cron jobs.

        CCE provides Kubernetes-native container deployment and management and supports lifecycle management of container workloads, including creation, configuration, monitoring, auto scaling, upgrade, uninstall, service discovery, and load balancing.

        Overview of Pods

        Pods are the smallest unit that you can create or deploy in Kubernetes. Each pod comprises one or more containers, shared storage (volumes), a unique IP address, and container runtime policies.

        diff --git a/docs/cce/umn/cce_10_0007.html b/docs/cce/umn/cce_10_0007.html index 58a09e8bc..f07fbe6c8 100644 --- a/docs/cce/umn/cce_10_0007.html +++ b/docs/cce/umn/cce_10_0007.html @@ -1,7 +1,7 @@

        Managing Workloads

        -

        Scenario

        After a workload is created, you can upgrade, log, monitor, roll back, or delete the workload, as well as edit its YAML file. +

        Scenario

        After a workload is created, you can upgrade it, edit its YAML file, view logs and monitoring data, roll it back, and delete it.
        -
        Table 1 Workload/Job management

        Operation

        Description

        @@ -10,7 +10,7 @@

        Monitor

        You can view the CPU and memory usage of workloads and pods on the CCE console.

        +

        You can view the CPU and memory usage of workloads and pods on the CCE console to determine the resource specifications you may need.

        View Log

        @@ -71,52 +71,52 @@

        Monitoring a Workload

        You can view the CPU and memory usage of Deployments and pods on the CCE console to determine the resource specifications you may need. This section uses a Deployment as an example to describe how to monitor a workload.

        -
        1. Log in to the CCE console, go to an existing cluster, and choose Workloads in the navigation pane.
        2. Click the Deployments tab and click Monitor of the target workload. On the page that is displayed, you can view CPU usage and memory usage of the workload.
        3. Click the workload name. On the Pods tab page, click the Monitor of the target pod to view its CPU and memory usage.
        +
        1. Log in to the CCE console, go to the console of an existing cluster, and choose Workloads in the navigation pane.
        2. Click the Deployments tab and click Monitor of the target workload. On the page that is displayed, you can view CPU usage and memory usage of the workload.
        3. Click the workload name. On the Pods tab page, click the Monitor of the target pod to view its CPU and memory usage.

        Viewing Logs

        You can view logs of Deployments, StatefulSets, DaemonSets, and jobs. This section uses a Deployment as an example to describe how to view logs.

        Before viewing logs, ensure that the time of the browser is the same as that on the backend server.

        -
        1. Log in to the CCE console, go to an existing cluster, and choose Workloads in the navigation pane.
        2. Click the Deployments tab and click View Log of the target workload.

          In the displayed View Log window, you can view logs.

          +
          1. Log in to the CCE console, go to the console of an existing cluster, and choose Workloads in the navigation pane.
          2. Click the Deployments tab and click View Log of the target workload.

            In the displayed View Log window, you can view logs.

            The displayed logs are standard output logs of containers and do not have persistence and advanced O&M capabilities. To use more comprehensive log capabilities, see Logs. If the function of collecting standard output is enabled for the workload (enabled by default), you can go to AOM to view more workload logs. For details, see Collecting Container Logs Using ICAgent.

        Upgrading a Workload

        You quickly upgrade Deployments, StatefulSets, and DaemonSets on the CCE console.

        This section uses a Deployment as an example to describe how to upgrade a workload.

        -

        Before replacing an image or image version, upload the new image to the SWR service.

        -
        1. Log in to the CCE console, go to an existing cluster, and choose Workloads in the navigation pane.
        2. Click the Deployments tab and click Upgrade of the target workload.

          • Workloads cannot be upgraded in batches.
          • Before performing an in-place StatefulSet upgrade, you must manually delete old pods. Otherwise, the upgrade status is always displayed as Processing.
          +

          Before replacing an image or image tag, upload the new image to the SWR service.

          +
          1. Log in to the CCE console,go to the console of an existing cluster, and choose Workloads in the navigation pane.
          2. Click the Deployments tab and click Upgrade of the target workload.

            • Workloads cannot be upgraded in batches.
            • Before performing an in-place StatefulSet upgrade, you must manually delete old pods. Otherwise, the upgrade status is always displayed as Processing.

          3. Upgrade the workload based on service requirements. The method for setting parameter is the same as that for creating a workload.
          4. After the update is complete, click Upgrade Workload, manually confirm the YAML file, and submit the upgrade.

          Editing a YAML file

          You can modify and download YAML files of Deployments, StatefulSets, DaemonSets, CronJobs, and pods on the CCE console. YAML files of jobs can only be viewed, copied, and downloaded. This section uses a Deployment as an example to describe how to edit the YAML file.

          -
          1. Log in to the CCE console, go to an existing cluster, and choose Workloads in the navigation pane.
          2. Click the Deployments tab and choose More > Edit YAML in the Operation column of the target workload. In the dialog box that is displayed, modify the YAML file.
          3. Click OK.
          4. (Optional) In the Edit YAML window, click Download to download the YAML file.
          +
          1. Log in to the CCE console, go to the console of an existing cluster, and choose Workloads in the navigation pane.
          2. Click the Deployments tab and choose More > Edit YAML in the Operation column of the target workload. In the dialog box that is displayed, modify the YAML file.
          3. Click OK.
          4. (Optional) In the Edit YAML window, click Download to download the YAML file.

          Rolling Back a Workload (Available Only for Deployments)

          CCE records the release history of all Deployments. You can roll back a Deployment to a specified version.

          -
          1. Log in to the CCE console, go to an existing cluster, and choose Workloads in the navigation pane.
          2. Click the Deployments tab and choose More > Roll Back in the Operation column of the target workload.
          3. Switch to the Change History tab page, click Roll Back to This Version of the target version, manually confirm the YAML file, and click OK.
          +
          1. Log in to the CCE console, go to the console of an existing cluster, and choose Workloads in the navigation pane.
          2. Click the Deployments tab and choose More > Roll Back in the Operation column of the target workload.
          3. Switch to the Change History tab page, click Roll Back to This Version of the target version, manually confirm the YAML file, and click OK.

          Redeploying a Workload

          After you redeploy a workload, all pods in the workload will be restarted. This section uses Deployments as an example to illustrate how to redeploy a workload.

          -
          1. Log in to the CCE console, go to an existing cluster, and choose Workloads in the navigation pane.
          2. Click the Deployments tab and choose More > Redeploy in the Operation column of the target workload.
          3. In the dialog box that is displayed, click Yes to redeploy the workload.
          +
          1. Log in to the CCE console, go to the console of an existing cluster, and choose Workloads in the navigation pane.
          2. Click the Deployments tab and choose More > Redeploy in the Operation column of the target workload.
          3. In the dialog box that is displayed, click Yes to redeploy the workload.

          Disabling/Enabling Upgrade (Available Only for Deployments)

          Only Deployments support this operation.

          • After the upgrade is disabled, the upgrade command can be delivered but will not be applied to the pods.

            If you are performing a rolling upgrade, the rolling upgrade stops after the disabling upgrade command is delivered. In this case, the new and old pods co-exist.

          • After the upgrade is enabled, a Deployment can be upgraded or rolled back. Its pods will inherit the latest updates of the Deployment. If they are inconsistent, the pods will be upgraded automatically according to the latest information of the Deployment.

          Deployments in the disable upgrade state cannot be rolled back.

          -
          1. Log in to the CCE console, go to an existing cluster, and choose Workloads in the navigation pane.
          2. Click the Deployments tab and choose More > Disable/Enable Upgrade in the Operation column of the workload.
          3. In the dialog box that is displayed, click Yes.
          +
          1. Log in to the CCE console, go to the console of an existing cluster, and choose Workloads in the navigation pane.
          2. Click the Deployments tab and choose More > Disable/Enable Upgrade in the Operation column of the workload.
          3. In the dialog box that is displayed, click Yes.
          -

          Managing Labels

          Labels are key-value pairs and can be attached to workloads. You can manage and select workloads by labels. You can add labels to multiple workloads or a specified workload.

          -
          1. Log in to the CCE console, go to an existing cluster, and choose Workloads in the navigation pane.
          2. Click the Deployments tab and choose More > Manage Label in the Operation column of the target workload.
          3. Click , enter a key and a value, and click OK.

            A key-value pair must contain 1 to 63 characters starting and ending with a letter or digit. Only letters, digits, hyphens (-), underscores (_), and periods (.) are allowed.

            +

            Managing Labels

            Labels are key-value pairs and can be attached to workloads. You can manage and select workloads by labels. You can add labels to multiple workloads or a specified workload.

            +
            1. Log in to the CCE console, go to the console of an existing cluster, and choose Workloads in the navigation pane.
            2. Click the Deployments tab and choose More > Manage Label in the Operation column of the target workload.
            3. Click , enter a key and a value, and click OK.

              A key-value pair must contain 1 to 63 characters starting and ending with a letter or digit. Only letters, digits, hyphens (-), underscores (_), and periods (.) are allowed.

            Deleting a Workload/Job

            You can delete a workload or job that is no longer needed. Deleted workloads or jobs cannot be recovered. This section uses a Deployment as an example to describe how to delete a workload.

            -
            1. Log in to the CCE console, go to an existing cluster, and choose Workloads in the navigation pane.
            2. In the same row as the workload you will delete, choose Operation > More > Delete.

              Read the system prompts carefully. A workload cannot be recovered after it is deleted. Exercise caution when performing this operation.

              +
              1. Log in to the CCE console, go to the console of an existing cluster, and choose Workloads in the navigation pane.
              2. In the same row as the workload you will delete, choose Operation > More > Delete.

                Read the system prompts carefully. A workload cannot be recovered after it is deleted. Exercise caution when performing this operation.

              3. Click Yes.

                • If the node where the pod is located is unavailable or shut down and the workload cannot be deleted, you can forcibly delete the pod from the pod list on the workload details page.
                • Ensure that the storage volumes to be deleted are not used by other workloads. If these volumes are imported or have snapshots, you can only unbind them.

            Events

            This section uses a Deployment as an example to describe how to view events of a workload. To view the event of a job or CronJob, click View Event in the Operation column of the target workload.

            -
            1. Log in to the CCE console, go to an existing cluster, and choose Workloads in the navigation pane.
            2. On the Deployments tab page, click the target workload. In the Pods tab page, click the View Events to view the event name, event type, number of occurrences, Kubernetes event, first occurrence time, and last occurrence time.

              Event data will be retained for one hour and then automatically deleted.

              +
              1. Log in to the CCE console, go to the console of an existing cluster, and choose Workloads in the navigation pane.
              2. On the Deployments tab page, click the target workload. In the Pods tab page, click the View Events to view the event name, event type, number of occurrences, Kubernetes event, first occurrence time, and last occurrence time.

                Event data will be retained for one hour and then automatically deleted.

              diff --git a/docs/cce/umn/cce_10_0009.html b/docs/cce/umn/cce_10_0009.html index a6e865329..16668e56c 100644 --- a/docs/cce/umn/cce_10_0009.html +++ b/docs/cce/umn/cce_10_0009.html @@ -1,30 +1,145 @@

              Using Third-Party Images

              -

              Scenario

              CCE allows you to create workloads using images pulled from third-party image repositories.

              -

              Generally, a third-party image repository can be accessed only after authentication (using your account and password). CCE uses the secret-based authentication to pull images. Therefore, create a secret for an image repository before pulling images from the repository.

              +

              Third-party images are container images provided by organizations or individuals other than the official image repository and SWR image repository. These images typically contain custom applications, tools, or specific versions of OSs to meet particular service requirements. In a CCE standard or Turbo cluster, you can create workloads using third-party images pulled through secret authentication. For more information, see Images | Kubernetes.

              +

              Prerequisites

              If third-party images are used, the CCE standard or Turbo cluster must be able to access the network environment where the third-party image repository is deployed. The network access types include:

              +
              • Intranet: If the third-party image repository supports intranet access, consider the following scenarios:
                • If the third-party image repository is in the same VPC as the cluster, pods can directly pull images over the intranet without additional configurations.
                • If the third-party image repository and the cluster are in different VPCs in the same region, you can use a VPC peering connection to enable network connectivity between the two VPCs. Pods can then directly pull images over the intranet.
                +
              • Internet: If the third-party image repository is accessible over the Internet, pods can pull images directly. In this case, ensure the pods can access the Internet using one of the following methods:

                Ensure sufficient bandwidth when pulling images over the Internet. Insufficient bandwidth may cause slow or failed image pulls.

                +
                +
                • In a standard or Turbo cluster, configure an SNAT rule to enable all pods in the cluster to access the Internet. After the configuration, pods can pull images directly over the Internet. For details, see Accessing the Internet from a Container.
                • In a standard cluster, bind an EIP to the node running the workload. This allows all workloads on that node to access the Internet.
                +
              • Direct Connect or VPN: To use images from an on-premises image repository, use Direct Connect or VPN to connect the on-premises network to the cluster's VPC. Once the network environment is connected to the VPC, no additional configuration is needed.
              -

              Prerequisites

              The node where the workload is running is accessible from public networks.

              +

              Using the Console

              To create a secret on the console and pull a third-party image to create a workload, follow these steps.

              +
              1. Create a cluster secret to authenticate and pull images from a third-party repository if authentication is required.

                1. Log in to the CCE console.
                2. Click the name of the target cluster to access the cluster.
                3. In the navigation pane, choose ConfigMaps and Secrets. On the Secrets tab, click Create Secret.
                4. In the Create Secret dialog box, configure parameters based on Table 1. For more details, see Creating a Secret.
                +

                + +
                + + + + + + + + + + + + + + + + + +
                Table 1 Parameters for creating a secret

                Parameter

                +

                Example Value

                +

                Description

                +

                Name

                +

                test

                +

                Name for the secret.

                +

                Enter up to 253 characters, starting and ending with a lowercase letter or digit. Only lowercase letters, digits, hyphens (-), and periods (.) are allowed.

                +

                Secret Type

                +

                kubernetes.io/dockerconfigjson

                +

                Type of the secret.

                +

                The value is fixed at kubernetes.io/dockerconfigjson, indicating that the secret is used for authentication when third-party images are pulled.

                +

                Data

                +

                Image Repository Address: www.example.com

                +

                Username: ssl

                +

                Password: xxx

                +
                • Image Repository Address: Enter the address of the third-party image repository.
                • Username: Enter the username for accessing the third-party image repository.
                • Password: Enter the password for accessing the third-party image repository.
                +
                -

                Using the Console

                1. Create a secret for accessing a third-party image repository.

                  Click the cluster name to access the cluster console. In the navigation pane, choose ConfigMaps and Secrets. On the Secrets tab page, click Create Secret in the upper right corner. Set Secret Type to kubernetes.io/dockerconfigjson. For details, see Creating a Secret.

                  -

                  Enter the username and password used to access the third-party image repository.

                  -

                2. When creating a workload, enter a private image path in the format of domainname/namespace/imagename:tag in Image Name and select the key created in 1.
                3. Set other parameters and click Create Workload.
                +

              2. In the navigation pane, choose Workloads. In the upper right corner of the displayed page, click Create Workload. On the Create Workload page, set Image Name (Container Settings > Container Information > Basic Info) to the third-party image path. Select the secret created in 1 for Image Access Credential.

                If you do not specify a domain name when entering a third-party image address, for example, nginx:latest, the image will be pulled from docker.io by default. To specify the default image pull address, configure the Modify Image Repository Configuration parameter in the container engine configuration of the node pool.

                +
                +

                +

              3. Configure other parameters and click Create Workload. If the workload status is Running, the third-party image has been pulled.
              -

              Using kubectl

              1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
              2. Use kubectl to create a secret of the kubernetes.io/dockerconfigjson.

                kubectl create secret docker-registry myregistrykey  -n default --docker-server=DOCKER_REGISTRY_SERVER --docker-username=DOCKER_USER --docker-password=DOCKER_PASSWORD --docker-email=DOCKER_EMAIL
                -

                In the preceding command, myregistrykey indicates the key name, default indicates the namespace where the key is located, and other parameters are as follows:

                -
                • DOCKER_REGISTRY_SERVER: address of a third-party image repository, for example, www.3rdregistry.com or 10.10.10.10:443
                • DOCKER_USER: account used for logging in to a third-party image repository
                • DOCKER_PASSWORD: password used for logging in to a third-party image repository
                • DOCKER_EMAIL: email of a third-party image repository
                -

              3. Use a third-party image to create a workload.

                A kubernetes.io/dockerconfigjson secret is used for authentication when you obtain a private image. The following is an example of using the myregistrykey for authentication.
                apiVersion: v1
-kind: Pod
+
                Using kubectl
                1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                2. If the third-party image repository has an account and password, you need to create a secret in the cluster as the identity credential for pulling images.
                  1. Create a secret. The secret type is kubernetes.io/dockerconfigjson by default, which indicates that the secret is used for authentication when third-party images are pulled.
                    kubectl create secret docker-registry test  -n default --docker-server=www.example.com --docker-username=ssl --docker-password=xxx --docker-email=example@123.com
                    
+
                    In the command, test indicates the secret name, default indicates the namespace where the secret is located, and other parameters are described in the following table.
                    
+
+
                    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                    Table 2 Secret parameters
                    Parameter
                    
+
                    Example Value
                    
+
                    Description
                    
+
                    docker-server
                    
+
                    www.example.com
                    
+
                    Enter the address of the third image repository.
                    
+
                    docker-username
                    
+
                    ssl
                    
+
                    Enter the username for accessing the third-party image repository.
                    
+
                    docker-password
                    
+
                    xxx
                    
+
                    Enter the password for accessing the third-party image repository.
                    
+
                    docker-email
                    
+
                    example@123.com
                    
+
                    Email address of the third-party image repository. This parameter is optional.
                    
+
                    
+
                    
+
                    Information similar to the following is displayed:
                    
+
                    secret/test created
                    
+
                  2. Check whether the secret has been created.
                    kubectl get secret
                    
+
                    If the following information is displayed, the secret has been created:
                    
+
                    NAME             TYPE                             DATA   AGE
+default-secret   kubernetes.io/dockerconfigjson   1      41h
+paas.elb         cfe/secure-opaque                1      41h
+test             kubernetes.io/dockerconfigjson   1      16s
                    
+
                  
+
                3. Create a workload using a third-party image.
                  1. Create a YAML file for creating a workload. In this example, the file name is deployment.yaml. You can change it as needed.
                    vim deployment.yaml
                    
+
                    The file content is as follows:
                    apiVersion: apps/v1
+kind: Deployment
 metadata:
-  name: foo
-  namespace: default
+  name: foo
+  namespace: default
 spec:
-  containers:
-    - name: foo
-      image: www.3rdregistry.com/janedoe/awesomeapp:v1
-  imagePullSecrets:
-    - name: myregistrykey              # Use the created secret.
                    
+  replicas: 1
+  selector:
+    matchLabels:
+      app: foo
+  strategy:
+    type: RollingUpdate
+  template:
+    metadata:
+      labels:
+        app: foo
+    spec:
+      containers:
+      - image: www.example.com/janedoe/awesomeapp:v1    # Third-party image path
+        imagePullPolicy: Always
+        name: foo
+      imagePullSecrets:
+      - name: test    # Use the created secret for identity authentication when images are pulled.
                +

                If you do not specify a domain name when entering a third-party image address, for example, nginx:latest, the image will be pulled from docker.io by default. To specify the default image pull address, configure the Modify Image Repository Configuration parameter in the container engine configuration of the node pool.

                +
                +
              4. Create the workload.
                kubectl create -f deployment.yaml
                +

                If information similar to the following is displayed, the workload is being created:

                +
                deployment.apps/foo created
                +
              5. Check the workload status.
                kubectl get deployment
                +

                If all the pods of the workload are available, the workload has been created.

                +
                NAME     READY   UP-TO-DATE   AVAILABLE   AGE
+foo      1/1     1            1           4m59s
                +

            diff --git a/docs/cce/umn/cce_10_0010.html b/docs/cce/umn/cce_10_0010.html index a99833169..23d0965f6 100644 --- a/docs/cce/umn/cce_10_0010.html +++ b/docs/cce/umn/cce_10_0010.html @@ -1,38 +1,41 @@ -

            Overview

            -

            You can learn about a cluster network from the following two aspects:

            -
            • What is a cluster network like? A cluster consists of multiple nodes, and pods (or containers) are running on the nodes. Nodes and containers need to communicate with each other. For details about the cluster network types and their functions, see Cluster Network Structure.
            • How is pod access implemented in a cluster? Accessing a pod or container is a process of accessing services of a user. Kubernetes provides Service and Ingress to address pod access issues. This section summarizes common network access scenarios. You can select the proper scenario based on site requirements. For details about the network access scenarios, see Access Scenarios.
            -

            Cluster Network Structure

            All nodes in the cluster are located in a VPC and use the VPC network. The container network is managed by dedicated network add-ons.

            -

            -
            • Node Network

              A node network assigns IP addresses to hosts (nodes in the figure above) in a cluster. Select a VPC subnet as the node network of the CCE cluster. The number of available IP addresses in a subnet determines the maximum number of nodes (including master nodes and worker nodes) that can be created in a cluster. This number is also affected by the container network. For details, see the container network model.

              -
            • Container Network

              A container network assigns IP addresses to pods in a cluster. CCE inherits the IP-Per-Pod-Per-Network network model of Kubernetes. That is, each pod has an independent IP address on a network plane and all containers in a pod share the same network namespace. All pods in a cluster exist in a directly connected flat network. They can access each other through their IP addresses without using NAT. Kubernetes only provides a network mechanism for pods, but does not directly configure pod networks. The configuration of pod networks is implemented by specific container network add-ons. The container network add-ons are responsible for configuring networks for pods and managing container IP addresses.

              -

              Currently, CCE supports the following container network models:

              -
              • Container tunnel network: The container tunnel network is constructed on but independent of the node network through tunnel encapsulation. This network model uses VXLAN to encapsulate Ethernet packets into UDP packets and transmits them in tunnels. Open vSwitch serves as the backend virtual switch.
              • VPC network: The VPC network model seamlessly combines VPC routing with the underlying network, making it ideal for high-performance scenarios. However, the maximum number of nodes allowed in a cluster is determined by the VPC route quota. Each node is assigned a CIDR block of a fixed size. The VPC network model outperforms the container tunnel network model in terms of performance because it does not have tunnel encapsulation overhead. In addition, as VPC routing includes routes to node IP addresses and the container CIDR block, container pods in a cluster can be directly accessed from outside the cluster.
              • Developed by CCE, Cloud Native Network 2.0 deeply integrates Elastic Network Interfaces (ENIs) and Sub Network Interfaces (sub-ENIs) of VPC. Container IP addresses are allocated from the VPC CIDR block. ELB passthrough networking is supported to direct access requests to containers. Security groups and EIPs are bound to deliver high performance.
              -

              The performance, networking scale, and application scenarios of a container network vary according to the container network model. For details about the functions and features of different container network models, see Overview.

              -
            • Service Network

              Service is also a Kubernetes object. Each Service has a static IP address. When creating a cluster on CCE, you can specify the Service CIDR block. The Service CIDR block cannot overlap with the node or container CIDR block. The Service CIDR block can be used only within a cluster.

              -
            +

            Networking Overview

            +

            The CCE cluster network architecture is based on the Kubernetes native network model. Combined with the cloud infrastructure capabilities, the architecture builds a three-layer communication system covering nodes, containers, and services. It is built to efficiently forward intra-cluster and inter-cluster traffic, discover services, and isolate networks. It meets the requirements of all scenarios that cover small- and medium-sized applications and large-scale microservice architectures.

            +

            You can learn about the cluster network from the following aspects:

            +
            • Cluster network structure (Cluster Network Structure): A cluster consists of multiple nodes, and each node runs multiple pods (containers). To ensure the communications between nodes, between nodes and pods, and between pods, a cluster requires:
              • A node network: enables all nodes in a cluster to communicate with each other.
              • A container network: enables all pods in a cluster to communicate with each other using IP addresses without NAT.
              • A Service network: ensures Services in a cluster can be accessed by other pods or Services in that cluster through stable virtual IP addresses.
              +
            • Pod access in a cluster: Kubernetes provides Services (Service) and ingresses (Ingress) for pod access. This section summarizes common network access scenarios. You can select the appropriate scenario based on site requirements. For details about the network access scenarios, see Access Scenarios.
            +

            Cluster Network Structure

            Cluster networks are the core of Kubernetes. They ensure that containers in a cluster can communicate with each other and with external systems. There are:

            +
            • Node network: CCE uses VPC subnets as the node network of a cluster. The available IP addresses of a subnet limit the maximum number of nodes that can be created in a cluster. For example, a subnet with a mask of /24 can allocate a maximum of 254 node IP addresses. The number of nodes that can be created in a cluster is also affected by the container network. For details, see container network models.
            • Container network: Pods in a cluster are allocated independent IP addresses. All pods in a cluster are on a flat network and can be accessed using their IP addresses without NAT. Kubernetes uses Container Network Interface (CNI) to standardize the network between containers. Network model plugins are used to allocate independent IP addresses to pods for flat network communications in a cluster. Different network models have different allocation principles.
              Figure 1 Container network
              +

              Currently, CCE supports the following container network models:

              +
              • Container tunnel network: This network model is constructed based on the node network through tunnel encapsulation, but it is independent of the node network. It uses VXLAN to encapsulate Ethernet packets into UDP packets and transmits them in tunnels. Open vSwitch serves as the backend virtual switch.
              • VPC network: This network model seamlessly combines VPC routing with the underlying network, making it ideal for high-performance scenarios. However, the maximum number of nodes allowed in a cluster is determined by the VPC route quota. Each node in a cluster that uses a VPC network is running in a subnet with a fixed number of IP addresses. The VPC network model outperforms the container tunnel network model in terms of performance because it does not have tunnel encapsulation overhead. In addition, as the routes destined for nodes and containers are added to a VPC route table, containers can be directly accessed from outside the cluster.
              • Cloud Native Network 2.0 is a next-generation model developed by CCE and combines the network interfaces and supplementary network interfaces of VPC. Pod IP addresses are allocated from the VPC CIDR block. ELB passthrough networking is supported to forward requests to containers. Security groups and EIPs are associated to deliver high performance.
              +

              The performance, networking scale, and application scenarios of a container network vary depending on the container network model. For details about the functions and features of different container network models, see Overview.

              +
            • Service network: Services are a kind of Kubernetes resource object. Each Service has a fixed IP address. Kubernetes provides stable access entries for pods through Services. When creating a cluster on CCE, you can specify the Service CIDR block. Service CIDR blocks cannot overlap with the node CIDR blocks or container CIDR blocks. They can be used only in a cluster.
            -

            Service

            A Service is used for pod access. With a static IP address, a Service forwards access traffic to pods and performs load balancing for these pods.

            -
            Figure 1 Accessing pods through a Service
            +

            Service

            In Kubernetes, pods are considered ephemeral and can be replaced at any time. When a pod is destroyed or replaced, its network resources also change. You need to provide a stable access method for pods. Kubernetes uses a Service to provide a fixed access entry for a group of pods with the same functions and balances the load among these pods.

            +

            As shown in the following figure, a Service is associated with a group of pods through a selector. When the IP address and port of the Service are accessed, traffic is distributed to these pods. When pods change, the Service automatically updates the backend forwarding rules to ensure that the latest pods can be accessed through the Service.

            +
            Figure 2 Accessing pods through a Service

            You can configure the following types of Services:

            • ClusterIP: used to make the Service only reachable from within a cluster.
            • NodePort: used for access from outside a cluster. A NodePort Service is accessed through the port on the node.
            • LoadBalancer: used for access from outside a cluster. It is an extension of NodePort, to which a load balancer routes, and external systems only need to access the load balancer.
            -

            For details about the Service, see Overview.

            +

            For details about the Service, see Service Overview.

            Ingress

            Services forward requests using TCP and UDP at Layer 4. Ingresses forward requests using HTTP and HTTPS at Layer 7. Domain names and paths can be used for access of finer granularities.

            -
            Figure 2 An ingress and associated Services
            -

            For details about the ingress, see Overview.

            +
            Figure 3 An ingress and associated Services
            +

            For details about the ingress, see Ingress Overview.

            +
            +

            DNS

            CCE uses CoreDNS to implement service discovery in a cluster. For example, a client can access backend pods through a ClusterIP Service whose name is mapped to a cluster-scoped virtual IP address. This approach decouples the invoking between applications in a cluster from specific IP addresses and deployment environments. For details about the cluster DNS settings, see DNS Overview.

            +
            Figure 4 Example of domain name resolution in a cluster

            Access Scenarios

            Workload access scenarios can be categorized as follows:

            • Intra-cluster access: A ClusterIP Service is used for workloads in the same cluster to access each other.
            • Access from outside a cluster: A Service (NodePort or LoadBalancer type) or an ingress is recommended for a workload outside a cluster to access workloads in the cluster.
              • Access through the public network: An EIP should be bound to the node or load balancer.
              • Access through the private network: The workload can be accessed through the internal IP address of the node or load balancer. If workloads are located in different VPCs, a peering connection is required to enable communication between different VPCs.
              -
            • The workload can access the external network as follows:
              • Accessing an intranet: The workload accesses the intranet address, but the implementation method varies depending on container network models. Ensure that the peer security group allows the access requests from the container CIDR block.
              • Accessing a public network: Assign an EIP to the node where the workload runs (when a VPC network or tunnel network is used), bind an EIP to the pod IP address (when Cloud Native Network 2.0 is used), or configure SNAT rules through the NAT gateway. For details, see Accessing the Internet from a Container.
              +
            • The workload can access the external network as follows:
              • Accessing a private network: The workload accesses the private network address, but the implementation method varies depending on container network models. Ensure that the peer security group allows access from the container CIDR block.
              • Accessing a public network: Assign an EIP to the node where the workload runs (when a VPC network or tunnel network is used), bind an EIP to the pod IP address (when Cloud Native Network 2.0 is used), or configure an SNAT rule on the NAT gateway. For details, see Accessing the Internet from a Container.
            -
            Figure 3 Network access diagram
            +
            Figure 5 Network access diagram
            -
            Parent topic: Network
            +
            Parent topic: Networking
            diff --git a/docs/cce/umn/cce_10_0011.html b/docs/cce/umn/cce_10_0011.html index ec6803eb6..30aa54ec9 100644 --- a/docs/cce/umn/cce_10_0011.html +++ b/docs/cce/umn/cce_10_0011.html @@ -1,16 +1,57 @@

            ClusterIP

            -

            Scenario

            ClusterIP Services allow workloads in the same cluster to use their cluster-internal domain names to access each other.

            -

            The cluster-internal domain name format is <Service name>.<Namespace of the workload>.svc.cluster.local:<Port>, for example, nginx.default.svc.cluster.local:80.

            -

            Figure 1 shows the mapping relationships between access channels, container ports, and access ports.

            -
            Figure 1 Intra-cluster access (ClusterIP)
            +

            ClusterIP is the default Service type of Kubernetes and provides stable intra-cluster access. Kubernetes assigns a virtual IP address (cluster-scoped IP address) that can only be accessed within the cluster from the Service CIDR block of the cluster. CoreDNS maps the cluster-internal domain name to the assigned cluster IP address. The domain name format is <Service-name>.<namespace-of-the-workload>.svc.cluster.local:<port>, for example, nginx.default.svc.cluster.local:80.

            +

            If pods need to communicate with each other within a cluster, you can create a ClusterIP Service. For example, if a frontend pod in a cluster needs to access a backend database in the same cluster, you can create a ClusterIP Service.

            +

            Figure 1 shows how ClusterIP works. You can learn about the access channel, container port, and access port mapping rules of this type of Service.

            +
            Figure 1 Intra-cluster access (ClusterIP)
            +

            Using the CCE Console

            1. Log in to the CCE console and click the cluster name to access the cluster console.
            2. In the navigation pane, choose Services & Ingresses. In the upper right corner, click Create Service.
            3. Configure intra-cluster access parameters.

              +

              + + + + + + + + + + + + + + + + + + + + + + +

              Parameter

              +

              Description

              +

              Service Name

              +

              Enter a name, which can be the same as the workload name.

              +

              Service Type

              +

              Select ClusterIP.

              +

              Namespace

              +

              Select the namespace that the workload belongs to.

              +

              Selector

              +

              The Service will be associated with the workload pods based on the label and direct traffic to the pods with this label.

              +

              You can add a key and value for the pod label and click Confirm.

              +

              You can also click Reference Workload Label to use the label of an existing workload. In the dialog box displayed, select a workload and click OK.

              +

              Protocol Version

              +

              Select the IP address of different versions based on service requirements. This function is displayed only when IPv6 is enabled during the creation of clusters of v1.15 or later.

              +

              Port

              +
              • Protocol: the protocol supported by the Service.
              • Container Port: the listening port of the service containers. The port ranges from 1 to 65535. You need to determine the port based on the container image. For example, the default port of Nginx is 80, and the default port of MySQL is 3306.
              • Service Port: the port used to access the ClusterIP Service. You can customize the port as required. The port ranges from 1 to 65535.
              +
              -

              Creating a ClusterIP Service

              1. Log in to the CCE console and click the cluster name to access the cluster console.
              2. In the navigation pane, choose Services & Ingresses. In the upper right corner, click Create Service.
              3. Configure intra-cluster access parameters.

                • Service Name: Specify a Service name, which can be the same as the workload name.
                • Service Type: Select ClusterIP.
                • Namespace: namespace that the workload belongs to.
                • Selector: Add a label and click Confirm. The Service will use this label to select pods. You can also click Reference Workload Label to use the label of an existing workload. In the dialog box that is displayed, select a workload and click OK.
                • Protocol Version: Select the IP address of different versions based on service requirements. This parameter is available only in clusters of v1.15 or later with IPv6 enabled (set during cluster creation).
                • Ports
                  • Protocol: protocol used by the Service.
                  • Service Port: port used by the Service. The port number ranges from 1 to 65535.
                  • Container Port: listener port of the workload. For example, Nginx uses port 80 by default.
                  -
                -

              4. Click OK.
              +

            4. Click OK. Then, access the Service through <ClusterIP>:<Service-port>.

              +

              +

            -

            Setting the Access Type Using kubectl

            You can configure Service access using kubectl. This section uses an Nginx workload as an example to describe how to implement intra-cluster access using kubectl.

            +

            Using kubectl

            You can configure Service access using kubectl. This section uses an Nginx workload as an example to describe how to implement intra-cluster access using kubectl.

            1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
            2. Create and edit the nginx-deployment.yaml file to configure the sample workload. For details, see Creating a Deployment. nginx-deployment.yaml is an example file name. You can rename it as needed.

              vi nginx-deployment.yaml
              File content:
              apiVersion: apps/v1
 kind: Deployment
@@ -63,13 +104,12 @@ spec:
 
              Check the created Service.
              
 
              kubectl get svc
              
 
              If information similar to the following is displayed, the Service has been created, and a cluster-internal IP address has been assigned to the Service.
              
-
              # kubectl get svc
-NAME              TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)    AGE
+
              NAME              TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)    AGE
 kubernetes        ClusterIP   10.247.0.1     <none>        443/TCP    4d6h
 nginx-clusterip   ClusterIP   10.247.74.52   <none>        8080/TCP   14m
            3. Access the Service from a container or node in the cluster.

              1. Create a pod and access its container.
                kubectl run -i --tty --image nginx:alpine test --rm /bin/sh
              2. Run the curl command to access the Service.
                • Access through IP:Port:
                  curl 10.247.74.52:8080
                  -
                • Access through Domain-name:Port:
                  curl nginx-clusterip.default.svc.cluster.local:8080
                  +
                • Access using Domain name:Port (not supported on nodes):
                  curl nginx-clusterip.default.svc.cluster.local:8080

                  nginx-clusterip is the Service name, default is the namespace where the Service is located, and svc.cluster.local is the DNS domain for the ClusterIP Service.

                  You can simplify the domain name based on your requirements. For example, if the Service and the accessing pod are in the same namespace, you can use nginx-clusterip:8080 to access it. If they are in different namespaces, you can use nginx-clusterip.default:8080 to access it.

                @@ -105,7 +145,7 @@ Commercial support is available at
            -
            Parent topic: Service
            +
            Parent topic: Services
            diff --git a/docs/cce/umn/cce_10_0012.html b/docs/cce/umn/cce_10_0012.html index 05a16c4cf..4079efcf4 100644 --- a/docs/cce/umn/cce_10_0012.html +++ b/docs/cce/umn/cce_10_0012.html @@ -3,7 +3,7 @@

            Creating a Node Pool

            Scenario

            This section describes how to create a node pool and perform operations on the node pool. For details about how a node pool works, see Node Pool Overview.

            -

            Procedure

            1. Log in to the CCE console.
            2. Click the cluster name to access the cluster console. Choose Nodes in the navigation pane. In the right pane, click the Node Pools tab.
            3. In the upper right corner of the page, click Create Node Pool.

              Basic Settings

              +

              Procedure

              1. Log in to the CCE console.
              2. Click the cluster name to access the cluster console. Choose Nodes in the navigation pane. In the right pane, click the Node Pools tab.
              3. In the upper right corner of the page, click Create Node Pool.

                Basic Settings

                @@ -30,15 +30,15 @@ - @@ -78,7 +78,7 @@ @@ -92,7 +92,7 @@ - - - -
                Table 1 Basic settings

                Parameter

                Node Type

                Select a node type based on service requirements. Then, you can select a proper flavor from the node flavor list.

                -
                CCE standard clusters support the following node types:
                • ECS (VM): A virtualized ECS is used as a cluster node.
                +
                CCE standard clusters support the following node types:
                • ECS (VM): A VM ECS is used as a cluster node.
                -
                CCE Turbo clusters support the following node types:
                • ECS (VM): A VM ECS is used as a cluster node. A CCE Turbo cluster supports only the cloud servers that allow multiple ENIs. Select a server type displayed on the CCE console.
                +
                CCE Turbo clusters support the following node types:
                • ECS (VM): A VM ECS is used as a cluster node. A CCE Turbo cluster supports only the cloud servers that allow multiple network interfaces. Select a server type displayed on the CCE console.

                Specifications

                Select a node flavor based on service requirements. The available node flavors vary depending on regions. For details, see the CCE console. For the supported node flavors, see Node Flavor Description.
                NOTE:
                • If a node pool is configured with multiple node flavors, only the flavors (which can be located in different AZs) of the same node type are supported. For example, a node pool consisting of general computing-plus nodes supports only general computing-plus node flavors, but not the flavors of general computing nodes.
                • A maximum of 10 node flavors can be added to a node pool (the flavors in different AZs are counted separately). When adding a node flavor, you can choose multiple AZs, but you need to specify them.
                • Nodes in a newly created node pool are created using the default flavor. If the resources for the default flavor are insufficient, node creation will fail.
                • After a node pool is created, the flavors of existing nodes cannot be deleted.
                +
                Select a node flavor based on service requirements. The available node flavors vary depending on regions. For details, see the CCE console. For the supported node flavors, see Node Flavor Description.
                NOTE:
                • If a node pool is configured with multiple node flavors, only the flavors (which can be located in different AZs) of the same node type are supported. For example, a node pool consisting of general computing-plus nodes supports only general computing-plus node flavors, but not the flavors of general computing nodes.
                • Nodes added to a single node pool must have the same GPU type. For example, if you select the nvidia-v100 flavor, you are not allowed to select the nvidia-t4 flavor.
                • A maximum of 10 node flavors can be added to a node pool (the flavors in different AZs are counted separately). When adding a node flavor, you can choose multiple AZs, but you need to specify them.
                • Nodes in a newly created node pool are created using the default flavor. If the resources for the default flavor are insufficient, node creation will fail.
                • After a node pool is created, the flavors of existing nodes cannot be deleted.

                System Disk

                System disk used by the node OS. The value ranges from 40 GiB to 1024 GiB. The default value is 50 GiB.

                -
                System Disk Encryption: System disk encryption safeguards your data. Snapshots generated from encrypted disks and disks created using these snapshots automatically inherit the encryption setting. Only the nodes of the Elastic Cloud Server (VM) type in certain regions support system disk encryption. For details, see the console.
                • Not encrypted is selected by default.
                • If you select Enabled (key) for System Disk Encryption, choose an existing key. If no key is available, click View Key List and create a key. After the key is created, click the refresh icon next to the text box.
                • If you select Enabled (KMS key ID) for System Disk Encryption, enter a KMS key (which can be shared by others) in the current region.
                +
                System Disk Encryption: System disk encryption safeguards your data. Snapshots generated from encrypted disks and disks created using these snapshots automatically inherit the encryption setting. Only the nodes of the Elastic Cloud Server (VM) type in certain regions support system disk encryption. For details, see the console.
                • Not encrypted is selected by default.
                • If you select Enabled (key) for System Disk Encryption, choose an existing key. If no key is available, click View Key List and create a key. After the key is created, click the refresh icon next to the text box.
                • If you select Enabled (KMS key ID) for System Disk Encryption, enter a KMS key (which can be shared by others) in the current region.

                Data Disk

                • At least one default data disk must be added for storing container runtime and kubelet components if System Component Storage is set to Data Disk. This data disk cannot be deleted or detached. Otherwise, the node will be unavailable. This function is available for clusters of a version earlier than v1.23.18-r0, v1.25.13-r0, v1.27.10-r0, v1.28.8-r0, or v1.29.4-r0.
                  • Default data disk: used for container runtime and kubelet components. The disk size ranges from 20 GiB to 32768 GiB. The default value is 100 GiB.
                  • Other common data disks: You can set the data disk size to a value ranging from 10 GiB to 32768 GiB. The default value is 100 GiB.
                  +
                • At least one default data disk must be added for storing container runtime and kubelet components if System Component Storage is set to Data Disk. This data disk cannot be deleted or detached. Otherwise, the node will be unavailable. This function is available for clusters of a version earlier than v1.23.18-r0, v1.25.13-r0, v1.27.10-r0, v1.28.8-r0, or v1.29.4-r0.
                  • Default data disk: used for container runtime and kubelet components. The disk size ranges from 20 GiB to 32768 GiB. The default value is 100 GiB.
                  • Other common data disks: You can set the data disk size to a value ranging from 10 GiB to 32768 GiB. The default value is 100 GiB.
                • If System Component Storage is set to System Disk, you do not need to add a default data disk. In this case, all data disks are common ones: You can set the data disk size to a value ranging from 10 GiB to 32768 GiB. The default value is 100 GiB. This function is available for clusters of v1.23.18-r0, v1.25.13-r0, v1.27.10-r0, v1.28.8-r0, v1.29.4-r0, or later versions.
                NOTE:
                • If the node flavor is disk-intensive or ultra-high I/O, one data disk can be a local disk.
                • Local disks may break down and do not ensure data reliability. Store your service data in EVS disks, which are more reliable than local disks.
                @@ -162,7 +162,7 @@

                You can add resource tags to classify resources.

                You can create predefined tags on the TMS console. These tags are available to all resources that support tags. You can use these tags to improve the tag creation and resource migration efficiency.

                -

                CCE will automatically create the "CCE-Dynamic-Provisioning-Node=Node ID" tag.

                +

                CCE will automatically create the CCE-Dynamic-Provisioning-Node=Node ID tag.

                Kubernetes Label

                @@ -210,22 +210,22 @@

                Pre-installation Command

                Installation script command, in which Chinese characters are not allowed. The script command will be Base64-transcoded. The characters of both the pre-installation and post-installation scripts are centrally calculated, and the total number of characters after transcoding cannot exceed 10240.

                +

                Installation script command. The script command will be Base64-transcoded. The characters of both the pre-installation and post-installation scripts are centrally calculated, and the total number of characters after transcoding cannot exceed 10240.

                The script will be executed before Kubernetes software is installed. Note that if the script is incorrect, Kubernetes software may fail to be installed.

                Post-installation Command

                Installation script command, in which Chinese characters are not allowed. The script command will be Base64-transcoded. The characters of both the pre-installation and post-installation scripts are centrally calculated, and the total number of characters after transcoding cannot exceed 10240.

                -

                The script will be executed after Kubernetes software is installed, which does not affect the installation.

                -
                NOTE:

                Do not run the reboot command in the post-installation script to restart the system immediately. To restart the system, run the shutdown -r 1 command to restart with a delay of one minute.

                +

                Installation script command. The script command will be Base64-transcoded. The characters of both the pre-installation and post-installation scripts are centrally calculated, and the total number of characters after transcoding cannot exceed 10240.

                +
                The script will be executed after Kubernetes software is installed, which does not affect the installation. During post-installation script execution, pods can be scheduled normally. However, if the script execution times out, node installation will fail. To prevent pods from being scheduled to nodes with incomplete script execution, enable the option to schedule pods only after the post-installation script execution completes.
                CAUTION:

                Do not use the reboot command in the post-installation script to restart the system immediately. Instead, use the shutdown -r 1 command to restart the system with a one-minute delay.

                +

                Agency

                An agency is created by the tenant administrator on the IAM console. Using an agency, you can share your cloud server resources with another account, or entrust a more professional person or team to manage your resources.

                -

                If no agency is available, click Create Agency on the right to create one.

                +

                If you need to share ECS resources with other accounts or delegate a more professional person or team to manage the resources, you can create an agency on IAM and grant the agency the permissions to manage ECS resources. The delegated account can log in to the cloud system and switch to your account to manage resources. You do not need to share security credentials (such as passwords) with other accounts, ensuring the security of your account.

                +

                If you have created an agency, select the agency from the drop-down list. If no agency is available, click Create Agency on the right to create one.

                Custom Prefix and Suffix

                diff --git a/docs/cce/umn/cce_10_0014.html b/docs/cce/umn/cce_10_0014.html index 9166892a1..03d71d585 100644 --- a/docs/cce/umn/cce_10_0014.html +++ b/docs/cce/umn/cce_10_0014.html @@ -6,7 +6,7 @@
                -
                Parent topic: Service
                +
                Parent topic: Services
                diff --git a/docs/cce/umn/cce_10_0015.html b/docs/cce/umn/cce_10_0015.html index 9bb53d52f..63ae8f0d5 100644 --- a/docs/cce/umn/cce_10_0015.html +++ b/docs/cce/umn/cce_10_0015.html @@ -15,7 +15,7 @@ data:
              4. When a ConfigMap is used as an environment variable, data is not automatically updated when the ConfigMap is updated. To update the data, restart the pod.

                5. Configuring Environment Variables of a Workload

                Using the CCE console

                -
                1. Log in to the CCE console and click the cluster name to access the cluster console.
                2. In the navigation pane, choose Workloads. In the dialog box displayed, click Create Workload in the upper right corner.

                  When creating a workload, click Environment Variables in the Container Settings area, and click Add Variable.

                  +
                  1. Log in to the CCE console and click the cluster name to access the cluster console.
                  2. In the navigation pane, choose Workloads. In the dialog box displayed, click Create Workload in the upper right corner.

                    When creating a workload, click Environment Variables in the Container Settings area, and click Add Variable.

                    • Added from ConfigMap: Select a ConfigMap to import all of its keys as environment variables.
                    • Added from ConfigMap key: Import a key in a ConfigMap as the value of an environment variable.
                      • Variable Name: name of an environment variable in the workload. The name can be customized and is set to the key name selected in the ConfigMap by default.
                      • Variable Value/Reference: Select a ConfigMap and the key to be imported. The corresponding value is imported as a workload environment variable.

                      For example, after you import the value Hello of SPECIAL_LEVEL in ConfigMap cce-configmap as the value of workload environment variable SPECIAL_LEVEL, an environment variable named SPECIAL_LEVEL with its value Hello exists in the container.

                    @@ -94,9 +94,9 @@ CCE

                Configuring Command Line Parameters

                You can use a ConfigMap as an environment variable to set commands or parameter values for a container by using the environment variable substitution syntax $(VAR_NAME).

                Using the CCE console

                -
                1. Log in to the CCE console and click the cluster name to access the cluster console.
                2. In the navigation pane, choose Workloads. In the dialog box displayed, click Create Workload in the upper right corner.

                  When creating a workload, click Environment Variables in the Container Settings area, and click Add Variable. In this example, select Added from ConfigMap.

                  +
                  1. Log in to the CCE console and click the cluster name to access the cluster console.
                  2. In the navigation pane, choose Workloads. In the dialog box displayed, click Create Workload in the upper right corner.

                    When creating a workload, click Environment Variables in the Container Settings area, and click Add Variable. In this example, select Added from ConfigMap.

                    • Added from ConfigMap: Select a ConfigMap to import all of its keys as environment variables.
                    -

                  3. Click Lifecycle in the Container Settings area, click the Post-Start tab on the right, and set the following parameters:

                    • Processing Method: CLI
                    • Command: Enter the following three command lines. SPECIAL_LEVEL and SPECIAL_TYPE are the environment variable names in the workload, which are key names in the cce-configmap ConfigMap.
                      /bin/bash
+
                    • Click Lifecycle in the Container Settings area, click the Post-Start tab on the right, and configure parameters.

                      • Processing Method: CLI
                      • Command: Enter the following three command lines. SPECIAL_LEVEL and SPECIAL_TYPE are the environment variable names in the workload, which are key names in the cce-configmap ConfigMap.
                        /bin/bash
 -c
 echo $SPECIAL_LEVEL $SPECIAL_TYPE > /usr/share/nginx/html/index.html
                      @@ -146,7 +146,7 @@ spec:

                Mounting a ConfigMap to a Workload Data Volume

                The data stored in a ConfigMap can be referenced in a volume of type ConfigMap. You can mount such a volume to a specified container path. The platform supports the separation of workload codes and configuration files. ConfigMap volumes are used to store workload configuration parameters. Before that, create ConfigMaps in advance. For details, see Creating a ConfigMap.

                Using the CCE console

                -
                1. Log in to the CCE console and click the cluster name to access the cluster console.
                2. In the navigation pane, choose Workloads. In the dialog box displayed, click Create Workload in the upper right corner.

                  When creating a workload, click Data Storage in the Container Settings area. Click Add Volume and select ConfigMap from the drop-down list.

                  +
                  1. Log in to the CCE console and click the cluster name to access the cluster console.
                  2. In the navigation pane, choose Workloads. In the dialog box displayed, click Create Workload in the upper right corner.

                    When creating a workload, click Data Storage in the Container Settings area. Click Add Volume and choose ConfigMap from the drop-down list.

                  3. Select parameters for mounting a ConfigMap volume, as shown in Table 1.

                    diff --git a/docs/cce/umn/cce_10_0016.html b/docs/cce/umn/cce_10_0016.html index a3e802071..076c6609c 100644 --- a/docs/cce/umn/cce_10_0016.html +++ b/docs/cce/umn/cce_10_0016.html @@ -19,7 +19,7 @@ data:

                    Configuring Environment Variables of a Workload

                    Using the CCE console

                    -
                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                    2. In the navigation pane, choose Workloads. In the dialog box displayed, click Create Workload in the upper right corner.

                      When creating a workload, click Environment Variables in the Container Settings area, and click Add Variable.

                      +
                      1. Log in to the CCE console and click the cluster name to access the cluster console.
                      2. In the navigation pane, choose Workloads. In the dialog box displayed, click Create Workload in the upper right corner.

                        When creating a workload, click Environment Variables in the Container Settings area, and click Add Variable.

                        • Added from secret: Select a secret and import all keys in the secret as environment variables.
                        • Added from secret key: Import the value of a key in a secret as the value of an environment variable.
                          • Variable Name: name of an environment variable in the workload. The name can be customized and is set to the key name selected in the secret by default.
                          • Variable Value/Reference: Select a secret and the key to be imported. The corresponding value is imported as a workload environment variable.

                          For example, after you import the value of username in secret mysecret as the value of workload environment variable username, an environment variable named username exists in the container.

                        @@ -94,7 +94,7 @@ spec:

                    Configuring the Data Volume of a Workload

                    You can mount a secret as a volume to the specified container path. Contents in a secret are user-defined. Before that, create a secret. For details, see Creating a Secret.

                    Using the CCE console

                    -
                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                    2. Choose Workloads in the navigation pane. In the right pane, click the Deployments tab. Click Create Workload in the upper right corner.

                      When creating a workload, click Data Storage in the Container Settings area. Click Add Volume and select Secret from the drop-down list.

                      +
                      1. Log in to the CCE console and click the cluster name to access the cluster console.
                      2. Choose Workloads in the navigation pane. In the right pane, click the Deployments tab. Click Create Workload in the upper right corner.

                        When creating a workload, click Data Storage in the Container Settings area. Click Add Volume and choose Secret from the drop-down list.

                      3. Select parameters for mounting a secret volume, as shown in Table 1.

                    Table 1 Mounting a ConfigMap volume

                    Parameter
                    diff --git a/docs/cce/umn/cce_10_0018.html b/docs/cce/umn/cce_10_0018.html index f517d110b..8403ff0c1 100644 --- a/docs/cce/umn/cce_10_0018.html +++ b/docs/cce/umn/cce_10_0018.html @@ -1,12 +1,12 @@

                    Collecting Container Logs Using ICAgent

                    -

                    CCE can collect workload logs and report them to AOM 1.0. When a node is created, ICAgent (a DaemonSet named icagent in the kube-system namespace of a cluster) is installed by default. ICAgent collects workload logs and reports them to AOM 1.0. You can view workload logs on the CCE or AOM 1.0 console.

                    -

                    Constraints

                    ICAgent only collects text logs in .log, .trace, and .out formats.

                    +

                    CCE works with AOM 1.0 to collect workload logs. When a node is created, ICAgent (a DaemonSet named icagent in the kube-system namespace of a cluster) is installed by default. ICAgent collects workload logs and reports them to AOM 1.0. You can view workload logs on the CCE or AOM 1.0 console.

                    +

                    Constraints

                    ICAgent only collects text log files in .log, .trace, and .out formats.

                    -

                    Using ICAgent to Collect Logs

                    1. When creating a workload, set logging for the container.
                    2. Click to add a log policy.

                      The following uses Nginx as an example. Log policies vary depending on workloads.

                      +

                      Using ICAgent to Collect Logs

                      1. When creating a workload, choose Logging in Container Information.
                      2. Click to add a log policy.

                        The following uses Nginx as an example. Log policies vary depending on workloads.

                      3. Set Volume Type to hostPath or emptyDir.

                        -

                    Table 1 Mounting a secret volume

                    Parameter
                    Table 1 Configuring log policies

                    Parameter

                    +
                    @@ -14,7 +14,7 @@ - - @@ -34,22 +34,22 @@ @@ -59,8 +59,8 @@

                  4. Click OK.
                    5. -

                    YAML Example

                    You can set the container log storage path by defining a YAML file.

                    -

                    As shown in the following figure, an emptyDir volume is mounted a temporary path to /var/log/nginx. In this way, the ICAgent collects logs in /var/log/nginx. The policy field is customized by CCE and allows the ICAgent to identify and collect logs.

                    +

                    Example YAML

                    You can set the container log storage path by defining a YAML file.

                    +

                    As shown below, an emptyDir volume is mounted to /var/log/nginx. In this way, the ICAgent collects logs in /var/log/nginx. policy is a custom field of CCE and allows the ICAgent to identify and collect logs.

                    apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -97,7 +97,7 @@ spec:
           name: vol-log
       imagePullSecrets:
         - name: default-secret
                    -

                    The following shows how to use a hostPath volume. Compared with emptyDir, the type of volumes is changed to hostPath, and the path on the host needs to be configured for this hostPath volume. In the following example, /tmp/log on the host is mounted to /var/log/nginx. In this way, the ICAgent can collects logs in /var/log/nginx, without deleting the logs from /tmp/log.

                    +

                    The following shows how to use a hostPath volume. Compared with emptyDir, the type of volumes is changed to hostPath, and the path on the host needs to be configured for this hostPath volume. In the following example, /tmp/log on the host is mounted to /var/log/nginx. In this way, the ICAgent can collect logs in /var/log/nginx, without deleting the logs from /tmp/log.

                    apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -145,7 +145,7 @@ spec:
                    - @@ -154,8 +154,8 @@ spec: @@ -173,9 +173,9 @@ spec: @@ -202,10 +202,10 @@ spec:

                    Viewing Logs

                    After a log collection path is configured and the workload is created, the ICAgent collects log files from the configured path. The collection takes about 1 minute.

                    After the log collection is complete, go to the workload details page and click Logs in the upper right corner to view logs.

                    You can also view logs on the AOM console.

                    -

                    You can also run the kubectl logs command to view the container stdout.

                    +

                    You can also run the kubectl logs command to view the container stdout.

                    • View the logs of a specified pod.
                      kubectl logs <pod_name> -n <namespace>
                    • View the logs of a specified pod in real time.
                      kubectl logs -f <pod_name> -n <namespace>
                      -
                    • View logs of a specified container in a specified pod.
                      kubectl logs <pod_name> -c <container_name> -n <namespace>
                      +
                    • View the logs of a specified container in a specified pod.
                      kubectl logs <pod_name> -c <container_name> -n <namespace>
                    • View the logs of a specified container in a specified pod in real time.
                      kubectl logs -f <pod_name> -c <container_name> -n <namespace>
                    diff --git a/docs/cce/umn/cce_10_0019.html b/docs/cce/umn/cce_10_0019.html index 39e8c15d9..d0b08afbb 100644 --- a/docs/cce/umn/cce_10_0019.html +++ b/docs/cce/umn/cce_10_0019.html @@ -1,10 +1,10 @@ -

                    Helm Chart

                    +

                    Helm Charts

                      -
                    • Overview of a Chart
                      +
                    • Chart Overview
                    • Deploying an Application from a Chart
                      • diff --git a/docs/cce/umn/cce_10_0020.html b/docs/cce/umn/cce_10_0020.html index 8fecd17e2..1dcd64036 100644 --- a/docs/cce/umn/cce_10_0020.html +++ b/docs/cce/umn/cce_10_0020.html @@ -1,14 +1,14 @@ -

                      Network

                      +

                      Networking

                        -
                      • Overview
                        +
                      • Networking Overview
                        • -
                      • Container Network
                        +
                      • Container Networks
                        • -
                      • Service
                        +
                      • Services
                      • Ingresses
                        • diff --git a/docs/cce/umn/cce_10_0024.html b/docs/cce/umn/cce_10_0024.html index 02f5f7fc4..bc863fd2c 100644 --- a/docs/cce/umn/cce_10_0024.html +++ b/docs/cce/umn/cce_10_0024.html @@ -4,7 +4,7 @@
                          -
                        • CCE Operations Supported by Cloud Trace Service
                          +
                        • CCE Operations Supported by CTS
                        • Viewing CTS Traces in the Trace List
                          • diff --git a/docs/cce/umn/cce_10_0025.html b/docs/cce/umn/cce_10_0025.html index 8f20fc3bf..1c6ce67b5 100644 --- a/docs/cce/umn/cce_10_0025.html +++ b/docs/cce/umn/cce_10_0025.html @@ -1,588 +1,1479 @@ -

                          CCE Operations Supported by Cloud Trace Service

                          -

                          Cloud Trace Service (CTS) records operations on cloud service resources, allowing users to query, audit, and backtrack the resource operation requests initiated from the management console or open APIs as well as responses to the requests.

                          +

                          CCE Operations Supported by CTS

                          +

                          Cloud Trace Service (CTS) records operations on cloud service resources, allowing you to query, audit, and backtrack the resource operation requests initiated from the CCE console or open APIs as well as responses to the requests.

                          +

                          To collect the query events (Get and List) listed in the table below, enable read-only event reporting of CCE in CTS. Because query operations occur far more frequently than addition, deletion, or modification operations, enabling this function may generate a large volume of events. Assess the potential impact before enabling it.

                          +
                          -
                    Table 1 Parameters for configuring a log policy

                    Parameter

                    Description

                    Volume Type

                    • hostPath: A host path is mounted to the specified container path (mount path). In the node host path, you can view the container logs output into the mount path.
                    • emptyDir: A temporary path of the node is mounted to the specified path (mount path). Log data that exists in the temporary path but is not reported by the collector to AOM will disappear after the pod is deleted.
                    +
                    • hostPath: A host path is mounted to the specified container path (mount path). After it is mounted, you can view the container logs that have been saved there.
                    • emptyDir: A temporary path of the node is mounted to the specified path (mount path). After it is mounted, any logs in the temporary path that are not reported to AOM by the collector will be lost if the pod is deleted.

                    hostPath

                    @@ -24,7 +24,7 @@

                    Mount Path

                    Container path (for example, /tmp) to which the storage resources will be mounted.
                    NOTICE:
                    • Do not mount storage to a system directory such as / or /var/run; this action may cause a container error to occur. You are advised to mount the container to an empty directory. If the directory is not empty, ensure that there are no files affecting container startup in the directory. Otherwise, such files will be replaced, resulting in failures to start the container and create the workload.
                    • If the container is mounted to a high-risk directory, you are advised to use an account with minimum permissions to start the container; otherwise, high-risk files on the host may be damaged.
                    • AOM collects only the first 20 logs that have been modified recently. It collects logs from 2 levels of subdirectories by default.
                    • AOM only collects .log, .trace, and .out text logs in mounting paths.
                    • For details about how to set permissions for mount points in a container, see Configure a Security Context for a Pod or Container.
                    +
                    Container path (for example, /tmp) that the storage resources will be mounted to.
                    NOTICE:
                    • Do not mount a volume to a system directory such as / or /var/run, or an exception occurs. Mount the volume to an empty directory. If the directory is not empty, ensure that there are no files that affect container startup. If there are such files, they will be replaced, which will lead to a container startup or workload creation failure.
                    • If the container is mounted to a high-risk directory, use an account with minimum permissions to start the container. Otherwise, high-risk files on the host may be damaged.
                    • AOM collects only the first 20 logs that have been modified recently. It collects logs from 2 levels of subdirectories by default.
                    • AOM only collects text log files in .log, .trace, and .out formats in the mount paths.
                    • For details about how to set permissions for mount points in a container, see Configure a Security Context for a Pod or Container.

                    This parameter is mandatory only if Volume Type is set to hostPath.

                    Extended host paths contain pod IDs or container names to distinguish different containers into which the host path is mounted.

                    A level-3 directory is added to the original volume directory/subdirectory. You can easily obtain the files output by a single Pod.

                    -
                    • None: No extended path is configured.
                    • PodUID: ID of a pod.
                    • PodName: name of a pod.
                    • PodUID/ContainerName: ID of a pod or name of a container.
                    • PodName/ContainerName: name of a pod or container.
                    +
                    • None: No extended path is configured.
                    • PodUID: ID of a pod.
                    • PodName: name of a pod.
                    • PodUID/ContainerName: ID of a pod or name of a container.
                    • PodName/ContainerName: name of a pod or container.

                    Collection Path

                    A collection path narrows down the scope of collection to specified logs.

                    -
                    • If no collection path is specified, log files in .log, .trace, and .out formats will be collected from the specified path.
                    • /Path/**/ indicates that all log files in .log, .trace, and .out formats will be recursively collected from the specified path and all subdirectories at 5 levels deep.
                    • * in log file names indicates a fuzzy match.
                    -

                    Example: The collection path /tmp/**/test*.log indicates that all .log files prefixed with test will be collected from /tmp and subdirectories at 5 levels deep.

                    -
                    CAUTION:

                    Ensure that ICAgent is of version 5.12.22 or later.

                    +
                    • If no collection path is specified, log files in .log, .trace, and .out formats will be collected from the current path.
                    • Entering ** indicates that all log files in .log, .trace, and .out formats will be recursively collected from the specified path and all subdirectories of five levels deep.
                    • Entering * indicates fuzzy matching.
                    +

                    Example: The collection path /tmp/**/test*.log indicates that all .log files prefixed with test will be collected from /tmp and subdirectories of five levels deep.

                    +
                    CAUTION:

                    Ensure that the version of ICAgent is 5.12.22 or later.

                    Log Dump

                    Log dump refers to rotating log files on a local host.

                    -
                    • Enabled: AOM scans log files every minute. When a log file exceeds 50 MB, it is dumped. A new .zip file is generated in the directory where the log file locates. For a log file, AOM stores only the latest 20 .zip files. When the number of .zip files exceeds 20, earlier .zip files will be deleted.
                    • Disabled: AOM does not dump log files.
                    +
                    • Enable: AOM scans log files every minute. When a log file exceeds 50 MB, it is dumped immediately. A new .zip file is generated in the directory where the log file resides. For a log file, AOM stores only the latest 20 .zip files. When the number of .zip files exceeds 20, earlier .zip files will be deleted.
                    • Disable: AOM does not dump log files.
                    NOTE:
                    • AOM rotates log files using copytruncate. Before enabling log dumping, ensure that log files are written in the append mode. Otherwise, file holes may occur.
                    • Currently, mainstream log components such as Log4j and Logback support log file rotation. If you have already set rotation for log files, skip the configuration. Otherwise, conflicts may occur.
                    • You are advised to configure log file rotation for your own services to flexibly control the size and number of rolled files.

                    Description

                    Description

                    +

                    Remarks

                    Extended host path

                    Extended host paths contain pod IDs or container names to distinguish different containers into which the host path is mounted.

                    -

                    A level-3 directory is added to the original volume directory/subdirectory. You can easily obtain the files output by a single Pod.

                    -
                    • None: No extended path is configured.
                    • PodUID: ID of a pod.
                    • PodName: name of a pod.
                    • PodUID/ContainerName: ID of a pod or name of a container.
                    • PodName/ContainerName: name of a pod or container.
                    +

                    A level-3 directory is added to the original volume directory/subdirectory. You can easily obtain the files output by a single Pod.

                    +
                    • None: No extended path is configured.
                    • PodUID: ID of a pod.
                    • PodName: name of a pod.
                    • PodUID/ContainerName: ID of a pod or name of a container.
                    • PodName/ContainerName: name of a pod or container.

                    policy.logs.rotate

                    @@ -163,7 +163,7 @@ spec:

                    Log dump

                    Log dump refers to rotating log files on a local host.

                    -
                    • Enabled: AOM scans log files every minute. When a log file exceeds 50 MB, it is dumped immediately. A new .zip file is generated in the directory where the log file locates. For a log file, AOM stores only the latest 20 .zip files. When the number of .zip files exceeds 20, earlier .zip files will be deleted. After the dump is complete, the log file in AOM will be cleared.
                    • Disabled: AOM does not dump log files.
                    +
                    • Enable: AOM scans log files every minute. When a log file exceeds 50 MB, it is dumped immediately. A new .zip file is generated in the directory where the log file resides. For a log file, AOM stores only the latest 20 .zip files. When the number of .zip files exceeds 20, earlier .zip files will be deleted. After the dump is complete, the log file in AOM will be cleared.
                    • Disable: AOM does not dump log files.
                    NOTE:
                    • AOM rotates log files using copytruncate. Before enabling log dumping, ensure that log files are written in the append mode. Otherwise, file holes may occur.
                    • Currently, mainstream log components such as Log4j and Logback support log file rotation. If you have already set rotation for log files, skip the configuration. Otherwise, conflicts may occur.
                    • You are advised to configure log file rotation for your own services to flexibly control the size and number of rolled files.

                    Collection path

                    A collection path narrows down the scope of collection to specified logs.

                    -
                    • If no collection path is specified, log files in .log, .trace, and .out formats will be collected from the specified path.
                    • /Path/**/ indicates that all log files in .log, .trace, and .out formats will be recursively collected from the specified path and all subdirectories at 5 levels deep.
                    • * in log file names indicates a fuzzy match.
                    -

                    Example: The collection path /tmp/**/test*.log indicates that all .log files prefixed with test will be collected from /tmp and subdirectories at 5 levels deep.

                    -
                    CAUTION:

                    Ensure that ICAgent is of version 5.12.22 or later.

                    +
                    • If no collection path is specified, log files in .log, .trace, and .out formats will be collected from the current path.
                    • Entering ** indicates that all log files in .log, .trace, and .out formats will be recursively collected from the specified path and all subdirectories of five levels deep.
                    • Entering * indicates fuzzy matching.
                    +

                    Example: The collection path /tmp/**/test*.log indicates that all .log files prefixed with test will be collected from /tmp and subdirectories of five levels deep.

                    +
                    CAUTION:

                    Ensure that the version of ICAgent is 5.12.22 or later.
                    Table 1 CCE Operations Supported by CTS

                    Operation

                    +
                    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/docs/cce/umn/cce_10_0026.html b/docs/cce/umn/cce_10_0026.html index 4ce73e548..b8162e570 100644 --- a/docs/cce/umn/cce_10_0026.html +++ b/docs/cce/umn/cce_10_0026.html @@ -1,20 +1,68 @@

                    Viewing CTS Traces in the Trace List

                    -

                    Scenarios

                    After you enable Cloud Trace Service (CTS) and the management tracker is created, CTS starts recording operations on cloud resources. CTS stores operation records (traces) generated in the last seven days.

                    +

                    Scenarios

                    Cloud Trace Service (CTS) records operations performed on cloud service resources. A record contains information such as the user who performed the operation, IP address, operation content, and returned response message. These records facilitate security auditing, issue tracking, and resource locating. They also help you plan and use resources, and identify high-risk or non-compliant operations.

                    -

                    Viewing Real-Time Traces in the Trace List

                    1. Log in to the management console.
                    2. Click in the upper left corner and choose Management & Deployment > Cloud Trace Service. The CTS console is displayed.
                    3. Choose Trace List in the navigation pane on the left.
                    4. Set filters to search for your desired traces, as shown in Figure 1. The following filters are available.
                      Figure 1 Filters
                      -
                      • Trace Type, Trace Source, Resource Type, and Search By: Select a filter from the drop-down list.
                        • If you select Resource ID for Search By, specify a resource ID.
                        • If you select Trace name for Search By, specify a trace name.
                        • If you select Resource name for Search By, specify a resource name.
                        -
                      • Operator: Select a user.
                      • Trace Status: Select All trace statuses, Normal, Warning, or Incident.
                      • Time range: Select Last 1 hour, Last 1 day, or Last 1 week, or specify a custom time range within the last seven days.
                      +

                      What Is a Trace?

                      A trace is an operation log for a cloud service resource, tracked and stored by CTS. Traces record operations such as adding, modifying, or deleting cloud service resources. You can view them to identify who performed operations and when for detailed tracking.

                      -
                    5. Click Query.
                    6. On the Trace List page, you can also export and refresh the trace list.
                      • Click Export to export all traces in the query result as a CSV file. The file can contain up to 5,000 records.
                      • Click to view the latest information about traces.
                      -
                    7. Click on the left of a trace to expand its details.

                      +

                      Viewing Traces in the Trace List

                      1. Log in to the management console, click in the upper left corner, and choose Management & Deployment > Cloud Trace Service.
                      2. In the navigation pane, choose Trace List.
                      3. In the upper right corner of the page, set a desired query time range: Last 1 hour, Last 1 day, or Last 1 week. You can also click Customize to specify a custom time range within the last seven days.
                      4. Set filters to search for your desired traces, as shown in Figure 1.

                        Figure 1 Filters
                        + +
                    Table 1 CCE operations supported by CTS

                    Operation

                    Resource Type

                    +

                    Resource

                    Event Name

                    +

                    Trace Name

                    Creating an agency

                    +

                    Creating an agency

                    Cluster

                    +

                    Cluster

                    createUserAgencies

                    +

                    createUserAgencies

                    Creating a cluster

                    +

                    Querying an agency

                    Cluster

                    +

                    Cluster

                    createCluster

                    +

                    getUserAgencies

                    Updating the description of a cluster

                    +

                    Obtaining an access policy

                    Cluster

                    +

                    Cluster

                    updateCluster

                    +

                    getAccessPolicy

                    Upgrading a cluster

                    +

                    Creating an access policy

                    Cluster

                    +

                    Cluster

                    clusterUpgrade

                    +

                    createAccessPolicy

                    Deleting a cluster

                    +

                    Deleting an access policy

                    Cluster

                    +

                    Cluster

                    claimCluster/deleteCluster

                    +

                    deleteAccessPolicy

                    Downloading a cluster certificate

                    +

                    Obtaining the access policy list

                    Cluster

                    +

                    Cluster

                    getClusterCertByUID

                    +

                    listAccessPolicy

                    Binding and unbinding an EIP

                    +

                    Updating an access policy

                    Cluster

                    +

                    Cluster

                    operateMasterEIP

                    +

                    updateAccessPolicy

                    Waking up a cluster and resetting node management (V2)

                    +

                    Creating a cluster

                    Cluster

                    +

                    Cluster

                    operateCluster

                    +

                    createCluster

                    Hibernating a cluster (V3)

                    +

                    Updating the description of a cluster

                    Cluster

                    +

                    Cluster

                    hibernateCluster

                    +

                    updateCluster

                    Waking up a cluster (V3)

                    +

                    Upgrading a cluster

                    Cluster

                    +

                    Cluster

                    awakeCluster

                    +

                    clusterUpgrade

                    Changing the specifications of a cluster

                    +

                    Deleting a cluster

                    Cluster

                    +

                    Cluster

                    resizeCluster

                    +

                    claimCluster/deleteCluster

                    Modifying configurations of a cluster

                    +

                    Obtaining the cluster list

                    Cluster

                    +

                    Cluster

                    updateConfiguration

                    +

                    listCluster

                    Creating a node pool

                    +

                    Obtaining the cluster list in a project

                    Node pool

                    +

                    Cluster

                    createNodePool

                    +

                    getClustersByProjectID

                    Updating a node pool

                    +

                    Obtaining the number of clusters

                    Node pool

                    +

                    Cluster

                    updateNodePool

                    +

                    getClusterInstances

                    Deleting a node pool

                    +

                    Obtaining a cluster

                    Node pool

                    +

                    Cluster

                    claimNodePool

                    +

                    getClusterByUID

                    Migrating a node pool

                    +

                    Obtaining the cluster package list

                    Node pool

                    +

                    Cluster

                    migrateNodepool

                    +

                    getPackageLists

                    Modifying node pool configurations

                    +

                    Obtaining the package configuration of a cluster

                    Node pool

                    +

                    Cluster

                    updateConfiguration

                    +

                    getPackageConfigs

                    Creating a node

                    +

                    Downloading a cluster certificate

                    Node

                    +

                    Cluster

                    createNode

                    +

                    getClusterCertByUID

                    Deleting all the nodes from a specified cluster

                    +

                    Revoking a cluster certificate

                    Node

                    +

                    Cluster

                    deleteAllHosts

                    +

                    revokeClusterCert

                    Deleting a single node

                    +

                    Binding and unbinding an EIP

                    Node

                    +

                    Cluster

                    deleteOneHost/claimOneHost

                    +

                    operateMasterEIP

                    Updating the description of a node

                    +

                    Waking up a cluster and resetting node management (V2)

                    Node

                    +

                    Cluster

                    updateNode

                    +

                    operateCluster

                    Creating an add-on instance

                    +

                    Hibernating a cluster (V3)

                    Add-on instance

                    +

                    Cluster

                    createAddonInstance

                    +

                    hibernateCluster

                    Deleting an add-on instance

                    +

                    Waking up a cluster (V3)

                    Add-on instance

                    +

                    Cluster

                    deleteAddonInstance

                    +

                    awakeCluster

                    Uploading a chart

                    +

                    Changing the specifications of a cluster

                    Chart

                    +

                    Cluster

                    uploadChart

                    +

                    resizeCluster

                    Updating a chart

                    +

                    Modifying configurations of a cluster

                    Chart

                    +

                    Cluster

                    updateChart

                    +

                    updateConfiguration

                    Deleting a chart

                    +

                    Obtaining cluster configuration

                    Chart

                    +

                    Cluster

                    deleteChart

                    +

                    getClusterConfiguration

                    Creating a release

                    +

                    Obtaining all configurations of the current cluster version

                    Release

                    +

                    Cluster

                    createRelease

                    +

                    getClusterConfigurationDetail

                    Upgrading a release

                    +

                    Querying the detailed configuration items of a cluster by cluster version or type

                    Release

                    +

                    Cluster

                    updateRelease

                    +

                    getClusterSupportConfiguration

                    Deleting a release

                    +

                    Obtaining cluster quotas

                    Release

                    +

                    Cluster

                    deleteRelease

                    +

                    getQuotas

                    Creating a ConfigMap

                    +

                    Obtaining the global OBS access secret configuration of a cluster

                    Kubernetes resource

                    +

                    Cluster

                    createConfigmaps

                    +

                    getClusterLongAKSKConfig

                    Creating a DaemonSet

                    +

                    Updating the global OBS access secret configuration of a cluster

                    Kubernetes resource

                    +

                    Cluster

                    createDaemonsets

                    +

                    updateClusterLongAKSKConfig

                    Creating a Deployment

                    +

                    Updating the global OBS access secret configuration in a project

                    Kubernetes resource

                    +

                    Cluster

                    createDeployments

                    +

                    UpdateAKSKConfig

                    Creating an event

                    +

                    Obtaining the global OBS access secret configuration in a project

                    Kubernetes resource

                    +

                    Cluster

                    createEvents

                    +

                    GetAKSKConfig

                    Creating an Ingress

                    +

                    Obtaining the IP address of a master node

                    Kubernetes resource

                    +

                    Cluster

                    createIngresses

                    +

                    GetOpenAPIInfo

                    Creating a job

                    +

                    Obtaining the cluster access address

                    Kubernetes resource

                    +

                    Cluster

                    createJobs

                    +

                    GetEndpoints

                    Creating a namespace

                    +

                    Retrying a cluster upgrade

                    Kubernetes resource

                    +

                    Cluster

                    createNamespaces

                    +

                    ClusterUpgradeRetry

                    Creating a node

                    +

                    Pausing a cluster upgrade

                    Kubernetes resource

                    +

                    Cluster

                    createNodes

                    +

                    ClusterUpgradePause

                    Creating a PersistentVolumeClaim

                    +

                    Continuing a cluster upgrade

                    Kubernetes resource

                    +

                    Cluster

                    createPersistentvolumeclaims

                    +

                    ClusterUpgradeContinue

                    Creating a pod

                    +

                    Rolling back a cluster upon an upgrade failure

                    Kubernetes resource

                    +

                    Cluster

                    createPods

                    +

                    Rollback

                    Creating a replica set

                    +

                    Rolling back a cluster upon an upgrade retry failure

                    Kubernetes resource

                    +

                    Cluster

                    createReplicasets

                    +

                    ClusterRollbackRetry

                    Creating a resource quota

                    +

                    Pausing a cluster upgrade rollback

                    Kubernetes resource

                    +

                    Cluster

                    createResourcequotas

                    +

                    ClusterRollbackPause

                    Creating a secret

                    +

                    Continuing a cluster upgrade rollback

                    Kubernetes resource

                    +

                    Cluster

                    createSecrets

                    +

                    ClusterRollbackContinue

                    Creating a service

                    +

                    Querying the cluster rollback history

                    Kubernetes resource

                    +

                    Cluster

                    createServices

                    +

                    GetRollbackTasks

                    Creating a StatefulSet

                    +

                    Querying the cluster upgrade history

                    Kubernetes resource

                    +

                    Cluster

                    createStatefulsets

                    +

                    GetUpgradeTasks

                    Creating a volume

                    +

                    Querying the records of a cluster upgrade

                    Kubernetes resource

                    +

                    Cluster

                    createVolumes

                    +

                    GetUpgradeTask

                    Deleting a ConfigMap

                    +

                    Querying cluster labels

                    Kubernetes resource

                    +

                    Cluster

                    deleteConfigmaps

                    +

                    GetLabels

                    Deleting a DaemonSet

                    +

                    Querying the configuration of a cluster

                    Kubernetes resource

                    +

                    Cluster

                    deleteDaemonsets

                    +

                    GetUpgradeInfo

                    Deleting a Deployment

                    +

                    Obtaining the certificate rotation state

                    Kubernetes resource

                    +

                    Cluster

                    deleteDeployments

                    +

                    GetRotationState

                    Deleting an event

                    +

                    Rotating certificates

                    Kubernetes resource

                    +

                    Cluster

                    deleteEvents

                    +

                    RotateCredentials

                    Deleting an Ingress

                    +

                    Downloading certificates

                    Kubernetes resource

                    +

                    Cluster

                    deleteIngresses

                    +

                    DownloadNodeCredentials

                    Deleting a job

                    +

                    Rolling back certificates

                    Kubernetes resource

                    +

                    Cluster

                    deleteJobs

                    +

                    RollbackCredentials

                    Deleting a namespace

                    +

                    Completing certificate rotation

                    Kubernetes resource

                    +

                    Cluster

                    deleteNamespaces

                    +

                    FinishEncryptionKeyRotation

                    Deleting a node

                    +

                    Supplementing the component certificates of a master node

                    Kubernetes resource

                    +

                    Cluster

                    deleteNodes

                    +

                    CompleteComponentCredential

                    Deleting a Pod

                    +

                    Updating cluster certificates

                    Kubernetes resource

                    +

                    Cluster

                    deletePods

                    +

                    RotateClusterCredentials

                    Deleting a replica set

                    +

                    Enabling the cluster upgrade workflow booting task

                    Kubernetes resource

                    +

                    Cluster

                    deleteReplicasets

                    +

                    UpgradeWorkFlow

                    Deleting a resource quota

                    +

                    Querying cluster upgrade workflows

                    Kubernetes resource

                    +

                    Cluster

                    deleteResourcequotas

                    +

                    GetUpgradeWorkFlows

                    Deleting a secret

                    +

                    Querying details about a cluster upgrade task

                    Kubernetes resource

                    +

                    Cluster

                    deleteSecrets

                    +

                    UpgradeWorkFlowUpdate

                    Deleting a service

                    +

                    Performing a pre-upgrade check for a cluster

                    Kubernetes resource

                    +

                    Cluster

                    deleteServices

                    +

                    PreCheck

                    Deleting a StatefulSet

                    +

                    Obtaining the list of historical check records

                    Kubernetes resource

                    +

                    Cluster

                    deleteStatefulsets

                    +

                    GetPreCheckList

                    Deleting volumes

                    +

                    Obtaining a specific check record

                    Kubernetes resource

                    +

                    Cluster

                    deleteVolumes

                    +

                    GetPreCheck

                    Replacing a specified ConfigMap

                    +

                    Performing a post-upgrade check

                    Kubernetes resource

                    +

                    Cluster

                    updateConfigmaps

                    +

                    PostCheck

                    Replacing a specified DaemonSet

                    +

                    Performing a rolling upgrade on the cluster control plane

                    Kubernetes resource

                    +

                    Cluster

                    updateDaemonsets

                    +

                    RollingUpdateControlPlane

                    Replacing a specified Deployment

                    +

                    Retrying a rolling upgrade on the cluster control plane

                    Kubernetes resource

                    +

                    Cluster

                    updateDeployments

                    +

                    RetryRollingUpdateControlPlane

                    Replacing a specified event

                    +

                    Creating a node pool

                    Kubernetes resource

                    +

                    Node pool

                    updateEvents

                    +

                    createNodePool

                    Replacing a specified ingress

                    +

                    Updating a node pool

                    Kubernetes resource

                    +

                    Node pool

                    updateIngresses

                    +

                    updateNodePool

                    Replacing a specified job

                    +

                    Deleting a node pool

                    Kubernetes resource

                    +

                    Node pool

                    updateJobs

                    +

                    claimNodePool

                    Replacing a specified namespace

                    +

                    Migrating a node pool

                    Kubernetes resource

                    +

                    Node pool

                    updateNamespaces

                    +

                    migrateNodepool

                    Replacing a specified node

                    +

                    Updating the node pool configuration

                    Kubernetes resource

                    +

                    Node pool

                    updateNodes

                    +

                    updateConfiguration

                    Replacing a specified PersistentVolumeClaim

                    +

                    Obtaining the node pool configuration

                    Kubernetes resource

                    +

                    Node pool

                    updatePersistentvolumeclaims

                    +

                    getConfiguration

                    Replacing a specified pod

                    +

                    Obtaining node pool details

                    Kubernetes resource

                    +

                    Node pool

                    updatePods

                    +

                    getConfigurationDetail

                    Replacing a specified replica set

                    +

                    Querying a node pool

                    Kubernetes resource

                    +

                    Node pool

                    updateReplicasets

                    +

                    getNodePool

                    Replacing a specified resource quota

                    +

                    Querying the node pool quota

                    Kubernetes resource

                    +

                    Node pool

                    updateResourcequotas

                    +

                    getNodePoolQuota

                    Replacing a specified secret

                    +

                    Querying all node pools in a cluster

                    Kubernetes resource

                    +

                    Node pool

                    updateSecrets

                    +

                    listNodePools

                    Replacing a specified service

                    +

                    Scaling down a node pool

                    Kubernetes resource

                    +

                    Node pool

                    updateServices

                    +

                    scaleNodePool

                    Replacing a specified StatefulSet

                    +

                    Upgrading a node pool

                    Kubernetes resource

                    +

                    Node pool

                    updateStatefulsets

                    +

                    upgradeNodePool

                    Replacing the specified status

                    +

                    Adding nodes

                    Kubernetes resource

                    +

                    Node

                    updateStatus

                    +

                    addNodes

                    Uploading a chart

                    +

                    Creating a node

                    Kubernetes resource

                    +

                    Node

                    uploadChart

                    +

                    createNode

                    Updating a component template

                    +

                    Deleting all nodes from a cluster

                    Kubernetes resource

                    +

                    Node

                    updateChart

                    +

                    deleteAllHosts

                    Deleting a chart

                    +

                    Deleting a node

                    Kubernetes resource

                    +

                    Node

                    deleteChart

                    +

                    deleteOneHost/claimOneHost

                    Creating a template application

                    +

                    Updating the description of a node

                    Kubernetes resource

                    +

                    Node

                    createRelease

                    +

                    updateNode

                    Updating a template application

                    +

                    Obtaining the list of nodes in a cluster

                    Kubernetes resource

                    +

                    Node

                    updateRelease

                    +

                    getHostsList

                    Deleting a template application

                    +

                    Obtaining a node

                    Kubernetes resource

                    +

                    Node

                    deleteRelease

                    +

                    getOneHost

                    +

                    Removing nodes

                    +

                    Node

                    +

                    removeNodesTask

                    +

                    Resetting nodes

                    +

                    Node

                    +

                    resetNodes

                    +

                    Migrating nodes to the node pool

                    +

                    Node

                    +

                    MigrateNodes

                    +

                    Synchronizing nodes in a batch

                    +

                    Node

                    +

                    SyncNodes

                    +

                    Migrating nodes

                    +

                    Node

                    +

                    MigrateNodesTask

                    +

                    Locking a node pool so that it will not be scaled down

                    +

                    Node

                    +

                    LockNodepoolNodeScaleDown

                    +

                    Unlocking a node pool so that it can be scaled down

                    +

                    Node

                    +

                    UnLockNodepoolNodeScaleDown

                    +

                    Deleting all jobs

                    +

                    Job

                    +

                    deleteJobs

                    +

                    Deleting a job

                    +

                    Job

                    +

                    deleteOneJob

                    +

                    Obtaining jobs in a project

                    +

                    Job

                    +

                    getJobsByProjectID

                    +

                    Obtaining a job

                    +

                    Job

                    +

                    getJobByUID

                    +

                    Creating an add-on instance

                    +

                    Add-on instance

                    +

                    createAddonInstance

                    +

                    Querying an add-on instance

                    +

                    Add-on instance

                    +

                    getAddonInstance

                    +

                    Deleting an add-on instance

                    +

                    Add-on instance

                    +

                    deleteAddonInstance

                    +

                    Obtaining the add-on list

                    +

                    Add-on instance

                    +

                    getAddonsList

                    +

                    Updating an add-on instance

                    +

                    Add-on instance

                    +

                    updateAddonInstance

                    +

                    Rolling back an add-on instance

                    +

                    Add-on instance

                    +

                    rollbackAddonInstance

                    +

                    Obtaining add-on details by add-on ID

                    +

                    Add-on instance

                    +

                    GetAddonTemplate

                    +

                    Obtaining the add-on template list

                    +

                    Add-on instance

                    +

                    GetAddonTemplateList

                    +

                    Uploading a chart

                    +

                    Chart

                    +

                    uploadChart

                    +

                    Updating a chart

                    +

                    Chart

                    +

                    updateChart

                    +

                    Deleting a chart

                    +

                    Chart

                    +

                    deleteChart

                    +

                    Downloading a chart

                    +

                    Chart

                    +

                    downloadChart

                    +

                    Querying a chart

                    +

                    Chart

                    +

                    getChart

                    +

                    Obtaining chart details

                    +

                    Chart

                    +

                    getChartValues

                    +

                    Obtaining the chart list

                    +

                    Chart

                    +

                    listCharts

                    +

                    Obtaining the chart quota

                    +

                    Chart

                    +

                    getUserChartsQuotas

                    +

                    Creating a release

                    +

                    Release

                    +

                    createRelease

                    +

                    Upgrading a release

                    +

                    Release

                    +

                    updateRelease

                    +

                    Deleting a release

                    +

                    Release

                    +

                    deleteRelease

                    +

                    Querying a release

                    +

                    Release

                    +

                    getRelease

                    +

                    Querying the release history

                    +

                    Release

                    +

                    getReleaseHistory

                    +

                    Querying the release list

                    +

                    Release

                    +

                    listReleases

                    +

                    Creating a ConfigMap

                    +

                    Kubernetes resource

                    +

                    createConfigmaps

                    +

                    Querying a ConfigMap

                    +

                    Kubernetes resource

                    +

                    getConfigmaps

                    +

                    Creating a DaemonSet

                    +

                    Kubernetes resource

                    +

                    createDaemonsets

                    +

                    Querying a DaemonSet

                    +

                    Kubernetes resource

                    +

                    getDaemonsets

                    +

                    Creating a Deployment

                    +

                    Kubernetes resource

                    +

                    createDeployments

                    +

                    Querying a Deployment

                    +

                    Kubernetes resource

                    +

                    getDeployments

                    +

                    Creating an event

                    +

                    Kubernetes resource

                    +

                    createEvents

                    +

                    Querying an event

                    +

                    Kubernetes resource

                    +

                    getEvents

                    +

                    Creating an ingress

                    +

                    Kubernetes resource

                    +

                    createIngresses

                    +

                    Querying an ingress

                    +

                    Kubernetes resource

                    +

                    getIngresses

                    +

                    Creating a job

                    +

                    Kubernetes resource

                    +

                    createJobs

                    +

                    Querying a job

                    +

                    Kubernetes resource

                    +

                    getJobs

                    +

                    Creating a namespace

                    +

                    Kubernetes resource

                    +

                    createNamespaces

                    +

                    Querying a namespace

                    +

                    Kubernetes resource

                    +

                    getNamespaces

                    +

                    Creating a node

                    +

                    Kubernetes resource

                    +

                    createNodes

                    +

                    Querying a node

                    +

                    Kubernetes resource

                    +

                    getNodes

                    +

                    Creating a PersistentVolumeClaim

                    +

                    Kubernetes resource

                    +

                    createPersistentvolumeclaims

                    +

                    Querying a PersistentVolumeClaim

                    +

                    Kubernetes resource

                    +

                    getPersistentvolumeclaims

                    +

                    Creating a pod

                    +

                    Kubernetes resource

                    +

                    createPods

                    +

                    Querying a pod

                    +

                    Kubernetes resource

                    +

                    getPods

                    +

                    Creating a ReplicaSet

                    +

                    Kubernetes resource

                    +

                    createReplicasets

                    +

                    Querying a ReplicaSet

                    +

                    Kubernetes resource

                    +

                    getReplicasets

                    +

                    Creating a resource quota

                    +

                    Kubernetes resource

                    +

                    createResourcequotas

                    +

                    Creating a secret

                    +

                    Kubernetes resource

                    +

                    createSecrets

                    +

                    Querying a secret

                    +

                    Kubernetes resource

                    +

                    getSecrets

                    +

                    Creating a Service

                    +

                    Kubernetes resource

                    +

                    createServices

                    +

                    Querying a Service

                    +

                    Kubernetes resource

                    +

                    getServices

                    +

                    Creating a StatefulSet

                    +

                    Kubernetes resource

                    +

                    createStatefulsets

                    +

                    Querying a StatefulSet

                    +

                    Kubernetes resource

                    +

                    getStatefulsets

                    +

                    Creating a volume

                    +

                    Kubernetes resource

                    +

                    createVolumes

                    +

                    Querying a volume

                    +

                    Kubernetes resource

                    +

                    getVolumes

                    +

                    Deleting a ConfigMap

                    +

                    Kubernetes resource

                    +

                    deleteConfigmaps

                    +

                    Deleting a DaemonSet

                    +

                    Kubernetes resource

                    +

                    deleteDaemonsets

                    +

                    Deleting a Deployment

                    +

                    Kubernetes resource

                    +

                    deleteDeployments

                    +

                    Deleting an event

                    +

                    Kubernetes resource

                    +

                    deleteEvents

                    +

                    Deleting an ingress

                    +

                    Kubernetes resource

                    +

                    deleteIngresses

                    +

                    Deleting a job

                    +

                    Kubernetes resource

                    +

                    deleteJobs

                    +

                    Deleting a namespace

                    +

                    Kubernetes resource

                    +

                    deleteNamespaces

                    +

                    Deleting a node

                    +

                    Kubernetes resource

                    +

                    deleteNodes

                    +

                    Deleting a Pod

                    +

                    Kubernetes resource

                    +

                    deletePods

                    +

                    Deleting a ReplicaSet

                    +

                    Kubernetes resource

                    +

                    deleteReplicasets

                    +

                    Deleting a resource quota

                    +

                    Kubernetes resource

                    +

                    deleteResourcequotas

                    +

                    Deleting a secret

                    +

                    Kubernetes resource

                    +

                    deleteSecrets

                    +

                    Deleting a Service

                    +

                    Kubernetes resource

                    +

                    deleteServices

                    +

                    Deleting a StatefulSet

                    +

                    Kubernetes resource

                    +

                    deleteStatefulsets

                    +

                    Deleting a volume

                    +

                    Kubernetes resource

                    +

                    deleteVolumes

                    +

                    Replacing a ConfigMap

                    +

                    Kubernetes resource

                    +

                    updateConfigmaps

                    +

                    Replacing a DaemonSet

                    +

                    Kubernetes resource

                    +

                    updateDaemonsets

                    +

                    Replacing a Deployment

                    +

                    Kubernetes resource

                    +

                    updateDeployments

                    +

                    Replacing an event

                    +

                    Kubernetes resource

                    +

                    updateEvents

                    +

                    Replacing an ingress

                    +

                    Kubernetes resource

                    +

                    updateIngresses

                    +

                    Replacing a job

                    +

                    Kubernetes resource

                    +

                    updateJobs

                    +

                    Replacing a namespace

                    +

                    Kubernetes resource

                    +

                    updateNamespaces

                    +

                    Replacing a node

                    +

                    Kubernetes resource

                    +

                    updateNodes

                    +

                    Replacing a PersistentVolumeClaim

                    +

                    Kubernetes resource

                    +

                    updatePersistentvolumeclaims

                    +

                    Replacing a pod

                    +

                    Kubernetes resource

                    +

                    updatePods

                    +

                    Replacing a ReplicaSet

                    +

                    Kubernetes resource

                    +

                    updateReplicasets

                    +

                    Replacing a resource quota

                    +

                    Kubernetes resource

                    +

                    updateResourcequotas

                    +

                    Replacing a secret

                    +

                    Kubernetes resource

                    +

                    updateSecrets

                    +

                    Replacing a Service

                    +

                    Kubernetes resource

                    +

                    updateServices

                    +

                    Replacing a StatefulSet

                    +

                    Kubernetes resource

                    +

                    updateStatefulsets

                    +

                    Replacing a status

                    +

                    Kubernetes resource

                    +

                    updateStatus

                    +

                    Uploading a component chart

                    +

                    Kubernetes resource

                    +

                    uploadChart

                    +

                    Updating a component chart

                    +

                    Kubernetes resource

                    +

                    updateChart

                    +

                    Deleting a component chart

                    +

                    Kubernetes resource

                    +

                    deleteChart

                    +

                    Querying a component chart

                    +

                    Kubernetes resource

                    +

                    getChart

                    +

                    Creating a release

                    +

                    Kubernetes resource

                    +

                    createRelease

                    +

                    Updating a release

                    +

                    Kubernetes resource

                    +

                    updateRelease

                    +

                    Deleting a release

                    +

                    Kubernetes resource

                    +

                    deleteRelease

                    +

                    Querying a release

                    +

                    Kubernetes resource

                    +

                    getRelease

                    +

                    Backing up a cluster

                    +

                    Cluster

                    +

                    Snapshot

                    +

                    Querying the snapshot task list of a cluster

                    +

                    Cluster

                    +

                    GetSnapshotTasks

                    +

                    Synchronizing the node pool configuration to existing nodes

                    +

                    Cluster

                    +

                    SyncNodePool

                    +

                    Obtaining tenant permission application records

                    +

                    Cluster

                    +

                    ListPermissionApplyOrders

                    +

                    Applying for tenant permissions

                    +

                    Cluster

                    +

                    CreatePermissionApplyOrder

                    +

                    Adding resource tags to a cluster in a batch

                    +

                    Cluster

                    +

                    BatchCreateDeleteResourceTags

                    +

                    Deleting tags from a cluster in a batch

                    +

                    Cluster

                    +

                    BatchCreateDeleteResourceTags

                    +

                    Creating a partition

                    +

                    Cluster

                    +

                    CreatePartition

                    +

                    Querying a partition

                    +

                    Cluster

                    +

                    GetOnePartition

                    +

                    Querying the partition list of a cluster

                    +

                    Cluster

                    +

                    GetPartitionList

                    +

                    Updating a partition

                    +

                    Cluster

                    +

                    UpdatePartition

                    +

                    Querying a warm-up pool

                    +

                    Cluster

                    +

                    GetWarmUpPool

                    +

                    Querying the warm-up pool list

                    +

                    Cluster

                    +

                    ListWarmUpPool

                    +

                    Updating a warm-up pool

                    +

                    Cluster

                    +

                    UpdateWarmUpPool

                    +

                    Creating a warm-up pool

                    +

                    Cluster

                    +

                    CreateWarmUpPool

                    +

                    Deleting a warm-up pool

                    +

                    Cluster

                    +

                    DeleteWarmUpPool

                    +

                    Querying an upgrade path

                    +

                    Cluster

                    +

                    GetClusterUpgradePaths

                    +

                    Querying upgrade feature gates

                    +

                    Cluster

                    +

                    GetUpgradeFeatureGates

                    +

                    Obtaining an automatic upgrade plan

                    +

                    Cluster

                    +

                    GetUpgradePlans

                    +

                    Deleting an automatic upgrade plan

                    +

                    Cluster

                    +

                    DeleteUpgradePlan

                    +

                    Obtaining a cluster maintenance window

                    +

                    Cluster

                    +

                    GetMaintenanceWindow

                    +

                    Updating a cluster maintenance window

                    +

                    Cluster

                    +

                    UpdateMaintenanceWindow

                    +

                    Creating a cluster maintenance window

                    +

                    Cluster

                    +

                    CreateMaintenanceWindow

                    +

                    Deleting a cluster maintenance window

                    +

                    Cluster

                    +

                    DeleteMaintenanceWindow
                    + + + + + + + + + + + + + + + + + + + + + + +
                    Table 1 Trace filtering parameters

                    Parameter

                    +

                    Description

                    +

                    Trace Type

                    +

                    Select Management or Data.

                    +
                    • Management traces record operations performed by users on cloud service resources, including creation, modification, and deletion.
                    • Data traces are reported by OBS and record operations performed on data in OBS buckets, including uploads and downloads.
                    +

                    Trace Source

                    +

                    Select the name of the cloud service that triggers a trace from the drop-down list.

                    +

                    Resource type

                    +

                    Select the type of the resource involved in a trace from the drop-down list.

                    +

                    For details about the resource types of each cloud service, see section "Supported Services and Operations" in the Cloud Trace Service User Guide.

                    +

                    Search By

                    +

                    Select one of the following options:

                    +
                    • Resource ID: ID of the cloud resource involved in a trace.

                      Leave this field empty if the resource has no resource ID or if resource creation failed.

                      +
                    • Trace name: name of a trace.

                      For details about the operations that can be audited for each cloud service, see section "Supported Services and Operations" in the Cloud Trace Service User Guide.

                      +
                    • Resource name: name of the cloud resource involved in a trace.

                      If the cloud resource involved in the trace does not have a resource name or the corresponding API operation does not involve the resource name parameter, leave this field empty.

                      +
                    +

                    Operator

                    +

                    User who triggers a trace.

                    +

                    Select one or more operators from the drop-down list.

                    +

                    If the value of trace_type in a trace is SystemAction, the operation is triggered by the service and the trace's operator may be empty.

                    +

                    Trace Status

                    +

                    Select one of the following options:

                    +
                    • Normal: The operation succeeded.
                    • Warning: The operation failed.
                    • Incident: The operation caused a fault that is more serious than a normal failure, for example, causing other faults.
                    +
                    +
                    +

                  5. Click Query.
                  6. On the Trace List page, you can also export and refresh the trace list.

                    • Click Export to export all traces in the query result as a CSV file. The file can contain up to 5,000 records.
                    • Click to view the latest information about traces.
                    +

                  7. Click on the left of a trace to expand its details.

                    -

                    -

                    -
                  8. Click View Trace in the Operation column. The trace details are displayed.

                    -
                  9. For details about key fields in the trace structure, see Trace Structure and Example Traces in the CTS User Guide.
                    10. +

                  10. Click View Trace in the Operation column. The trace details are displayed.

                    +

                    11. + +

                    Helpful Links

                    diff --git a/docs/cce/umn/cce_10_0028.html b/docs/cce/umn/cce_10_0028.html index 668a4b988..19ae29c09 100644 --- a/docs/cce/umn/cce_10_0028.html +++ b/docs/cce/umn/cce_10_0028.html @@ -1,360 +1,545 @@

                    Creating a CCE Standard/Turbo Cluster

                    -

                    On the CCE console, you can easily create Kubernetes clusters. After a cluster is created, the master node is hosted by CCE. You only need to create worker nodes. In this way, you can implement cost-effective O&M and efficient service deployment.

                    -

                    Precautions

                    • After a cluster is created, the following items cannot be changed:
                      • Cluster type
                      • Number of master nodes in the cluster
                      • AZ of a master node
                      • Network configurations of the cluster, such as the VPC, subnet, Service CIDR block, IPv6 settings, and kube-proxy settings
                      • Network model. For example, change Tunnel network to VPC network.
                      -
                    -
                    -

                    Step 1: Log In to the CCE Console

                    1. Log in to the CCE console.
                    2. On the Clusters page, click Create Cluster.
                    -
                    -

                    Step 2: Configure the Cluster

                    On the Create Cluster page, configure the parameters.

                    -

                    Basic Settings

                    -

                    +

                    CCE standard and Turbo clusters provide enterprise-class Kubernetes cluster hosting service that supports full lifecycle management of containerized applications. They offer a highly scalable, high-performance solution for deploying and managing cloud native applications. On the CCE console, you can easily create CCE standard and Turbo clusters. After a cluster is created, CCE hosts the master nodes. You only need to create worker nodes. In this way, you can implement cost-effective O&M and efficient service deployment.

                    +

                    Before creating a CCE standard or Turbo cluster, you are advised to learn about What Is CCE? Networking Overview, and Planning CIDR Blocks for a Cluster.

                    +

                    Step 1: Configure Basic Settings

                    Basic settings define the core architecture and underlying resource rules of a cluster, providing a framework for cluster running and resource allocation.

                    +
                    1. Log in to the CCE console. In the upper left corner of the page, click and select a region for your cluster. The closer the selected region is to the region where resources are deployed, the lower the network latency and the faster the access.

                      After confirming the region, click Create Cluster. If you use CCE for the first time, you need to create an agency following instructions.

                      +

                    2. Configure the basic settings of the cluster. For details, see Table 1.

                      -

                      Parameter

                      +
                      - + - - + - - + - - + - - + - - - - -
                      Table 1 Basic settings of a cluster (applicable to standard and Turbo clusters)

                      Parameter

                      Description

                      +

                      Description

                      +

                      Modifiable After Cluster Creation

                      Type

                      +

                      Type

                      Select CCE Standard Cluster or CCE Turbo Cluster as required.

                      -
                      • CCE standard clusters provide highly reliable and secure containers for commercial use.
                      • CCE Turbo clusters use the high-performance cloud native network. Such clusters provide cloud native hybrid scheduling, achieving higher resource utilization and wider scenario coverage.
                      -

                      For more details, see cluster types.

                      +

                      Select CCE Standard Cluster or CCE Turbo Cluster as required.

                      +
                      • CCE standard clusters provide highly reliable and secure containers for commercial use.
                      • CCE Turbo clusters use the high-performance cloud native network. Such clusters provide cloud native hybrid scheduling, achieving higher resource utilization and wider scenario coverage.
                      +

                      For details, see cluster types.

                      +

                      No

                      Cluster Name

                      +

                      Cluster Name

                      Enter a cluster name. Cluster names under the same account must be unique.

                      +

                      Enter a cluster name. Cluster names under the same account must be unique.

                      +

                      Enter 4 to 128 characters. Start with a lowercase letter and do not end with a hyphen (-). Only lowercase letters, digits, and hyphens (-) are allowed.

                      +

                      Yes

                      Cluster Version

                      +

                      Cluster Version

                      Select the Kubernetes version used by the cluster.

                      +

                      Select a Kubernetes version. The latest commercial version is recommended, and it provides you with more stable, reliable features.

                      +

                      Yes

                      Cluster Scale

                      +

                      Cluster Scale

                      Select a cluster scale for your cluster as required. These values specify the maximum number of nodes that can be managed by the cluster.

                      +

                      Select a cluster scale as required. This parameter controls the maximum number of worker nodes that a cluster can manage.

                      +

                      Yes

                      +

                      The cluster that has been created can only be scaled out. For details, see Changing a Cluster Scale.

                      Master Nodes

                      +

                      Master Nodes

                      Select the number of master nodes. The master nodes are automatically hosted by CCE and deployed with Kubernetes cluster management components such as kube-apiserver, kube-controller-manager, and kube-scheduler.

                      -
                      • 3 Masters: Three master nodes will be created for high cluster availability.
                      • Single: Only one master node will be created in your cluster.
                        NOTE:
                        • If more than half of the master nodes in a CCE cluster are faulty, the cluster cannot function properly.
                        +

                      Select the number of master nodes. The master nodes are automatically hosted by CCE and deployed with Kubernetes cluster management components such as kube-apiserver, kube-controller-manager, and kube-scheduler.

                      +
                      • 3 Masters: Three master nodes will be created for high cluster availability.
                      • Single: Only one master node will be created in your cluster.
                        NOTE:

                        If more than half of the master nodes in a CCE cluster are faulty, the cluster cannot function properly.

                      -
                      You can also select AZs for deploying the master nodes of a specific cluster. By default, AZs are allocated automatically for the master nodes.
                      • Automatic: Master nodes are randomly distributed in different AZs for cluster DR. If the number of available AZs is less than the number of nodes to be created, CCE will create the nodes in the AZs with sufficient resources to preferentially ensure cluster creation. In this case, AZ-level DR may not be ensured.
                      • Custom: Master nodes are deployed in specific AZs.
                        If there is one master node in your cluster, you can select one AZ for the master node. If there are multiple master nodes in your cluster, you can select multiple AZs for the master nodes.
                        • AZ: Master nodes are deployed in different AZs for cluster DR.
                        • Host: Master nodes are deployed on different hosts in the same AZ for cluster DR.
                        • Custom: Master nodes are deployed in the AZs you specified.
                        +
                        You can also select AZs for deploying the master nodes of a specific cluster. By default, AZs are allocated automatically for the master nodes.
                        • Automatic: Master nodes are randomly distributed in different AZs for cluster DR. If there are not enough AZs available, CCE will prioritize assigning nodes in AZs with enough resources to ensure cluster creation. However, this may result in AZ-level DR not being guaranteed.
                        • Custom: Master nodes are deployed in specific AZs.
                          If there is one master node in a cluster, you can select one AZ for the master node. If there are multiple master nodes in a cluster, you can select multiple AZs for the master nodes.
                          • AZ: Master nodes are deployed in different AZs for cluster DR.
                          • Host: Master nodes are deployed on different hosts in the same AZ for cluster DR.
                          • Custom: Master nodes are deployed in the AZs you specified.
                      -
                      -

                      Network Settings

                      -

                      The network settings cover nodes, containers, and Services. For details about the cluster networking and container network models, see Overview.

                      -

                      - -
                      - - - - - - - - - - - - - -
                      Table 1 Cluster network settings

                      Parameter

                      -

                      Description

                      -

                      VPC

                      -

                      Select the VPC to which the cluster belongs. If no VPC is available, click Create VPC to create one. The value cannot be changed after the cluster is created.

                      -

                      Node Subnet

                      -

                      Select the subnet to which the master nodes belong. If no subnet is available, click Create Subnet to create one. The value cannot be changed after the cluster is created.

                      -

                      Default Node Security Group

                      -
                      Select the security group automatically generated by CCE or use the existing one as the default security group of the node.
                      NOTICE:

                      The default security group must allow traffic from certain ports to ensure normal communication. Otherwise, the node cannot be created. For details, see Configuring Cluster Security Group Rules.

                      -
                      -
                      -

                      IPv6

                      -

                      If enabled, cluster resources, including nodes and workloads, can be accessed through IPv6 CIDR blocks.

                      -
                      • IPv4/IPv6 dual stack is not supported by clusters using the VPC networks.
                      +

                      No

                      +

                      After the cluster is created, the number of master nodes and the AZs where they are deployed cannot be changed.
                      -

                      +

                      + +

                      Step 2: Configure Network Settings

                      Network configuration follows a hierarchical management system. It ensures end-to-end network connectivity and security assurance for containerized applications through collaborative configuration of the cluster networks, container networks, and Service networks.

                      +
                      • Cluster network: handles communication between nodes, transmitting pod and Service traffic while ensuring cluster infrastructure connectivity and security.
                      • Container network: assigns each pod an independent IP address, enabling direct container communication and cross-node communication.
                      • Service network: establishes a stable access entry, supports load balancing, and optimizes traffic management for Services within a cluster.
                      +

                      Before configuring the network settings, you are advised to learn the concepts and relationships of the three types of networks. For details, see Networking Overview.

                      +
                      +

                      Configuring Network Settings for a CCE Standard Cluster

                      1. Configure cluster network settings. For details, see Table 2.

                        -
                        Table 2 Container network settings

                        Parameter

                        +
                        - + - - + - - + + + + + + + + + + + +
                        Table 2 Cluster network settings

                        Parameter

                        Description

                        +

                        Description

                        +

                        Modifiable After Cluster Creation

                        Network Model

                        +

                        VPC

                        Select VPC network or Tunnel network for your CCE standard cluster.

                        -

                        Select Cloud Native Network 2.0 for your CCE Turbo cluster.

                        -

                        For more information about their differences, see Overview.

                        +

                        Select a VPC for a cluster.

                        +

                        If no VPC is available, click Create VPC to create one. After the VPC is created, click the refresh icon.

                        +

                        No

                        DataPlane V2 (supported by CCE Turbo clusters)

                        +

                        Default Node Subnet

                        DataPlane V2 uses eBPF to enable features like Service ClusterIP, NetworkPolicy, and egress bandwidth. For details, see DataPlane V2 Network Acceleration.

                        -

                        This function is available for new clusters of v1.27 or later. After this function is enabled, CCE will automatically deploy the cilium-agent on every node in the cluster. Each cilium-agent will use 80 MiB of memory, and the memory usage will increase by 10 KiB whenever a new pod is added. After the cluster is created, you cannot disable this function. Additionally, the nodes can run only HCE OS 2.0. Therefore, enable this function only when you fully understand the constraints in DataPlane V2 Network Acceleration.

                        -
                        NOTE:

                        CCE DataPlane V2 is released with restrictions. To use this feature, submit a service ticket to CCE.

                        +

                        Select a subnet. Once selected, all nodes in the cluster will automatically use the IP addresses assigned within that subnet. However, during node or node pool creation, the subnet settings can be reconfigured.

                        +

                        No

                        +

                        Default Node Security Group

                        +

                        Select the security group automatically generated by CCE or select an existing one.

                        +

                        The default node security group must allow traffic from certain ports to ensure normal communication. Otherwise, the node cannot be created. For details, see Configuring Cluster Security Group Rules.

                        +

                        Yes

                        +

                        IPv6

                        +

                        After this function is enabled, the cluster supports the IPv4/IPv6 dual-stack, meaning each worker node can have both an IPv4 and IPv6 address. Both IP addresses support private and public network access. Before enabling this function, ensure that Default Node Subnet includes an IPv6 CIDR block.

                        +
                        • CCE standard clusters (using VPC networks): IPv6 is not supported.
                        +

                        No

                        +
                        +
                        +

                      2. Configure container network parameters. For details, see Table 3.

                        + +
                        + + + + + + + + + + - - - - - + - - - - - - - - - - -
                        Table 3 Container network settings

                        Parameter

                        +

                        Description

                        +

                        Modifiable After Cluster Creation

                        +

                        Network Model

                        +
                        The network model used by the container network in a cluster.
                        • Tunnel network: applies to large clusters (with up to 2000 nodes) and scenarios that do not demand high performance such as web applications and data middle- and back-end services with low access traffic.
                        • VPC network: applies to small clusters (with 1000 nodes or fewer) and scenarios that demand high performance such as AI and big data computing.
                        +
                        +

                        For more details about their differences, see Overview.

                        +

                        No

                        +

                        DataPlane V2 (supported by clusters using the VPC networks)

                        +

                        eBPF is used at the kernel layer for Kubernetes network acceleration, enhancing high-performance service communication through ClusterIP Services, precise traffic control via network policies, and intelligent bandwidth management with egress bandwidth. For details, see DataPlane V2 Network Acceleration.

                        +

                        This function has the restrictions below. For details, see the restrictions in DataPlane V2 Network Acceleration.

                        +
                        • Restrictions on clusters: This function can be enabled only for clusters of v1.27.16-r30, v1.28.15-r20, v1.29.13-r0, v1.30.10-r0, v1.31.6-r0, or later that use VPC networks.
                        • Restrictions on memory: After this function is enabled, CCE will automatically deploy the cilium-agent on every node in a cluster. Each cilium-agent will use 80 MiB of memory, and the memory usage will increase by 10 KiB whenever a new pod is added.
                        • Restrictions on OSs: After a node is created, it can only use HCE OS 2.0.
                        +
                        NOTE:

                        CCE DataPlane V2 is released with restrictions. To use this feature, submit a service ticket to CCE.

                        Network Policies (supported by CCE standard clusters using a tunnel network)

                        -

                        Policy-based network control for clusters. For details, see Configuring Network Policies to Restrict Pod Access.

                        -

                        After this function is enabled, if the CIDR blocks of a customer's service conflict with the on-premises CIDR blocks, the link to a newly added gateway may not be established.

                        -

                        For example, when a cluster accesses an external address through a Direct Connect connection, the external switch does not support ip-option. If the network policy is enabled, the network access may fail.

                        +

                        No

                        Container CIDR Block

                        +

                        Network Policies (supported by clusters using the tunnel networks)

                        Specify the CIDR block for containers, which determines the maximum number of containers allowed in the cluster. This parameter is available only for CCE standard clusters. CCE standard clusters allow both manual and automatic CIDR block settings.

                        -
                        • Manually set: You can customize the container CIDR blocks as needed. For cross-VPC passthrough networking, make sure the container CIDR block does not overlap with the VPC CIDR block to be accessed to prevent conflicts. For details, see Planning CIDR Blocks for a Cluster. The VPC network model allows you to configure multiple CIDR blocks, and container CIDR blocks can be added even after the cluster is created. For details, see Adding a Container CIDR Block for a Cluster.
                        • Auto select: CCE will randomly allocate a non-conflicting CIDR block from the ranges 172.16.0.0/16 to 172.31.0.0/16, or from 10.0.0.0/12, 10.16.0.0/12, 10.32.0.0/12, 10.48.0.0/12, 10.64.0.0/12, 10.80.0.0/12, 10.96.0.0/12, and 10.112.0.0/12. Since the allocated CIDR block cannot be modified after the cluster is created, you are advised to manually configure the CIDR blocks, especially in commercial scenarios.
                        +

                        Policy-based network control for a cluster. For details, see Configuring Network Policies to Restrict Pod Access.

                        +

                        After this function is enabled, if the CIDR blocks of a customer's service conflict with the on-premises CIDR blocks, the link to a newly added gateway may not be established.

                        +

                        For example, if a cluster uses a Direct Connect connection to access an external address, the external switch does not support ip-option. Enabling network policies in this scenario could result in network access failure.

                        +

                        Yes

                        Pod IP Addresses Reserved for Each Node (supported by CCE standard clusters using a VPC network)

                        +

                        Container CIDR Block

                        Specify the number of container IP addresses that can be allocated to each node (alpha.cce/fixPoolMask) when creating a cluster. This parameter determines the maximum number of pods that can be created on each node and cannot be changed after the cluster is created.

                        -

                        When a container network is used, each pod occupies one IP address. If a node's reserved container IP addresses are insufficient, pods cannot be created. For details, see Number of Allocatable Container IP Addresses on a Node.

                        -

                        Pod Subnet

                        -

                        Select the subnet to which the pod belongs. If no subnet is available, click Create Subnet to create one. This parameter is available only for CCE Turbo clusters. The pod subnet determines the maximum number of containers in a cluster. You can add pod subnets after a cluster is created.

                        -

                        Default Security Group

                        -
                        Select the security group automatically generated by CCE or use the existing one as the default security group of the containers.
                        NOTICE:

                        The default security group of containers must allow access from specified ports to ensure proper communication between containers in the cluster. For details about how to configure security group ports, see How Do I Harden the Automatically Created Security Group Rules for CCE Cluster Nodes?

                        -
                        -
                        -
                        -
                        -

                        - -
                        - - - - - - - - - - - - - -
                        Table 3 Service network settings

                        Parameter

                        -

                        Description

                        -

                        Service CIDR Block

                        -

                        Configure the Service CIDR blocks for containers in the same cluster to access each other. The value determines the maximum number of Services you can create. The value cannot be changed after the cluster is created.

                        -

                        Request Forwarding

                        -

                        Select IPVS or iptables for your cluster. For details, see Comparing iptables and IPVS.

                        -
                        • iptables is the traditional kube-proxy mode. This mode applies to the scenario where the number of Services is small or a large number of short connections are concurrently sent on the client. IPv6 clusters do not support iptables.
                        • IPVS allows higher throughput and faster forwarding. This mode is suitable for large cluster scales or when there are a large number of Services.
                        -

                        IPv6 Service CIDR Block

                        -

                        Configure this parameter only when IPv6 dual stack is enabled for a CCE Turbo cluster. This configuration cannot be modified after the cluster is created.

                        -
                        -
                        -

                        (Optional) Advanced Settings

                        -

                        - -
                        - - - - - - - - - - - - - - - - - - - - - - - - - - - -

                        Parameter

                        -

                        Description

                        -

                        IAM Authentication

                        -

                        CCE clusters support IAM authentication. You can call IAM authenticated APIs to access CCE clusters.

                        -

                        Certificate Authentication

                        -
                        • If Automatically generated is selected, the X.509-based authentication mode will be enabled by default. X.509 is a commonly used certificate format.
                        • If Bring your own is selected, the cluster can identify users based on the header in the request body for authentication.

                          Upload your CA root certificate, client certificate, and private key.

                          -
                          CAUTION:
                          • Upload a file smaller than 1 MB. The CA certificate and client certificate can be in .crt or .cer format. The private key of the client certificate can only be uploaded unencrypted.
                          • The validity period of the client certificate must be longer than five years.
                          • The uploaded CA root certificate is used by the authentication proxy and for configuring the kube-apiserver aggregation layer. If any of the uploaded certificates is invalid, the cluster cannot be created.
                          • Starting from v1.25, Kubernetes no longer supports certificate authentication generated using the SHA1WithRSA or ECDSAWithSHA1 algorithm. The certificate authentication generated using the SHA256 algorithm is supported instead.
                          +

                        CIDR block used by containers. This parameter determines the maximum number of containers in the cluster. CCE standard clusters support:

                        +
                        • Manually set: You can customize the container CIDR blocks as needed. For cross-VPC passthrough networking, make sure the container CIDR block does not overlap with the VPC CIDR block to be accessed to prevent conflicts. For details, see Planning CIDR Blocks for a Cluster. The VPC network model allows you to configure multiple CIDR blocks, and container CIDR blocks can be added even after the cluster is created. For details, see Expanding the Container CIDR Block of a Cluster That Uses a VPC Network.
                        • Auto select: CCE will randomly allocate a non-conflicting CIDR block from the ranges 172.16.0.0/16 to 172.31.0.0/16, or from 10.0.0.0/12, 10.16.0.0/12, 10.32.0.0/12, 10.48.0.0/12, 10.64.0.0/12, 10.80.0.0/12, 10.96.0.0/12, and 10.112.0.0/12. Since the allocated CIDR block cannot be modified after the cluster is created, you are advised to manually configure the CIDR blocks, especially in commercial scenarios.
                          NOTE:

                          After a cluster using a container tunnel network is created, the container CIDR block cannot be expanded later. To prevent IP address exhaustion, it is advised to set the container CIDR block with a maximum mask length of 19 bits.

                        CPU Management

                        -

                        If enabled, exclusive CPU cores can be allocated to workload pods. For details, see CPU Policy.

                        +

                        No

                        +

                        After a cluster using a VPC network is created, you can add container CIDR blocks to the cluster but cannot modify or delete the existing ones.

                        Disk Encryption for Master Nodes

                        +

                        Pod IP Addresses Reserved for Each Node (supported by clusters using the VPC networks)

                        If enabled, dynamic data and static data on disks can be encrypted, providing powerful security protection for your data.

                        -

                        After encryption, the disk read/write performance deteriorates, and the configuration cannot be modified after the cluster is created.

                        -

                        This function is available only for clusters of v1.25 or later.

                        +

                        The number of pod IP addresses that can be allocated on each node (alpha.cce/fixPoolMask). This parameter determines the maximum number of pods that can be created on each node.

                        +

                        In a container network, each pod is assigned a unique IP address. If the number of pod IP addresses reserved for each node is insufficient, pods cannot be created. For details, see Number of Allocatable Pod IP Addresses on a Node.

                        Overload Control

                        -

                        After this function is enabled, concurrent requests will be dynamically controlled based on the resource demands received by master nodes to ensure the stable running of the master nodes and the cluster. For details, see Enabling Overload Control for a Cluster.

                        -

                        Cluster Deletion Protection

                        -

                        A measure taken to prevent accidental deletion of clusters through the console or APIs. After this function is enabled, you will not be able to delete or unsubscribe from clusters on CCE. You can modify the function status in the cluster Settings after creating it.

                        -

                        Time Zone

                        -

                        The cluster's scheduled tasks and nodes are subject to the chosen time zone.

                        -

                        Resource Tag

                        -

                        You can add resource tags to classify resources. A maximum of 20 resource tags can be added.

                        -

                        You can create predefined tags on the TMS console. These tags are available to all resources that support tags. You can use these tags to improve the tag creation and resource migration efficiency.

                        -

                        Description

                        -

                        You can enter description for the cluster. A maximum of 200 characters are allowed.

                        +

                        No
                        - -

                        Step 3: Select Add-ons

                        Click Next: Select Add-on. On the page displayed, select the add-ons to be installed during cluster creation.

                        -

                        -

                        Basic capabilities

                        +

                      3. Configure Service network parameters. For details, see Table 4.

                        -

                        Add-on Name

                        +
                        - + - - + - - - - -
                        Table 4 Service network settings

                        Parameter

                        Description

                        +

                        Description

                        +

                        Modifiable After Cluster Creation

                        CCE Container Network (Yangtse CNI)

                        +

                        Service CIDR Block

                        This is the basic cluster add-on. It provides network connectivity, Internet access, and security isolation for pods in your cluster.

                        +

                        Configure an IP address range for the ClusterIP Services in a cluster. This parameter controls the maximum number of ClusterIP Services in a cluster. ClusterIP Services enable communication between containers in a cluster. The Service CIDR block cannot overlap with the node subnet or container CIDR block.

                        +

                        No

                        CCE Container Storage (Everest)

                        +

                        Request Forwarding

                        This add-on (CCE Container Storage (Everest)) is installed by default. It is a cloud native container storage system based on CSI and supports cloud storage services such as EVS.

                        +

                        Configure load balancing and route forwarding of Service traffic in a cluster. IPVS and iptables are supported. For details, see Comparing iptables and IPVS.

                        +
                        • iptables: the traditional kube-proxy mode. It applies to the scenario where the number of Services is small or a large number of short connections are concurrently sent on the client. IPv6 clusters do not support iptables.
                        • IPVS: allows higher throughput and faster forwarding. It is suitable for large clusters or when there are a large number of Services.

                        CoreDNS

                        -

                        This add-on (CoreDNS) is installed by default. It provides DNS resolution for your cluster and can be used to access the in-cloud DNS server.

                        +

                        No
                        -
                        Observability -
                        - - - - - - - - - - - - - -

                        Add-on Name

                        -

                        Description

                        -

                        Cloud Native Cluster Monitoring

                        -

                        (Optional) If selected, this add-on (Cloud Native Cluster Monitoring) will be automatically installed. Cloud Native Cluster Monitoring collects monitoring metrics for your cluster and reports the metrics to AOM. The agent mode does not support HPA based on custom Prometheus statements. If related functions are required, install this add-on manually after the cluster is created.

                        -

                        Cloud Native Logging

                        -

                        (Optional) If selected, this add-on (Cloud Native Log Collection) will be automatically installed. Cloud Native Logging helps report logs to LTS. After the cluster is created, you are allowed to obtain and manage collection rules on the Logging page of the CCE cluster console.

                        -

                        CCE Node Problem Detector

                        -

                        (Optional) If selected, this add-on (CCE Node Problem Detector) will be automatically installed to detect faults and isolate nodes for prompt cluster troubleshooting.

                        -
                        +

                        -
                        - -

                        Step 4: Configure Add-ons

                        Click Next: Add-on Configuration.

                        -

                        Basic capabilities

                        +

                        Configuring Network Settings for a CCE Turbo Cluster

                        1. Configure cluster network settings. For details, see Table 5.

                          -

                          Add-on Name

                          +
                          - + - - + - - + - - + + + + +
                          Table 5 Cluster network settings

                          Parameter

                          Description

                          +

                          Description

                          +

                          Modifiable After Cluster Creation

                          CCE Container Network (Yangtse CNI)

                          +

                          VPC

                          This add-on is unconfigurable.

                          +

                          Select a VPC for a cluster.

                          +

                          If no VPC is available, click Create VPC to create one. After the VPC is created, click the refresh icon.

                          +

                          No

                          CCE Container Storage (Everest)

                          +

                          Default Node Subnet

                          This add-on is unconfigurable. After the cluster is created, choose Add-ons in the navigation pane of the cluster console and modify the configuration.

                          +

                          Select a subnet. Once selected, all nodes in the cluster will automatically use the IP addresses assigned within that subnet. However, during node or node pool creation, the subnet settings can be reconfigured.

                          +

                          No

                          CoreDNS

                          +

                          Default Node Security Group

                          This add-on is unconfigurable. After the cluster is created, choose Add-ons in the navigation pane of the cluster console and modify the configuration.

                          +

                          Select the security group automatically generated by CCE or select an existing one.

                          +

                          The default node security group must allow traffic from certain ports to ensure normal communication. Otherwise, the node cannot be created. For details, see Configuring Cluster Security Group Rules.

                          +

                          Yes

                          +

                          IPv6

                          +

                          After this function is enabled, the cluster supports the IPv4/IPv6 dual-stack, meaning each worker node can have both an IPv4 and IPv6 address. Both IP addresses support private and public network access. Before enabling this function, ensure that Default Node Subnet includes an IPv6 CIDR block.

                          +
                          • CCE standard clusters (using VPC networks): IPv6 is not supported.
                          +

                          No
                          -

                          Observability

                          -

                          -
                          -

                          Add-on Name

                          +

                        2. Configure container network parameters. For details, see Table 6.

                          + +
                          - + - - + - - + - - + + + + + + + +
                          Table 6 Container network settings

                          Parameter

                          Description

                          +

                          Description

                          +

                          Modifiable After Cluster Creation

                          Cloud Native Cluster Monitoring

                          +

                          Network Model

                          Select an AOM instance for Cloud Native Cluster Monitoring to report metrics. If no AOM instance is available, click Creating Instance to create one.

                          +

                          The network model used by the container network in a cluster. Only Cloud Native Network 2.0 is supported.

                          +

                          For more details about this network model, see Overview.

                          +

                          No

                          Cloud Native Logging

                          +

                          DataPlane V2

                          Select the logs to be collected. If enabled, a log group named k8s-log-{clusterId} will be automatically created, and a log stream will be created for each selected log type.

                          -
                          • Container log: Standard output logs of containers are collected. The corresponding log stream is named in the format of stdout-{Cluster ID}.
                          • Kubernetes Events: Kubernetes logs are collected. The corresponding log stream is named in the format of event-{Cluster ID}.
                          • Kubernetes Audit Logs: Audit logs of the master nodes are collected. The log streams are named in the format of audit-{Cluster ID}.
                          • Control Plane Logs: Logs from critical components such as kube-apiserver, kube-controller-manage, and kube-scheduler that run on the master nodes are collected. The log streams are named in the format of kube-apiserver-{Cluster ID}, kube-controller-manage-{Cluster ID}, and kube-scheduler-{Cluster ID}, respectively.
                          -

                          If log collection is disabled, choose Logging in the navigation pane of the cluster console after the cluster is created and enable this function.

                          +

                          eBPF is used at the kernel layer for Kubernetes network acceleration, enhancing high-performance service communication through ClusterIP Services, precise traffic control via network policies, and intelligent bandwidth management with egress bandwidth. For details, see DataPlane V2 Network Acceleration.

                          +

                          This function has the restrictions below. For details, see the restrictions in DataPlane V2 Network Acceleration.

                          +
                          • Restrictions on clusters: The cluster version must be v1.27.16-r10, v1.28.15-r0, v1.29.10-r0, v1.30.6-r0, or later.
                          • Restrictions on memory: After this function is enabled, CCE will automatically deploy the cilium-agent on every node in a cluster. Each cilium-agent will use 80 MiB of memory, and the memory usage will increase by 10 KiB whenever a new pod is added.
                          • Restrictions on OSs: After a node is created, it can only use HCE OS 2.0.
                          +
                          NOTE:

                          CCE DataPlane V2 is released with restrictions. To use this feature, submit a service ticket to CCE.

                          +
                          +

                          No

                          CCE Node Problem Detector

                          +

                          Pod Subnet

                          This add-on is unconfigurable. After the cluster is created, choose Add-ons in the navigation pane of the cluster console and modify the configuration.

                          +

                          Select the subnet to which the pod belongs. If no subnet is available, click Create Subnet to create one. The pod subnet determines the maximum number of containers in a cluster. You can add pod subnets after a cluster is created.

                          +

                          Yes

                          +

                          Default Security Group

                          +

                          Select the security group automatically generated by CCE or select an existing one. This parameter controls inbound and outbound traffic to prevent unauthorized access.

                          +

                          The default security group of containers must allow access from specified ports to ensure proper communication between containers in the cluster. For details about how to configure security group ports, see How Do I Harden the Automatically Created Security Group Rules for CCE Cluster Nodes?

                          +

                          Yes

                          +
                          +
                          +

                        3. Configure Service network parameters. For details, see Table 7.

                          + +
                          + + + + + + + + + + + + + + + + + +
                          Table 7 Service network settings

                          Parameter

                          +

                          Description

                          +

                          Modifiable After Cluster Creation

                          +

                          Service CIDR Block

                          +

                          Configure an IP address range for the ClusterIP Services in a cluster. This parameter controls the maximum number of ClusterIP Services in a cluster. ClusterIP Services enable communication between containers in a cluster. The Service CIDR block cannot overlap with the node subnet or container CIDR block.

                          +

                          No

                          +

                          Request Forwarding

                          +

                          Configure load balancing and route forwarding of Service traffic in a cluster. IPVS and iptables are supported. For details, see Comparing iptables and IPVS.

                          +
                          • iptables: the traditional kube-proxy mode. It applies to the scenario where the number of Services is small or a large number of short connections are concurrently sent on the client. IPv6 clusters do not support iptables.
                          • IPVS: allows higher throughput and faster forwarding. It is suitable for large clusters or when there are a large number of Services.
                          +

                          No

                          +

                          IPv6 Service CIDR Block

                          +

                          Configure IPv6 addresses for Services. This parameter is only available after IPv6 is enabled.

                          +

                          No

                          +
                          +
                          +

                          4. + +

                          (Optional) Step 3: Configure Advanced Settings

                          Advanced settings extend and strengthen previous settings, enhancing security, stability, and compliance within clusters. This is achieved through capabilities like improved authentication, resource management, and security mechanisms.

                          +

                          + +
                          + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
                          Table 8 Advanced settings

                          Parameter

                          +

                          Description

                          +

                          Modifiable After Cluster Creation

                          +

                          IAM Authentication

                          +

                          CCE clusters support IAM authentication. You can call IAM authenticated APIs to access CCE clusters.

                          +

                          No

                          +

                          Certificate Authentication

                          +

                          Certificate authentication is used for identity authentication and access control. It ensures that only authorized users or services can access specific cluster.

                          +
                          • Automatically generated: CCE automatically creates and hosts X.509 certificates for your clusters. It automatically maintains and rotates cluster certificates.
                          • Bring your own: You can add a custom certificate to your cluster and use this certificate for authentication. In this case, you need to upload CA root certificate, client certificate, and client certificate private key.
                            CAUTION:
                            • Upload a file smaller than 1 MiB. The CA certificate and client certificate can be in .crt or .cer format. The private key of the client certificate can only be uploaded unencrypted.
                            • The validity period of the client certificate must be longer than five years.
                            • The uploaded CA root certificate is used by the authentication proxy and for configuring the kube-apiserver aggregation layer. If any of the uploaded certificates is invalid, the cluster cannot be created.
                            • In clusters of v1.25 and later, Kubernetes no longer supports certificate authentication generated using the SHA1WithRSA or ECDSAWithSHA1 algorithms. You are advised to use the certificates generated using the SHA-256 algorithm for authentication.
                            +
                            +
                          +

                          No

                          +

                          CPU Management

                          +

                          CPU management policies allow precise control over CPU allocation for pods. For details, see CPU Policy.

                          +
                          • Disabled: The default CPU affinity policy is used. Affinity policies other than the default behavior of the OS scheduler are not provided. While many CPUs remain available in the shared pool, workloads cannot exclusively use any of them.
                          • Enabled: Workload pods can exclusively use CPUs. If a pod with a QoS class of Guaranteed requests an integer number of CPUs, the containers within the pod are pinned to physical CPUs on the host node. This mode benefits workloads sensitive to CPU cache hit ratio and scheduling latency.
                          +

                          Yes

                          +

                          Disk Encryption for Master Nodes

                          +

                          After this function is enabled, dynamic and static data on disks can be encrypted, providing strong security protection for your data.

                          +

                          After encryption, the disk read/write performance deteriorates. This function is available only for clusters of v1.25 or later.

                          +

                          No

                          +

                          Overload Control

                          +

                          After this function is enabled, concurrent requests will be dynamically controlled based on the resource demands received by master nodes, ensuring stable running of the master nodes and the cluster. For details, see Enabling Overload Control for a Cluster.

                          +

                          Yes

                          +

                          Cluster Deletion Protection

                          +

                          After this function is enabled, you will not be able to delete or unsubscribe from clusters on CCE. This option is a measure to prevent accidental deletion of clusters through the console or APIs. You can modify the function status in Settings after creating it.

                          +

                          Yes

                          +

                          Time Zone

                          +

                          The cluster's scheduled tasks and nodes are subject to the chosen time zone.

                          +

                          ×

                          +

                          Resource Tag

                          +

                          Adding tags to resources allows for customized classification and organization. A maximum of 20 resource tags can be added.

                          +

                          You can create predefined tags on the TMS console. These tags are available to all resources that support tags. You can use these tags to improve the tag creation and resource migration efficiency.

                          +

                          Yes

                          +

                          Description

                          +

                          Cluster description helps users and administrators quickly understand the basic settings, status, and usage of a cluster. The description can contain a maximum of 200 characters.

                          +

                          Yes
                          +

                          Step 4: Select Add-ons

                          CCE provides a variety of add-ons to extend cluster functions and enhance the functionality and flexibility of containerized applications. You can select add-ons as required. Some basic add-ons are set as mandatory by default. If non-basic add-ons are not installed during cluster creation, they can still be added later on the Add-ons page after the cluster is created.

                          +
                          1. Click Next: Select Add-on. On the page displayed, select the add-ons to be installed during cluster creation.
                          2. Select basic add-ons to ensure the proper running of the cluster. For details, see Table 9.

                            + +
                            + + + + + + + + + + + + + + + + +
                            Table 9 Basic add-ons

                            Add-on

                            +

                            Description

                            +

                            CCE Container Network (Yangtse CNI)

                            +

                            This add-on provides network connectivity, Internet access, and security isolation for pods in a cluster. It is the basic cluster add-on.

                            +

                            CCE Container Storage (Everest)

                            +

                            This add-on (CCE Container Storage (Everest)) is installed by default. It is a cloud native container storage system based on CSI and supports cloud storage services such as EVS.

                            +

                            CoreDNS

                            +

                            This add-on (CoreDNS) is installed by default. It provides DNS resolution for your cluster and can be used to access the in-cloud DNS server.

                            +

                            NodeLocal DNSCache

                            +

                            (Optional) After you select this option, CCE will automatically install NodeLocal DNSCache. NodeLocal DNSCache improves cluster DNS performance by running a DNS cache proxy on cluster nodes.

                            +
                            -

                            Step 5: Confirm the Configuration

                            After the parameters are specified, click Next: Confirm configuration. The cluster resource list is displayed. Confirm the information and click Submit.

                            -

                            It takes about 5 to 10 minutes to create a cluster. You can click Back to Cluster List to perform other operations on the cluster or click Go to Cluster Events to view the cluster details.

                            +

                          3. Select the observability add-ons to experience the full observability function. For details, see Table 9.

                            +
                            + + + + + + + + + + + + + +
                            Table 10 Observability add-ons

                            Add-on

                            +

                            Description

                            +

                            Cloud Native Cluster Monitoring

                            +

                            (Optional) After you select this option, CCE will automatically install Cloud Native Cluster Monitoring. Cloud Native Cluster Monitoring collects monitoring metrics for your cluster and reports the metrics to AOM. The agent mode does not support HPA based on custom Prometheus statements. If related functions are required, install this add-on manually after the cluster is created.

                            +

                            Cloud Native Log Collection

                            +

                            (Optional) After you select this option, CCE will automatically install Cloud Native Log Collection. Cloud Native Log Collection helps report logs to LTS. After the cluster is created, you are allowed to obtain and manage collection rules on the Logging page of the CCE cluster console.

                            +

                            CCE Node Problem Detector

                            +

                            (Optional) After you select this option, CCE will automatically install CCE Node Problem Detector to detect faults and isolate nodes for prompt cluster troubleshooting.

                            +
                            -

                            Related Operations

                            +
                            +

                          +
                          +

                          Step 5: Configure Add-ons

                          Configure the selected add-ons to ensure they operate stably and accurately and meet service requirements.

                          +
                          1. Click Next: Configure Add-on.
                          2. Configure the basic add-ons. For details, see Table 11.

                            +

                            + + + + + + + + + + + + + + + + +
                            Table 11 Basic add-on settings

                            Add-on

                            +

                            Description

                            +

                            CCE Container Network (Yangtse CNI)

                            +

                            This add-on is unconfigurable.

                            +

                            CCE Container Storage (Everest)

                            +

                            This add-on is unconfigurable. After the cluster is created, you can go to Add-ons to modify the settings.

                            +

                            CoreDNS

                            +

                            This add-on is unconfigurable. After the cluster is created, you can go to Add-ons to modify the settings.

                            +

                            NodeLocal DNSCache

                            +

                            This add-on is unconfigurable. After the cluster is created, you can go to Add-ons to modify the settings.

                            +
                            +
                            +

                          3. Configure the observability add-ons. For details, see Table 12.

                            +
                            + + + + + + + + + + + + + +
                            Table 12 Observability add-on settings

                            Add-on

                            +

                            Description

                            +

                            Cloud Native Cluster Monitoring

                            +

                            Select an AOM instance for Cloud Native Cluster Monitoring to report metrics. If no AOM instance is available, click Creating Instance to create one.

                            +

                            Cloud Native Log Collection

                            +

                            Select the logs to be collected. If enabled, a log group named k8s-log-{clusterId} will be automatically created, and a log stream will be created for each selected log type.

                            +
                            • Container log: Standard output logs of containers are collected. The corresponding log stream is named in the format of stdout-{Cluster ID}.
                            • Kubernetes Events: Kubernetes logs are collected. The corresponding log stream is named in the format of event-{Cluster ID}.
                            • Kubernetes Audit Logs: Audit logs of the master nodes are collected. The log streams are named in the format of audit-{Cluster ID}.
                            • Control Plane Logs: Logs from critical components such as kube-apiserver, kube-controller-manage, and kube-scheduler that run on the master nodes are collected. The log streams are named in the format of kube-apiserver-{Cluster ID}, kube-controller-manage-{Cluster ID}, and kube-scheduler-{Cluster ID}, respectively.
                            +

                            If log collection is disabled, choose Logging in the navigation pane of the cluster console after the cluster is created and enable this option.

                            +

                            CCE Node Problem Detector

                            +

                            This add-on is unconfigurable. After the cluster is created, you can go to Add-ons to modify the settings.

                            +
                            +
                            +
                            +

                          +
                          +

                          Helpful Links

                          diff --git a/docs/cce/umn/cce_10_0031.html b/docs/cce/umn/cce_10_0031.html index 4e83e4dc2..12e59de3f 100644 --- a/docs/cce/umn/cce_10_0031.html +++ b/docs/cce/umn/cce_10_0031.html @@ -1,9 +1,11 @@ -

                          Managing a Cluster

                          +

                          Managing Clusters

                          How the Add-on Works

                          An Nginx ingress consists of the ingress object, ingress controller, and Nginx. The ingress controller assembles ingresses into the Nginx configuration file (nginx.conf) and reloads Nginx to make the configuration changes apply. When it detects that the pod in a Service changes, it dynamically changes the upstream server group configuration of Nginx. In this case, the Nginx process does not need to be reloaded. Figure 1 shows how this add-on works.

                          • An ingress is a group of access rules that forward requests to specified Services based on domain names or URLs. Ingresses are stored in the object storage service etcd and are added, deleted, modified, and queried through APIs.
                          • The ingress controller monitors the changes of resource objects such as ingresses, Services, endpoints, secrets (mainly TLS certificates and keys), nodes, and ConfigMaps in real time and automatically performs operations on Nginx.
                          • Nginx implements load balancing and access control at the application layer.
                          -
                          Figure 1 Working principles of NGINX Ingress Controller
                          +
                          Figure 1 Working principles of NGINX Ingress Controller

                          Precautions

                          • For clusters earlier than v1.23, kubernetes.io/ingress.class: "nginx" must be added to the annotation of the ingress created through the API.
                          • A dedicated load balancer must be of the network type (TCP/UDP) and support private networks (with a private IP address).
                          • If the node where NGINX Ingress Controller runs and containers on this node cannot access Nginx ingress, you need to configure anti-affinity for the workload pods and Nginx Ingress Controller. For details, see Configuring Anti-Affinity Between a Workload and Nginx Ingress Controller.
                          • During the NGINX Ingress Controller pod upgrade, 10s are reserved for deleting the NGINX Ingress Controller at the ELB backend.
                          • The timeout duration for the graceful exit of the NGINX Ingress Controller is 300s. If the timeout duration is longer than 300s during the upgrade of the NGINX Ingress Controller, persistent connections will be disconnected, and connectivity will be interrupted for a short period of time.

                          Prerequisites

                          Before installing this add-on, you have one available cluster and there is a node running properly. If no cluster is available, create one according to Creating a CCE Standard/Turbo Cluster.

                          -

                          Installing the Add-on

                          1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Add-ons, locate NGINX Ingress Controller on the right, and click Install.
                          2. On the Install Add-on page, configure the specifications as needed.

                            You can adjust the number of add-on pods and resource quotas as required. High availability is not possible with a single pod. If an error occurs on the node where the add-on instance runs, the add-on will fail.

                            +

                            Installing the Add-on

                            1. Log in to the CCE console and click the cluster name to access the cluster console.
                            2. In the navigation pane, choose Add-ons. Locate NGINX Ingress Controller on the right and click Install.
                            3. On the Install Add-on page, configure the specifications as needed.

                              You can adjust the number of add-on pods and resource quotas as required. High availability is not possible with a single pod. If an error occurs on the node where the add-on instance runs, the add-on will fail.

                            4. Configure the add-on parameters.

                              • Ingress Class: Enter a controller name. The name of each controller in the same cluster must be unique and cannot be set to cce (which is the unique identifier of the LoadBalancer ingress controller.) When creating an ingress, you can specify the controller name to declare which controller should manage this ingress.
                              • Add-on Namespace: Select a namespace for the ingress controller.
                              • Load Balancer: Select a shared or dedicated load balancer. If no load balancer is available, create one. The load balancer has at least two listeners, and ports 80 and 443 are not occupied by listeners.
                              • Admission Check: Admission control is performed on Ingresses to ensure that the controller can generate valid configurations. Admission verification is performed on the configuration of Nginx Ingresses. If the verification fails, the request will be intercepted. For details about admission verification, see Access Control.
                                • Admission check slows down the responses to Ingress requests.
                                • Only add-ons of version 2.4.1 or later support admission verification.
                                -
                              • Nginx Parameters: You can configure the nginx.conf file, which will affect all managed ingresses. You can select GUI or YAML. GUI is supported by the NGINX Ingress Controller of version 2.2.75, 2.6.26, 3.0.1, or later.

                                To configure custom parameters supported by the Kubernetes community, choose YAML and find the related parameters in ConfigMaps. For example, you can use the keep-alive-requests parameter to describe how to set the maximum number of requests for keeping active connections to 100.

                                +
                              • Nginx Parameters: You can configure the nginx.conf file, which will affect all managed ingresses. You can select GUI or YAML. GUI is supported by the NGINX Ingress Controller of version 2.2.75, 2.6.26, 3.0.1, or later.

                                To configure custom parameters supported by the Kubernetes community, choose YAML and find the related parameters in ConfigMaps. For example, you can use the keep-alive-requests parameter to describe how to set the maximum number of requests for keeping active connections to 100.

                                {
     "keep-alive-requests": "100"
 }
                                • If the configured parameters are not listed in ConfigMaps, the configurations will not take effect.
                                • The parameter value must be a string. Otherwise, the installation fails.
                                The table below shows parameters can be configured on the GUI of the NGINX Ingress Controller add-on of version 2.2.75, 2.6.26, 3.0.1, and later. -

                                Nginx Parameter

                                +
                                - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -139,33 +139,33 @@
                              • Enabling Indicator Collection: If the add-on version is 2.4.12 or later, Prometheus monitoring metrics can be collected.
                              • Default certificate of the server: Select an IngressTLS or kubernetes.io/tls key to configure the default certificate when the NGINX Ingress Controller is started. If no secret is available, click Create TLS Secret. For details, see Creating a Secret. For details about the default server certificate, see Default SSL Certificate.
                              • 404 Service: By default, the 404 service provided by the add-on is used. To customize the 404 service, enter the namespace/service name. If the service does not exist, the add-on installation will fail.
                              • Adding a TCP/UDP Service: By default, NGINX Ingress Controller can forward only external HTTP and HTTPS traffic. You can add TCP/UDP port mapping to forward external TCP/UDP traffic to services in the cluster. For more information about adding TCP/UDP services, see Exposing TCP and UDP services.
                                • Protocol: Select TCP or UDP.
                                • Service Port: specifies the port used by the ELB listener. The port number ranges from 1 to 65535.
                                • Target Service Namespace: Select the namespace where the Service is in.
                                • Destination Service: Select an existing Service. Any Services that do not match the search criteria will be filtered out automatically.
                                • Destination Service Port: Select the access port of the destination Service.
                                • If the cluster version is v1.19.16-r5, v1.21.8-r0, v1.23.6-r0, or later, the TCP/UDP hybrid protocols can be configured.
                                • If the cluster version is v1.19.16-r5, v1.21.8-r0, v1.23.6-r0, v1.25.2-r0, or later, you can configure the TCP/UDP hybrid protocols to use the same external port.
                                -
                              • (Optional) Extended Parameter Settings: additional extended parameters of the add-on If the extended parameter settings conflict with the default settings, the extended parameter settings will be prioritized.
                                • extraArgs: additional configurable startup parameters of the nginx-ingress-controller component. For details about the startup parameters supported by the community, see the documentation.
                                • extraInitContainers: initial container configuration of nginx-ingress-controller. This parameter is supported by add-on 2.2.82, 2.6.32, 3.0.8 and later, with optimized kernel settings by default.
                                • maxmindLicenseKey: Maxmind license key, which can be used to download GeoLite2 databases. This parameter is supported by add-on 2.2.82, 2.6.32, 3.0.8, and later. It is mandatory for NGINX Ingress Controller to configure the use-geoip2 capability.
                                • service: allows services for nginx-ingress-controller. For details, see parameter examples in GitHub. It is supported in add-on versions 2.2.104, 2.6.53, 3.0.31, and later. You can use this parameter to configure ELB certificates for NGINX Ingress Controller. For details, see Configuring an ELB Certificate for NGINX Ingress Controller.
                                • extraContainers: other containers added to the nginx-ingress-controller pod. For details, see parameter examples in GitHub. It is supported in add-on versions 2.2.104, 2.6.53, 3.0.31, and later.
                                • extraVolumeMounts: allows for mounting additional volumes to the nginx-ingress-controller pod. For details, see parameter examples in GitHub. It is supported in add-on versions 2.2.104, 2.6.53, 3.0.31, and later.
                                • extraVolumes: additional volumes mounted to the nginx-ingress-controller pod. For details, see parameter examples in GitHub. It is supported in add-on versions 2.2.104, 2.6.53, 3.0.31, and later.
                                +
                              • (Optional) Extended Parameter Settings: additional extended parameters of the add-on. If the extended parameter settings conflict with the default settings, the extended parameter settings will be prioritized.
                                • extraArgs: additional configurable startup parameters of the nginx-ingress-controller component. For details about the startup parameters supported by the community, see the documentation.
                                • extraInitContainers: initial container configuration of nginx-ingress-controller. This parameter is supported by add-on 2.2.82, 2.6.32, 3.0.8 and later, with optimized kernel settings by default.
                                • maxmindLicenseKey: Maxmind license key, which can be used to download GeoLite2 databases. This parameter is supported by add-on 2.2.82, 2.6.32, 3.0.8, and later. It is mandatory for NGINX Ingress Controller to configure the use-geoip2 capability.
                                • service: allows services for nginx-ingress-controller. For details, see parameter examples in GitHub. It is supported in add-on versions 2.2.104, 2.6.53, 3.0.31, and later. You can use this parameter to configure ELB certificates for NGINX Ingress Controller. For details, see Configuring an ELB Certificate for NGINX Ingress Controller.
                                • extraContainers: other containers added to the nginx-ingress-controller pod. For details, see parameter examples in GitHub. It is supported in add-on versions 2.2.104, 2.6.53, 3.0.31, and later.
                                • extraVolumeMounts: allows for mounting additional volumes to the nginx-ingress-controller pod. For details, see parameter examples in GitHub. It is supported in add-on versions 2.2.104, 2.6.53, 3.0.31, and later.
                                • extraVolumes: additional volumes mounted to the nginx-ingress-controller pod. For details, see parameter examples in GitHub. It is supported in add-on versions 2.2.104, 2.6.53, 3.0.31, and later.

                              • Configure deployment policies for the add-on pods.

                                • Scheduling policies do not take effect on add-on pods of the DaemonSet type.
                                • When configuring multi-AZ deployment or node affinity, ensure that there are nodes meeting the scheduling policy and that resources are sufficient in the cluster. Otherwise, the add-on cannot run.
                                -

                                • Nginx Parameter

                                Description

                                +

                                Description

                                Default Value

                                +

                                Default Value

                                Maximum Worker Connections

                                +

                                Maximum Worker Connections

                                Specifies the maximum number of connections that can be concurrently processed by each NGINX worker process. This parameter is used to control the load of worker processes. In a high-concurrency environment, you are advised to set this parameter to a large value to ensure system stability. Such connections include client connections and connections to backend servers.

                                +

                                Specifies the maximum number of connections that can be concurrently processed by each NGINX worker process. This parameter is used to control the load of worker processes. In a high-concurrency environment, you are advised to set this parameter to a large value to ensure system stability. Such connections include client connections and connections to backend servers.

                                65536

                                +

                                65536

                                Maximum Keepalive Requests

                                +

                                Maximum Keepalive Requests

                                Controls how many requests can be processed by a keepalive connection. If requests exhaust the limit, the connection is closed.

                                +

                                Controls how many requests can be processed by a keepalive connection. If requests exhaust the limit, the connection is closed.

                                100

                                +

                                100

                                Maximum Keepalive Connections to the Upstream Server

                                +

                                Maximum Keepalive Connections to the Upstream Server

                                Activates the cache for connections to upstream servers. This parameter sets how many idle keepalive connections can be stored in the cache of each worker process. If the idle connections stored in a process exhaust the limit, the connections that are not used for the longest time will be closed.

                                +

                                Activates the cache for connections to upstream servers. This parameter sets how many idle keepalive connections can be stored in the cache of each worker process. If the idle connections stored in a process exhaust the limit, the connections that are not used for the longest time will be closed.

                                320

                                +

                                320

                                Maximum Keepalive Timeout of the Upstream Server

                                +

                                Maximum Keepalive Timeout of the Upstream Server

                                Specifies the timeout for a keepalive connection between an upstream server and a backend server, in seconds. During this period, NGINX Ingress Controller can maintain connections for reuse. This reduces the overhead required for establishing new connections and significantly improves performance in high QPS scenarios.

                                +

                                Specifies the timeout for a keepalive connection between an upstream server and a backend server, in seconds. During this period, NGINX Ingress Controller can maintain connections for reuse. This reduces the overhead required for establishing new connections and significantly improves performance in high QPS scenarios.

                                900

                                +

                                900

                                Request Timeout

                                +

                                Request Timeout

                                Specifies the timeout for connecting the client to the proxy server, in seconds. If the client cannot access the backend server within 10 seconds, NGINX Ingress Controller will return a 502 Bad Gateway error. It applies to scenarios where the connection speed is high.

                                +

                                Specifies the timeout for connecting the client to the proxy server, in seconds. If the client cannot access the backend server within 10 seconds, NGINX Ingress Controller will return a 502 Bad Gateway error. It applies to scenarios where the connection speed is high.

                                10

                                +

                                10

                                Maximum Request Body Size

                                +

                                Maximum Request Body Size

                                Specifies the maximum size of the request body that Nginx can send to the backend server through the proxy. This applies to file uploads and large data form submissions. If the size of any request body exceeds the limit, a 413 Payload Too Large error will be returned.

                                +

                                Specifies the maximum size of the request body that Nginx can send to the backend server through the proxy. This applies to file uploads and large data form submissions. If the size of any request body exceeds the limit, a 413 Payload Too Large error will be returned.

                                20m

                                +

                                20m

                                Allow the Backend to Return Server Headers

                                +

                                Allow the Backend to Return Server Headers

                                Typically, NGINX Ingress Controller eliminates the server header information sent by a backend server to a client, which identifies the server. However, if this parameter is set to true, the NGINX Ingress Controller will transmit the server header information directly from the backend server to the client. To prevent revealing the server type and version, it is recommended that you disable this feature.

                                +

                                Typically, NGINX Ingress Controller eliminates the server header information sent by a backend server to a client, which identifies the server. However, if this parameter is set to true, the NGINX Ingress Controller will transmit the server header information directly from the backend server to the client. To prevent revealing the server type and version, it is recommended that you disable this feature.

                                Disable

                                +

                                Disable

                                Allow Underscores in Headers

                                +

                                Allow Underscores in Headers

                                Some HTTP headers may contain underscores (_), such as X_Custom-Header, but this is not recommended according to Request For Comments (RFC) standards. So underscores are not allowed by many servers by default. You can activate this parameter if you require underscores in certain headers, such as when third-party services or clients use underscores in their header information.

                                +

                                Some HTTP headers may contain underscores (_), such as X_Custom-Header, but this is not recommended according to Request For Comments (RFC) standards. So underscores are not allowed by many servers by default. You can activate this parameter if you require underscores in certain headers, such as when third-party services or clients use underscores in their header information.

                                Disable

                                +

                                Disable

                                Generate a Request ID

                                +

                                Generate a Request ID

                                After a request is received, NGINX Ingress Controller generates a unique request ID. This ID is usually recorded in logs or transferred to a backend server through header information. This is useful for tracing and debugging requests, especially for locating problems in distributed systems.

                                +

                                After a request is received, NGINX Ingress Controller generates a unique request ID. This ID is usually recorded in logs or transferred to a backend server through header information. This is useful for tracing and debugging requests, especially for locating problems in distributed systems.

                                Enable

                                +

                                Enable

                                Ignore Invalid Headers

                                +

                                Ignore Invalid Headers

                                By default, NGINX Ingress Controller rejects HTTP requests that contain an invalid header. With this setting enabled, NGINX Ingress Controller will ignore invalid headers and keep on processing requests. It is useful for clients that do not fully comply with the HTTP standard.

                                +

                                By default, NGINX Ingress Controller rejects HTTP requests that contain an invalid header. With this setting enabled, NGINX Ingress Controller will ignore invalid headers and keep on processing requests. It is useful for clients that do not fully comply with the HTTP standard.

                                Enable

                                +

                                Enable

                                Reuse Ports

                                +

                                Reuse Ports

                                Enabling SO_REUSEPORT allows multiple processes or threads to be bound to the same {IP}:{Port}. This can effectively improve the concurrent performance of servers, especially for those with multi-core CPUs. With this function enabled, a port can accept more new connections.

                                +

                                Enabling SO_REUSEPORT allows multiple processes or threads to be bound to the same {IP}:{Port}. This can effectively improve the concurrent performance of servers, especially for those with multi-core CPUs. With this function enabled, a port can accept more new connections.

                                Enable

                                +

                                Enable

                                Allow Server Information in Request Body

                                +

                                Allow Server Information in Request Body

                                Disables the server information added to a response header by NGINX Ingress Controller by default. The information usually contains the NGINX version. Disabling this option helps hide server information, enhancing security and preventing attackers from using the version information to attack the system.

                                +

                                Disables the server information added to a response header by NGINX Ingress Controller by default. The information usually contains the NGINX version. Disabling this option helps hide server information, enhancing security and preventing attackers from using the version information to attack the system.

                                Disable

                                +

                                Disable

                                Automatically Redirect HTTP to HTTPS

                                +

                                Automatically Redirect HTTP to HTTPS

                                Disables automatic redirection from HTTP to HTTPS. For example, if you want to use HTTPS only for specific pages, such as the login page, and HTTP for other pages, you can disable the default redirection using this option.

                                +

                                Disables automatic redirection from HTTP to HTTPS. For example, if you want to use HTTPS only for specific pages, such as the login page, and HTTP for other pages, you can disable the default redirection using this option.

                                Disable

                                +

                                Disable

                                CPU Affinity of Worker Threads

                                +

                                CPU Affinity of Worker Threads

                                Automatically allocates worker processes to specific CPU cores to improve the performance of multi-core systems. For example, on a multi-core server, some worker processes can be bound on a specific CPU core. This reduces context switching and improves processing efficiency.

                                +

                                Automatically allocates worker processes to specific CPU cores to improve the performance of multi-core systems. For example, on a multi-core server, some worker processes can be bound on a specific CPU core. This reduces context switching and improves processing efficiency.

                                Auto

                                +

                                Auto
                                Table 1 Configurations for add-on scheduling

                                Parameter

                                +
                                - - - - - - - @@ -175,7 +175,7 @@

                              • Click Install.
                                • -

                                Installing Multiple NGINX Ingress Controllers

                                1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Add-ons, locate the installed NGINX Ingress Controller, and click New.
                                2. On the page displayed, reconfigure the add-on parameters. For details, see Installing the Add-on.
                                3. Click Install.
                                4. Wait until the installation instruction is delivered. Go back to Add-ons, click Manage, and view the installed add-on instance on the add-on details page.
                                +

                                Installing Multiple NGINX Ingress Controllers

                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                2. In the navigation pane, choose Add-ons. Locate NGINX Ingress Controller on the right and click New.
                                3. On the page displayed, reconfigure the add-on parameters. For details, see Installing the Add-on.
                                4. Click Install.
                                5. Wait until the installation instruction is delivered. Go back to Add-ons, click Manage, and view the installed add-on instance on the add-on details page.

                                Components

                                Table 1 Configurations for add-on scheduling

                                Parameter

                                Description

                                +

                                Description

                                Multi-AZ Deployment

                                +

                                Multi-AZ Deployment

                                • Preferred: Deployment pods of the add-on will be preferentially scheduled to nodes in different AZs. If all the nodes in the cluster are deployed in the same AZ, the pods will be scheduled to different nodes in that AZ.
                                • Equivalent mode: Deployment pods of the add-on are evenly scheduled to the nodes in the cluster in each AZ. If a new AZ is added, you are advised to increase add-on pods for cross-AZ HA deployment. With the Equivalent multi-AZ deployment, the difference between the number of add-on pods in different AZs will be less than or equal to 1. If resources in one of the AZs are insufficient, pods cannot be scheduled to that AZ.
                                  NOTE:

                                  The equivalent mode supports only the pods in the kube-system and monitoring namespaces.

                                  +
                                • Preferred: Deployment pods of the add-on will be preferentially scheduled to nodes in different AZs. If all the nodes in the cluster are deployed in the same AZ, the pods will be scheduled to different nodes in that AZ.
                                • Equivalent mode: Deployment pods of the add-on are evenly scheduled to the nodes in the cluster in each AZ. If a new AZ is added, you are advised to increase add-on pods for cross-AZ HA deployment. With the Equivalent multi-AZ deployment, the difference between the number of add-on pods in different AZs will be less than or equal to 1. If resources in one of the AZs are insufficient, pods cannot be scheduled to that AZ.
                                  NOTE:

                                  The equivalent mode supports only the pods in the kube-system and monitoring namespaces.

                                • Forcible: Deployment pods of the add-on are forcibly scheduled to nodes in different AZs. There can be at most one pod in each AZ. If nodes in a cluster are not in different AZs, some add-on pods cannot run properly. If a node is faulty, add-on pods on it may fail to be migrated.

                                Node Affinity

                                +

                                Node Affinity

                                • Not configured: Node affinity is disabled for the add-on.
                                • Specify node: Specify the nodes where the add-on is deployed. If you do not specify the nodes, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                • Specify node pool: Specify the node pool where the add-on is deployed. If you do not specify the node pools, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                • Customize affinity: Enter the labels of the nodes where the add-on is to be deployed for more flexible scheduling policies. If you do not specify node labels, the add-on will be randomly scheduled based on the default cluster scheduling policy.

                                  If multiple custom affinity policies are configured, ensure that there are nodes that meet all the affinity policies in the cluster. Otherwise, the add-on cannot run.

                                  +
                                • Not configured: Node affinity is disabled for the add-on.
                                • Specify node: Specify the nodes where the add-on is deployed. If you do not specify the nodes, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                • Specify node pool: Specify the node pool where the add-on is deployed. If you do not specify the node pools, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                • Customize affinity: Enter the labels of the nodes where the add-on is to be deployed for more flexible scheduling policies. If you do not specify node labels, the add-on will be randomly scheduled based on the default cluster scheduling policy.

                                  If multiple custom affinity policies are configured, ensure that there are nodes that meet all the affinity policies in the cluster. Otherwise, the add-on cannot run.

                                Toleration

                                +

                                Toleration

                                Using both taints and tolerations allows (not forcibly) the add-on Deployment to be scheduled to a node with the matching taints, and controls the Deployment eviction policies after the node where the Deployment is located is tainted.

                                +

                                Using both taints and tolerations allows (not forcibly) the add-on Deployment to be scheduled to a node with the matching taints, and controls the Deployment eviction policies after the node where the Deployment is located is tainted.

                                The add-on adds the default tolerance policy for the node.kubernetes.io/not-ready and node.kubernetes.io/unreachable taints, respectively. The tolerance time window is 60s.

                                For details, see Configuring Tolerance Policies.
                                Table 2 Add-on components

                                Component

                                @@ -246,79 +246,120 @@ spec: - kube-system topologyKey: kubernetes.io/hostname -

                                Change History

                                -
                                Table 3 Release history for NGINX Ingress Controller 3.0.x

                                Add-on Version

                                +

                                Release History

                                +
                                - - - - - - - - - - - -
                                Table 3 NGINX Ingress Controller add-on 4.0.x

                                Add-on Version

                                Supported Cluster Version

                                +

                                Supported Cluster Version

                                New Feature

                                +

                                New Feature

                                Community Version

                                +

                                Community Version

                                3.0.34

                                +

                                4.0.4

                                v1.25

                                -

                                v1.27

                                -

                                v1.28

                                -

                                v1.29

                                -

                                v1.30

                                -

                                v1.31

                                +

                                v1.28

                                +

                                v1.29

                                +

                                v1.30

                                +

                                v1.31

                                +

                                v1.32

                                • Updated the add-on to its community version v1.11.5.
                                • Fixed the CVE-2025-1974, CVE-2025-1097, CVE-2025-1098, CVE-2025-24513, and CVE-2025-24514 vulnerabilities.
                                +
                                • CCE clusters v1.32 are supported.
                                • Updated the add-on to its community version v1.12.1.

                                1.11.5

                                -

                                3.0.8

                                -

                                v1.27

                                -

                                v1.28

                                -

                                v1.29

                                -

                                v1.30

                                -
                                • Updated the add-on to its community version v1.11.2.
                                • Fixed the CVE-2024-7646 vulnerability.
                                -

                                1.11.2

                                +

                                1.12.1
                                -
                                Table 4 Release history for NGINX Ingress Controller 2.6.x

                                Add-on Version

                                +
                                - - - - - + + + + + + + + + + + + + + +
                                Table 4 NGINX Ingress Controller add-on 3.0.x

                                Add-on Version

                                Supported Cluster Version

                                +

                                Supported Cluster Version

                                New Feature

                                +

                                New Feature

                                Community Version

                                +

                                Community Version

                                2.6.32

                                +

                                3.0.45

                                v1.25

                                +

                                v1.25

                                +

                                v1.27

                                +

                                v1.28

                                +

                                v1.29

                                +

                                v1.30

                                +

                                v1.31

                                +

                                Fixed some issues.

                                +

                                1.11.5

                                +

                                3.0.34

                                +

                                v1.25

                                +

                                v1.27

                                +

                                v1.28

                                +

                                v1.29

                                +

                                v1.30

                                +

                                v1.31

                                +
                                • Updated the add-on to its community version v1.11.5.
                                • Fixed the CVE-2025-1974, CVE-2025-1097, CVE-2025-1098, CVE-2025-24513, and CVE-2025-24514 vulnerabilities.
                                +

                                1.11.5

                                +

                                3.0.8

                                +

                                v1.27

                                +

                                v1.28

                                +

                                v1.29

                                +

                                v1.30

                                +
                                • Updated the add-on to its community version v1.11.2.
                                • Fixed the CVE-2024-7646 vulnerability.
                                +

                                1.11.2

                                +
                                +
                                + +
                                + + + + + + + - - - - - - diff --git a/docs/cce/umn/cce_10_0035.html b/docs/cce/umn/cce_10_0035.html index 6bbd136d4..81b8191a6 100644 --- a/docs/cce/umn/cce_10_0035.html +++ b/docs/cce/umn/cce_10_0035.html @@ -10,7 +10,7 @@
                              • Scaling a Node Pool
                                • -
                              • Managing a Node Pool
                                +
                              • Managing Node Pools
                                • diff --git a/docs/cce/umn/cce_10_0036.html b/docs/cce/umn/cce_10_0036.html index d2c3a7ac8..e9fc55458 100644 --- a/docs/cce/umn/cce_10_0036.html +++ b/docs/cce/umn/cce_10_0036.html @@ -5,7 +5,7 @@

                                Precautions

                                • Stopping a node will lead to pod migration, which may affect services. Perform this operation during off-peak hours.
                                • Unexpected risks may occur during the operation. Back up data beforehand.
                                -

                                Procedure

                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                2. In the navigation pane, choose Nodes. On the displayed page, click the Nodes tab.
                                3. Locate the target node and click its name.
                                4. In the upper right corner of the ECS details page, click Stop. In the displayed dialog box, click OK.
                                +

                                Procedure

                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                2. In the navigation pane, choose Nodes. On the displayed page, click the Nodes tab.
                                3. Locate the target node and click its name.
                                4. In the upper right corner of the ECS details page, click Stop. In the displayed dialog box, click OK.
                                diff --git a/docs/cce/umn/cce_10_0044.html b/docs/cce/umn/cce_10_0044.html index b6c77e471..a9eeaa2a2 100644 --- a/docs/cce/umn/cce_10_0044.html +++ b/docs/cce/umn/cce_10_0044.html @@ -1,10 +1,10 @@ -

                                Elastic Volume Service

                                +

                                EVS

                                diff --git a/docs/cce/umn/cce_10_0046.html b/docs/cce/umn/cce_10_0046.html index 8c2057448..16c3b3a52 100644 --- a/docs/cce/umn/cce_10_0046.html +++ b/docs/cce/umn/cce_10_0046.html @@ -4,7 +4,7 @@
                                  -
                                • Overview
                                  +
                                • Workload Overview
                                • Creating a Workload
                                  • diff --git a/docs/cce/umn/cce_10_0047.html b/docs/cce/umn/cce_10_0047.html index efc907224..59893b49e 100644 --- a/docs/cce/umn/cce_10_0047.html +++ b/docs/cce/umn/cce_10_0047.html @@ -1,76 +1,113 @@

                                  Creating a Deployment

                                  -

                                  Scenario

                                  Deployments are workloads (for example, Nginx) that do not store any data or status. You can create Deployments on the CCE console or by running kubectl commands.

                                  +

                                  A Deployment is a Kubernetes application that does not retain data or state while running. Each pod of the same Deployment is identical, allowing for seamless creation, deletion, and replacement without impacting the application functionality. Deployments are ideal for stateless applications, such as web front-end servers and microservices, which do not require data storage. They enable easy lifecycle management of applications, including updates, rollbacks, and scaling.

                                  +

                                  Prerequisites

                                  -

                                  Prerequisites

                                  • Before creating a workload, you must have an available cluster. For details about how to create a cluster, see Creating a CCE Standard/Turbo Cluster.
                                  • To enable public access to a workload, ensure that an EIP or load balancer has been bound to at least one node in the cluster.

                                    If a pod has multiple containers, ensure that the ports used by the containers do not conflict with each other. Otherwise, creating the Deployment will fail.

                                    -
                                    -
                                  -
                                  -

                                  Using the CCE Console

                                  1. Log in to the CCE console.
                                  2. Click the cluster name to go to the cluster console, choose Workloads in the navigation pane, and click the Create Workload in the upper right corner.
                                  3. Configure the workload.

                                    Basic Info
                                    • Workload Type: Select Deployment. For details about workload types, see Overview.
                                    • Workload Name: Enter the name of the workload. Enter 1 to 63 characters starting with a lowercase letter and ending with a lowercase letter or digit. Only lowercase letters, digits, and hyphens (-) are allowed.
                                    • Namespace: Select the namespace of the workload. The default value is default. You can also click Create Namespace to create one. For details, see Creating a Namespace.
                                    • Pods: Enter the number of pods of the workload.
                                    • Container Runtime: A CCE standard cluster uses a common runtime by default, whereas a CCE Turbo cluster supports both common and secure runtimes. For details about the differences, see Secure Runtime and Common Runtime.
                                    • Time Zone Synchronization: Specify whether to enable time zone synchronization. After time zone synchronization is enabled, the container and node use the same time zone. The time zone synchronization function depends on the local disk mounted to the container. Do not modify or delete the time zone. For details, see Configuring Time Zone Synchronization.
                                    -
                                    -
                                    Container Settings
                                    • Container Information
                                      Multiple containers can be configured in a pod. You can click Add Container on the right to configure multiple containers for the pod.
                                      • Basic Info: Configure basic information about the container. -
                                Table 5 NGINX Ingress Controller add-on 2.6.x

                                Add-on Version

                                +

                                Supported Cluster Version

                                +

                                New Feature

                                +

                                Community Version

                                +

                                2.6.32

                                +

                                v1.25

                                v1.27

                                v1.28

                                v1.29

                                Fixed some issues.

                                +

                                Fixed some issues.

                                1.9.6

                                +

                                1.9.6

                                2.6.5

                                +

                                2.6.5

                                v1.25

                                +

                                v1.25

                                v1.27

                                v1.28

                                v1.29

                                Metric collection can be disabled in the startup command.

                                +

                                Metric collection can be disabled in the startup command.

                                1.9.6

                                +

                                1.9.6

                                Parameter

                                +

                                Using the CCE Console

                                1. Log in to the CCE console.
                                2. Click the cluster name to go to the cluster console, choose Workloads in the navigation pane, and click Create Workload in the upper right corner.
                                3. Configure basic information about the workload.

                                  +

                                  - - - - - - - + + + + + + + + + + + +

                                  Parameter

                                  Description

                                  +

                                  Description

                                  Container Name

                                  +

                                  Workload Type

                                  Name the container.

                                  +

                                  Select Deployment. For details about different workload types, see Workload Overview.

                                  Pull Policy

                                  +

                                  Workload Name

                                  Image update or pull policy. If you select Always, the image is pulled from the image repository each time. If you do not select Always, the existing image of the node is preferentially used. If the image does not exist, the image is pulled from the image repository.

                                  +

                                  Enter a name for the workload. Enter 1 to 63 characters starting with a lowercase letter and ending with a lowercase letter or digit. Only lowercase letters, digits, and hyphens (-) are allowed.

                                  Image Name

                                  +

                                  Namespace

                                  Click Select Image and select the image used by the container.

                                  +

                                  Select a namespace for the workload. The default value is default. You can also click Create Namespace to create one. For details, see Creating a Namespace.

                                  +

                                  Pods

                                  +

                                  Enter the number of workload pods.

                                  +

                                  Container Runtime

                                  +

                                  A CCE standard cluster uses a common runtime by default, whereas a CCE Turbo cluster supports both common and secure runtimes. For details about their differences, see Secure Runtime and Common Runtime.

                                  +

                                  Time Zone Synchronization

                                  +

                                  Configure whether to enable time zone synchronization. After this function is enabled, the container and node will share the same time zone. Time zone synchronization relies on the local disk mounted to the container. Do not modify or delete the local disk. For details, see Configuring Time Zone Synchronization.

                                  +
                                  +
                                  +

                                4. Configure container settings for the workload.

                                  • Container Information: Click Add Container on the right to configure multiple containers for the pod.

                                    If you configured multiple containers for a pod, ensure that the ports used by each container do not conflict with each other, or the workload cannot be deployed.

                                    +
                                    +
                                    • Basic Info: Configure basic information about the container. +
                                      + + + + + + + + + + + - - - - - - - - - - - - - - @@ -78,172 +115,101 @@

                                      Parameter

                                      +

                                      Description

                                      +

                                      Container Name

                                      +

                                      Enter a name for the container.

                                      +

                                      Pull Policy

                                      +

                                      Image update or pull policy. If you select Always, the image is pulled from the image repository each time. If you do not select Always, the existing image of the node is preferentially used. If the image does not exist, the image is pulled from the image repository.

                                      +

                                      Image Name

                                      +

                                      Click Select Image and select the image used by the container.

                                      To use a third-party image, directly enter image path. Ensure that the image access credential can be used to access the image repository. For details, see Using Third-Party Images.

                                      Image Tag

                                      +

                                      Image Tag

                                      Select the image tag to be deployed.

                                      +

                                      Select the image tag to be deployed.

                                      CPU Quota

                                      +

                                      CPU Quota

                                      • Request: minimum number of CPU cores required by a container. The default value is 0.25 cores.
                                      • Limit: maximum number of CPU cores that can be used by a container. This prevents containers from using excessive resources.
                                      +
                                      • Request: minimum number of CPU cores required by a container. The default value is 0.25 cores.
                                      • Limit: maximum number of CPU cores that can be used by a container. This prevents containers from using excessive resources.

                                      If Request and Limit are not specified, the quota is not limited. For more information and suggestions about Request and Limit, see Configuring Container Specifications.

                                      Memory Quota

                                      +

                                      Memory Quota

                                      • Request: minimum amount of memory required by a container. The default value is 512 MiB.
                                      • Limit: maximum amount of memory available for a container. When memory usage exceeds the specified memory limit, the container will be terminated.
                                      +
                                      • Request: minimum amount of memory required by a container. The default value is 512 MiB.
                                      • Limit: maximum amount of memory available for a container. When memory usage exceeds the specified memory limit, the container will be terminated.

                                      If Request and Limit are not specified, the quota is not limited. For more information and suggestions about Request and Limit, see Configuring Container Specifications.

                                      (Optional) GPU Quota

                                      +

                                      (Optional) GPU Quota

                                      Configurable only when the cluster contains GPU nodes and the CCE AI Suite (NVIDIA GPU) add-on has been installed.

                                      +

                                      Configurable only when the cluster contains GPU nodes and the CCE AI Suite (NVIDIA GPU) add-on has been installed.

                                      • Do not use: No GPU will be used.
                                      • GPU card: The GPU is dedicated for the container.
                                      • GPU Virtualization: percentage of GPU resources used by the container. For example, if this parameter is set to 10%, the container will use 10% of GPU resources.
                                      -

                                      For details about how to use GPUs in the cluster, see Default GPU Scheduling in Kubernetes.

                                      +

                                      For details about how to use GPUs in a cluster, see Default GPU Scheduling in Kubernetes.

                                      (Optional) Privileged Container

                                      +

                                      (Optional) Privileged Container

                                      Programs in a privileged container have certain privileges.

                                      -

                                      If Privileged Container is enabled, the container is assigned privileges. For example, privileged containers can manipulate network devices on the host machine and modify kernel parameters.

                                      +

                                      Programs in a privileged container have certain privileges. If this option is enabled, the container will be assigned privileges. For example, privileged containers can manipulate network devices on the host machine, modify kernel parameters, access all devices on the node.

                                      +

                                      For more information, see Pod Security Standards.

                                      (Optional) Init Container

                                      +

                                      (Optional) Init Container

                                      Whether to use the container as an init container. An init container does not support health check.

                                      +

                                      Whether to use the container as an init container. An init container does not support health check.

                                      An init container is a special container that runs before other app containers in a pod are started. Each pod can contain multiple containers. In addition, a pod can contain one or more init containers. Application containers in a pod are started and run only after the running of all init containers completes. For details, see Init Containers.

                                      (Optional) Run Option

                                      +

                                      (Optional) Run Option

                                      Add run options for the container. For details, see Pod. CCE supports the following run options:

                                      +

                                      Add run options for the container. For details, see Pod. CCE supports the following run options:

                                      • stdin: allows containers to receive input from external sources, such as terminals or other input streams.
                                      • tty: allocates a pseudo terminal to containers, allowing you to send commands to them as if you were using a local terminal.

                                        In most cases, tty is enabled along with stdin, indicating that the terminal (tty) is associated with the standard input (stdin) of the container. This allows for interactive operations, similar to the kubectl exec -i -t command. The difference is that this parameter has been configured when the pod is launched.
                                      -
                                    • (Optional) Lifecycle: Configure operations to be performed in a specific phase of the container lifecycle, such as Startup Command, Post-Start, and Pre-Stop. For details, see Configuring Container Lifecycle Parameters.
                                    • (Optional) Health Check: Set the liveness probe, ready probe, and startup probe as required. For details, see Configuring Container Health Check.
                                    • (Optional) Environment Variables: Configure variables for the container running environment using key-value pairs. These variables transfer external information to containers running in pods and can be flexibly modified after application deployment. For details, see Configuring Environment Variables.
                                    • (Optional) Data Storage: Mount local storage or cloud storage to the container. The application scenarios and mounting modes vary with the storage type. For details, see Storage.

                                      If the workload contains more than one pod, EVS volumes cannot be mounted.

                                      +
                                    • (Optional) Lifecycle: Configure operations to be performed in a specific phase of the container lifecycle, such as Startup Command, Post-Start, and Pre-Stop. For details, see Configuring the Container Lifecycle.
                                    • (Optional) Health Check: Set the liveness probe, ready probe, and startup probe as required. For details, see Configuring Container Health Check.
                                    • (Optional) Environment Variables: Configure variables for the container running environment using key-value pairs. These variables transfer external information to containers running in pods and can be flexibly modified after application deployment. For details, see Configuring Environment Variables.
                                    • (Optional) Data Storage: Mount local storage or cloud storage to the container. The application scenarios and mounting modes vary with the StorageClass. For details, see Storage.

                                      If the workload contains more than one pod, EVS volumes cannot be mounted.

                                      -
                                    • (Optional) Security Context: Assign container permissions to protect the system and other containers from being affected. Enter the user ID to assign container permissions and prevent systems and other containers from being affected.
                                    • (Optional) Logging: Report standard container output logs to AOM by default, without requiring manual settings. You can manually configure the log collection path. For details, see Collecting Container Logs Using ICAgent.

                                      To disable the standard output of the current workload, add the annotation kubernetes.AOM.log.stdout: [] in Labels and Annotations. For details about how to use this annotation, see Table 1.

                                      +
                                    • (Optional) Security Context: Assign container permissions to protect the system and other containers from being affected. Enter the user ID to assign container permissions and prevent systems and other containers from being affected.
                                    • (Optional) Logging: Report standard container output logs to AOM by default, without requiring manual settings. You can manually configure the log collection path. For details, see Collecting Container Logs Using ICAgent.

                                      To disable the collection of the standard output logs of the current workload, add the annotation kubernetes.AOM.log.stdout: [] in Labels and Annotations in the Advanced Settings area. For details about how to use this annotation, see Table 1.

                                    -
                              • Image Access Credential: Select the credential used for accessing the image repository. The default value is default-secret. You can use default-secret to access images in SWR Shared Edition. For details about default-secret, see default-secret.
                              • (Optional) GPU: All is selected by default. The workload instance will be scheduled to the node of the specified GPU type.
                                • - -

                                (Optional) Service Settings

                                -

                                A Service provides external access for pods. With a static IP address, a Service forwards access traffic to pods and automatically balances load for these pods.

                                -

                                You can also create a Service after creating a workload. For details about Services of different types, see Overview.

                                -
                                (Optional) Advanced Settings
                                • Upgrade: Specify the upgrade mode and parameters of the workload. Rolling upgrade and Replace upgrade are available. For details, see Configuring Workload Upgrade Policies.
                                • Scheduling: Configure affinity and anti-affinity policies for flexible workload scheduling. Load affinity and node affinity are provided.
                                  • Load Affinity: Common load affinity policies are offered for quick load affinity deployment.
                                    • Not configured: No load affinity policy is configured.
                                    • Multi-AZ deployment preferred: Workload pods are preferentially scheduled to nodes in different AZs through pod anti-affinity.
                                    • Forcible multi-AZ deployment: Workload pods are forcibly scheduled to nodes in different AZs through pod anti-affinity (podAntiAffinity). If there are fewer AZs than pods, the extra pods will fail to run.
                                    • Customize affinity: Affinity and anti-affinity policies can be customized. For details, see Configuring Workload Affinity or Anti-affinity Scheduling (podAffinity or podAntiAffinity).
                                    -
                                  • Node Affinity: Common node affinity policies are offered for quick load affinity deployment.
                                    • Not configured: No node affinity policy is configured.
                                    • Specify node: Workload pods can be deployed on specified nodes through node affinity (nodeAffinity). If no node is specified, the pods will be randomly scheduled based on the default scheduling policy of the cluster.
                                    • Specify node pool: Workload pods can be deployed in a specified node pool through node affinity (nodeAffinity). If no node pool is specified, the pods will be randomly scheduled based on the default scheduling policy of the cluster.
                                    • Customize affinity: Affinity and anti-affinity policies can be customized. For details, see Configuring Node Affinity Scheduling (nodeAffinity).
                                    -
                                  -
                                • Toleration: Using both taints and tolerations allows (not forcibly) the pod to be scheduled to a node with the matching taints, and controls the pod eviction policies after the node where the pod is located is tainted. For details, see Configuring Tolerance Policies.
                                • Labels and Annotations: Add labels or annotations for pods using key-value pairs. After entering the key and value, click Confirm. For details about how to use and configure labels and annotations, see Configuring Labels and Annotations.
                                • DNS: Configure a separate DNS policy for the workload. For details, see DNS Configuration.
                                • Network Configuration
                                  • Pod ingress/egress bandwidth limitation: You can set ingress/egress bandwidth limitation for pods. For details, see Configuring QoS for a Pod.
                                  • Whether to enable a specified container network configuration: available only for clusters that support this function. After you enable a specified container network configuration, the workload will be created using the container subnet and security group in the configuration. For details, see Binding a Subnet and Security Group to a Namespace or Workload Using a Container Network Configuration.
                                  • Specify the container network configuration name: Only the custom container network configuration whose associated resource type is workload can be selected.
                                  • IPv6 shared bandwidth: available only for clusters that support this function. After this function is enabled, you can configure a shared bandwidth for a pod with IPv6 dual-stack ENIs. For details, see Configuring Shared Bandwidth for a Pod with IPv6 Dual-Stack ENIs.
                                  -
                                -
                                -

                              • Click Create Workload in the lower right corner. After a period of time, the workload enters the Running state.

                                -

                                -

                                • - -

                                Using kubectl

                                The following procedure uses Nginx as an example to describe how to create a workload using kubectl.

                                -
                                1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                2. Create and edit the nginx-deployment.yaml file. nginx-deployment.yaml is an example file name, and you can rename it as required.

                                  vi nginx-deployment.yaml
                                  -

                                  The following is an example YAML file. For more information about Deployments, see Kubernetes documentation.

                                  -
                                  apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: nginx
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: nginx
-  strategy:
-    type: RollingUpdate
-  template:
-    metadata:
-      labels:
-        app: nginx
-    spec:
-      containers:
-      - image: nginx    # If you use an image in My Images, obtain the image path from SWR.
-        imagePullPolicy: Always
-        name: nginx
-      imagePullSecrets:
-      - name: default-secret
                                  -

                                  For details about the parameters, see Table 1.

                                  - -
                                  Table 1 Deployment YAML parameters

                                  Parameter

                                  +

                                3. (Optional) Configure the settings of the Service associated with the workload.

                                  A Service provides external access for pods. With a static IP address, a Service forwards access traffic to pods and automatically balances load for these pods.

                                  +

                                  You can also create a Service after creating a workload. For details about Services of different types, see Service Overview.

                                  +

                                4. (Optional) Configure advanced settings for the workload.

                                  +

                                  - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

                                  Parameter

                                  Description

                                  -

                                  Mandatory/Optional

                                  +

                                  Description

                                  apiVersion

                                  +

                                  Upgrade

                                  API version.

                                  -
                                  NOTE:

                                  Set this parameter based on the cluster version.

                                  -
                                  • For clusters of v1.17 or later, the apiVersion format of Deployments is apps/v1.
                                  • For clusters of v1.15 or earlier, the apiVersion format of Deployments is extensions/v1beta1.
                                  -
                                  -

                                  Mandatory

                                  +

                                  Specify the upgrade mode and parameters of the workload. Rolling upgrade and Replace upgrade are available. For details, see Upgrading and Rolling Back a Workload.

                                  kind

                                  +

                                  Scheduling

                                  Type of a created object.

                                  -

                                  Mandatory

                                  +

                                  Configure affinity and anti-affinity policies for flexible workload scheduling. Load affinity and node affinity are provided.

                                  +
                                  • Load Affinity: Common load affinity policies are offered for quick load affinity deployment.
                                    • Not configured: No load affinity policy is configured.
                                    • Multi-AZ deployment preferred: Workload pods are preferentially scheduled to nodes in different AZs through pod anti-affinity.
                                    • Forcible multi-AZ deployment: Workload pods are forcibly scheduled to nodes in different AZs through pod anti-affinity (podAntiAffinity). If there are fewer AZs than pods, the extra pods will fail to run.
                                    • Customize affinity: Affinity and anti-affinity policies can be customized. For details, see Configuring Workload Affinity or Anti-affinity Scheduling (podAffinity or podAntiAffinity).
                                    +
                                  • Node Affinity: Common node affinity policies are offered for quick load affinity deployment.
                                    • Not configured: No node affinity policy is configured.
                                    • Specify node: Workload pods can be deployed on specified nodes through node affinity (nodeAffinity). If no node is specified, the pods will be randomly scheduled based on the default scheduling policy of the cluster.
                                    • Specify node pool: Workload pods can be deployed in a specified node pool through node affinity (nodeAffinity). If no node pool is specified, the pods will be randomly scheduled based on the default scheduling policy of the cluster.
                                    • Customize affinity: Affinity and anti-affinity policies can be customized. For details, see Configuring Node Affinity Scheduling (nodeAffinity).
                                    +

                                  metadata

                                  +

                                  Toleration

                                  Metadata of a resource object.

                                  -

                                  Mandatory

                                  +

                                  Using both taints and tolerations allows (not forcibly) the pod to be scheduled to a node with the matching taints, and controls the pod eviction policies after the node where the pod is located is tainted. For details, see Configuring Tolerance Policies.

                                  name

                                  +

                                  Labels and Annotations

                                  Name of the Deployment.

                                  -

                                  Mandatory

                                  +

                                  Add labels or annotations for pods using key-value pairs. After the setting, click Confirm. For details about labels and annotations, see Configuring Labels and Annotations.

                                  spec

                                  +

                                  DNS

                                  Detailed description of the Deployment.

                                  -

                                  Mandatory

                                  +

                                  Configure a separate DNS policy for the workload. For details, see DNS Configuration.

                                  replicas

                                  +

                                  Network Configuration

                                  Number of pods.

                                  -

                                  Mandatory

                                  -

                                  selector

                                  -

                                  Determines container pods that can be managed by the Deployment.

                                  -

                                  Mandatory

                                  -

                                  strategy

                                  -

                                  Upgrade mode. Possible values:

                                  -
                                  • RollingUpdate
                                  • ReplaceUpdate
                                  -

                                  By default, rolling update is used.

                                  -

                                  Optional

                                  -

                                  template

                                  -

                                  Detailed description of a created container pod.

                                  -

                                  Mandatory

                                  -

                                  metadata

                                  -

                                  Metadata.

                                  -

                                  Mandatory

                                  -

                                  labels

                                  -

                                  metadata.labels: Container labels.

                                  -

                                  Optional

                                  -

                                  spec:

                                  -

                                  containers

                                  -
                                  • image (mandatory): Name of a container image.
                                  • imagePullPolicy (optional): Policy for obtaining an image. The options include Always (attempting to download images each time), Never (only using local images), and IfNotPresent (using local images if they are available; downloading images if local images are unavailable). The default value is Always.
                                  • name (mandatory): Container name.
                                  -

                                  Mandatory

                                  -

                                  imagePullSecrets

                                  -

                                  Name of the secret used during image pulling. If a private image is used, this parameter is mandatory.

                                  -
                                  • To pull an image from the Software Repository for Container (SWR), set this parameter to default-secret.
                                  • To pull an image from a third-party image repository, set this parameter to the name of the created secret.
                                  -

                                  Optional

                                  +
                                  -

                                5. Create a Deployment.

                                  kubectl create -f nginx-deployment.yaml
                                  -

                                  If the following information is displayed, the Deployment is being created.

                                  +

                                6. Click Create Workload in the lower right corner. After a period of time, the workload enters the Running state.

                                  +

                                  +

                                  7. + +

                                  Using kubectl

                                  Nginx is used as an example to describe how to create a workload using kubectl.

                                  +
                                  1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                  2. Create a file named nginx-deployment.yaml. nginx-deployment.yaml is an example file name, and you can rename it as needed.

                                    vi nginx-deployment.yaml
                                    +

                                    Below is example of the file. For details about the Deployment configuration, see the Kubernetes official documentation.

                                    +
                                    apiVersion: apps/v1
+kind: Deployment  # Workload type
+metadata:
+  name: nginx  # Workload name
+  namespace: default  # Namespace where the workload is located
+spec:
+  replicas: 1   # Number of pods in the specified workload
+  selector:
+    matchLabels:   # The workload manages pods based on the pod labels in the label selector.
+      app: nginx
+  template:  # Pod configuration
+    metadata:
+      labels:  # Pod labels
+        app: nginx
+    spec:
+      containers:
+      - image: nginx:latest    # Specify a container image. If you use an image in My Images, obtain the image path from SWR.
+        imagePullPolicy: Always  # Image pull policy
+        name: nginx  # Container name
+        resources:  # Node resources allocated to the container
+          requests:  # Requested resources
+            cpu: 250m
+            memory: 512Mi
+          limits:  # Resource limit
+            cpu: 250m
+            memory: 512Mi
+      imagePullSecrets:  # Secret for image pull
+      - name: default-secret
                                    +

                                  3. Create the Deployment.

                                    kubectl create -f nginx-deployment.yaml
                                    +

                                    If information similar to the following is displayed, the Deployment is being created:

                                    deployment.apps/nginx created
                                    -

                                  4. Obtain the Deployment status.

                                    kubectl get deployment
                                    -

                                    If the following information is displayed, the Deployment is running.

                                    +

                                  5. Check the Deployment status.

                                    kubectl get deployment
                                    +

                                    If the Deployment is in the Running, it means that the Deployment has been created.

                                    NAME           READY     UP-TO-DATE   AVAILABLE   AGE 
 nginx          1/1       1            1           4m5s
                                    -

                                    Parameters

                                    +

                                    Parameters

                                    • NAME: Name of the application running in the pod.
                                    • READY: indicates the number of available workloads. The value is displayed as "the number of available pods/the number of expected pods".
                                    • UP-TO-DATE: indicates the number of replicas that have been updated.
                                    • AVAILABLE: indicates the number of available pods.
                                    • AGE: period the Deployment keeps running
                                    -

                                  6. If the Deployment will be accessed through a ClusterIP or NodePort Service, configure the access mode. For details, see Network.
                                  +

                                7. If the Deployment will be accessed through a ClusterIP or NodePort Service, create such a Service. For details, see Networking.
                                  8. diff --git a/docs/cce/umn/cce_10_0048.html b/docs/cce/umn/cce_10_0048.html index 185ebc1fd..59a5fa6f1 100644 --- a/docs/cce/umn/cce_10_0048.html +++ b/docs/cce/umn/cce_10_0048.html @@ -1,79 +1,116 @@

                                  Creating a StatefulSet

                                  -

                                  Scenario

                                  StatefulSets are a type of workloads whose data or status is stored while they are running. For example, MySQL is a StatefulSet because it needs to store new data.

                                  -

                                  A container can be migrated between different hosts, but data is not stored on the hosts. To store StatefulSet data persistently, attach HA storage volumes provided by CCE to the container.

                                  +

                                  A StatefulSet is an application that needs to retain data or state while running. StatefulSets are ideal for stateful applications, such as databases, cache services, and message queues. Unlike Deployments, StatefulSets have the following features:

                                  +
                                  • Fixed identifier: Each pod in a StatefulSet has a fixed identifier, which is associated with the pod name. The identifier is typically in the format of <StatefulSet name>-<Ordinal>. For example, in a StatefulSet named web, the pods would have the names like web-0 and web-1. This naming rule enables each pod to maintain its identity and persistent data even after restart or migration.
                                  • Ordered deployment and scaling: Pods in a StatefulSet are created, scaled, or deleted sequentially. For example, pods with higher ordinals are prioritized for scale-out and removed first during scale-in, which is critical to stateful applications that need to be started or stopped in sequence and ideal for scenarios like primary-secondary replication of databases.
                                  • Persistent storage: To ensure data persistence, you can assign stable persistent storage volumes to each StatefulSet pod by using VolumeClaimTemplate. If a pod is scheduled to other nodes, its original data volume remains intact via the PVC, preventing data loss.
                                  +

                                  Notes and Constraints

                                  • When you delete or scale a StatefulSet, the system does not delete the storage volumes associated with the StatefulSet to ensure data security.
                                  • When you delete a StatefulSet, reduce the number of replicas to 0 before deleting the StatefulSet so that pods in the StatefulSet can be stopped in order.
                                  • When you create a StatefulSet, a headless Service is required for pod access. For details, see Headless Service.
                                  • When a node is unavailable, pods become Unready. In this case, manually delete the pods of the StatefulSet so that the pods can be migrated to a normal node.
                                  -

                                  Notes and Constraints

                                  • When you delete or scale a StatefulSet, the system does not delete the storage volumes associated with the StatefulSet to ensure data security.
                                  • When you delete a StatefulSet, reduce the number of replicas to 0 before deleting the StatefulSet so that pods in the StatefulSet can be stopped in order.
                                  • When you create a StatefulSet, a headless Service is required for pod access. For details, see Headless Services.
                                  • When a node is unavailable, pods become Unready. In this case, manually delete the pods of the StatefulSet so that the pods can be migrated to a normal node.
                                  +

                                  Prerequisites

                                  -

                                  Prerequisites

                                  • Before creating a workload, you must have an available cluster. For details on how to create a cluster, see Creating a CCE Standard/Turbo Cluster.
                                  • To enable public access to a workload, ensure that an EIP or load balancer has been bound to at least one node in the cluster.

                                    If a pod has multiple containers, ensure that the ports used by the containers do not conflict with each other. Otherwise, creating the StatefulSet will fail.

                                    -
                                    -
                                  -
                                  -

                                  Using the CCE Console

                                  1. Log in to the CCE console.
                                  2. Click the cluster name to go to the cluster console, choose Workloads in the navigation pane, and click the Create Workload in the upper right corner.
                                  3. Set basic information about the workload.

                                    Basic Info
                                    • Workload Type: Select StatefulSet. For details about workload types, see Overview.
                                    • Workload Name: Enter the name of the workload. Enter 1 to 63 characters starting with a lowercase letter and ending with a lowercase letter or digit. Only lowercase letters, digits, and hyphens (-) are allowed.
                                    • Namespace: Select the namespace of the workload. The default value is default. You can also click Create Namespace to create one. For details, see Creating a Namespace.
                                    • Pods: Enter the number of pods of the workload.
                                    • Container Runtime: A CCE standard cluster uses a common runtime by default, whereas a CCE Turbo cluster supports both common and secure runtimes. For details about the differences, see Secure Runtime and Common Runtime.
                                    • Time Zone Synchronization: Specify whether to enable time zone synchronization. After time zone synchronization is enabled, the container and node use the same time zone. The time zone synchronization function depends on the local disk mounted to the container. Do not modify or delete the time zone. For details, see Configuring Time Zone Synchronization.
                                    -
                                    -
                                    Container Settings
                                    • Container Information
                                      Multiple containers can be configured in a pod. You can click Add Container on the right to configure multiple containers for the pod.
                                      • Basic Info: Configure basic information about the container. -
                                        - - @@ -55,21 +55,21 @@ - - - @@ -86,17 +86,17 @@ - - @@ -120,13 +120,13 @@ - @@ -147,14 +147,14 @@ - - - @@ -186,9 +186,9 @@ - - - - - - - @@ -295,7 +295,7 @@

                                        Load Balancing

                                        -

                                        Parameter

                                        +

                                        Using the CCE Console

                                        1. Log in to the CCE console.
                                        2. Click the cluster name to go to the cluster console, choose Workloads in the navigation pane, and click the Create Workload in the upper right corner.
                                        3. Configure basic information about the workload.

                                          +

                                          - - - - - - - + + + + + + + + + + + +

                                          Parameter

                                          Description

                                          +

                                          Description

                                          Container Name

                                          +

                                          Workload Type

                                          Name the container.

                                          +

                                          Select StatefulSet. For details about different workload types, see Workload Overview.

                                          Pull Policy

                                          +

                                          Workload Name

                                          Image update or pull policy. If you select Always, the image is pulled from the image repository each time. If you do not select Always, the existing image of the node is preferentially used. If the image does not exist, the image is pulled from the image repository.

                                          +

                                          Enter a name for the workload. Enter 1 to 63 characters starting with a lowercase letter and ending with a lowercase letter or digit. Only lowercase letters, digits, and hyphens (-) are allowed.

                                          Image Name

                                          +

                                          Namespace

                                          Click Select Image and select the image used by the container.

                                          +

                                          Select a namespace for the workload. The default value is default. You can also click Create Namespace to create one. For details, see Creating a Namespace.

                                          +

                                          Pods

                                          +

                                          Enter the number of workload pods.

                                          +

                                          Container Runtime

                                          +

                                          A CCE standard cluster uses a common runtime by default, whereas a CCE Turbo cluster supports both common and secure runtimes. For details about their differences, see Secure Runtime and Common Runtime.

                                          +

                                          Time Zone Synchronization

                                          +

                                          Configure whether to enable time zone synchronization. After this function is enabled, the container and node will share the same time zone. Time zone synchronization relies on the local disk mounted to the container. Do not modify or delete the local disk. For details, see Configuring Time Zone Synchronization.

                                          +
                                          +
                                          +

                                        4. Configure container settings for the workload.

                                          • Container Information: Click Add Container on the right to configure multiple containers for the pod.

                                            If you configured multiple containers for a pod, ensure that the ports used by each container do not conflict with each other, or the workload cannot be deployed.

                                            +
                                            +
                                            • Basic Info: Configure basic information about the container. +
                                              + + + + + + + + + + + - - - - - - - - - - - - - - @@ -81,35 +118,72 @@

                                              Parameter

                                              +

                                              Description

                                              +

                                              Container Name

                                              +

                                              Enter a name for the container.

                                              +

                                              Pull Policy

                                              +

                                              Image update or pull policy. If you select Always, the image is pulled from the image repository each time. If you do not select Always, the existing image of the node is preferentially used. If the image does not exist, the image is pulled from the image repository.

                                              +

                                              Image Name

                                              +

                                              Click Select Image and select the image used by the container.

                                              To use a third-party image, directly enter image path. Ensure that the image access credential can be used to access the image repository. For details, see Using Third-Party Images.

                                              Image Tag

                                              +

                                              Image Tag

                                              Select the image tag to be deployed.

                                              +

                                              Select the image tag to be deployed.

                                              CPU Quota

                                              +

                                              CPU Quota

                                              • Request: minimum number of CPU cores required by a container. The default value is 0.25 cores.
                                              • Limit: maximum number of CPU cores that can be used by a container. This prevents containers from using excessive resources.
                                              +
                                              • Request: minimum number of CPU cores required by a container. The default value is 0.25 cores.
                                              • Limit: maximum number of CPU cores that can be used by a container. This prevents containers from using excessive resources.

                                              If Request and Limit are not specified, the quota is not limited. For more information and suggestions about Request and Limit, see Configuring Container Specifications.

                                              Memory Quota

                                              +

                                              Memory Quota

                                              • Request: minimum amount of memory required by a container. The default value is 512 MiB.
                                              • Limit: maximum amount of memory available for a container. When memory usage exceeds the specified memory limit, the container will be terminated.
                                              +
                                              • Request: minimum amount of memory required by a container. The default value is 512 MiB.
                                              • Limit: maximum amount of memory available for a container. When memory usage exceeds the specified memory limit, the container will be terminated.

                                              If Request and Limit are not specified, the quota is not limited. For more information and suggestions about Request and Limit, see Configuring Container Specifications.

                                              (Optional) GPU Quota

                                              +

                                              (Optional) GPU Quota

                                              Configurable only when the cluster contains GPU nodes and the CCE AI Suite (NVIDIA GPU) add-on has been installed.

                                              +

                                              Configurable only when the cluster contains GPU nodes and the CCE AI Suite (NVIDIA GPU) add-on has been installed.

                                              • Do not use: No GPU will be used.
                                              • GPU card: The GPU is dedicated for the container.
                                              • GPU Virtualization: percentage of GPU resources used by the container. For example, if this parameter is set to 10%, the container will use 10% of GPU resources.
                                              -

                                              For details about how to use GPUs in the cluster, see Default GPU Scheduling in Kubernetes.

                                              +

                                              For details about how to use GPUs in a cluster, see Default GPU Scheduling in Kubernetes.

                                              (Optional) Privileged Container

                                              +

                                              (Optional) Privileged Container

                                              Programs in a privileged container have certain privileges.

                                              -

                                              If Privileged Container is enabled, the container is assigned privileges. For example, privileged containers can manipulate network devices on the host machine and modify kernel parameters.

                                              +

                                              Programs in a privileged container have certain privileges. If this option is enabled, the container will be assigned privileges. For example, privileged containers can manipulate network devices on the host machine, modify kernel parameters, access all devices on the node.

                                              +

                                              For more information, see Pod Security Standards.

                                              (Optional) Init Container

                                              +

                                              (Optional) Init Container

                                              Whether to use the container as an init container. An init container does not support health check.

                                              +

                                              Whether to use the container as an init container. An init container does not support health check.

                                              An init container is a special container that runs before other app containers in a pod are started. Each pod can contain multiple containers. In addition, a pod can contain one or more init containers. Application containers in a pod are started and run only after the running of all init containers completes. For details, see Init Containers.

                                              (Optional) Run Option

                                              +

                                              (Optional) Run Option

                                              Add run options for the container. For details, see Pod. CCE supports the following run options:

                                              +

                                              Add run options for the container. For details, see Pod. CCE supports the following run options:

                                              • stdin: allows containers to receive input from external sources, such as terminals or other input streams.
                                              • tty: allocates a pseudo terminal to containers, allowing you to send commands to them as if you were using a local terminal.

                                                In most cases, tty is enabled along with stdin, indicating that the terminal (tty) is associated with the standard input (stdin) of the container. This allows for interactive operations, similar to the kubectl exec -i -t command. The difference is that this parameter has been configured when the pod is launched.
                                              -
                                            • (Optional) Lifecycle: Configure operations to be performed in a specific phase of the container lifecycle, such as Startup Command, Post-Start, and Pre-Stop. For details, see Configuring Container Lifecycle Parameters.
                                            • (Optional) Health Check: Set the liveness probe, ready probe, and startup probe as required. For details, see Configuring Container Health Check.
                                            • (Optional) Environment Variables: Configure variables for the container running environment using key-value pairs. These variables transfer external information to containers running in pods and can be flexibly modified after application deployment. For details, see Configuring Environment Variables.
                                            • (Optional) Data Storage: Mount local storage or cloud storage to the container. The application scenarios and mounting modes vary with the storage type. For details, see Storage.
                                              • StatefulSets support dynamic attachment of EVS disks. For details, see Dynamically Mounting an EVS Disk to a StatefulSet or Dynamically Mounting a Local PV to a StatefulSet.

                                                Dynamic mounting is achieved by using the volumeClaimTemplates field and depends on the dynamic creation capability of StorageClass. A StatefulSet associates each pod with a PVC using the volumeClaimTemplates field, and the PVC is bound to the corresponding PV. Therefore, after the pod is rescheduled, the original data can still be mounted based on the PVC name.

                                                -
                                              • After a workload is created, the storage that is dynamically mounted cannot be updated.
                                              +
                                            • (Optional) Lifecycle: Configure operations to be performed in a specific phase of the container lifecycle, such as Startup Command, Post-Start, and Pre-Stop. For details, see Configuring the Container Lifecycle.
                                            • (Optional) Health Check: Set the liveness probe, ready probe, and startup probe as required. For details, see Configuring Container Health Check.
                                            • (Optional) Environment Variables: Configure variables for the container running environment using key-value pairs. These variables transfer external information to containers running in pods and can be flexibly modified after application deployment. For details, see Configuring Environment Variables.
                                            • (Optional) Data Storage: Mount local storage or cloud storage to the container. The application scenarios and mounting modes vary with the StorageClass. For details, see Storage.
                                              • StatefulSets support dynamic attachment of EVS disks. For details, see Dynamically Mounting an EVS Disk to a StatefulSet or Dynamically Mounting a Local PV to a StatefulSet.

                                                Dynamic mounting is achieved by using the volumeClaimTemplates field and depends on the dynamic creation capability of StorageClass. A StatefulSet associates each pod with a PVC using the volumeClaimTemplates field, and the PVC is bound to the corresponding PV. Therefore, after the pod is rescheduled, the original data can still be mounted based on the PVC name.

                                                +
                                              • After a workload is created, the dynamically mounted storage cannot be updated.
                                              -
                                            • (Optional) Security Context: Assign container permissions to protect the system and other containers from being affected. Enter the user ID to assign container permissions and prevent systems and other containers from being affected.
                                            • (Optional) Logging: Report standard container output logs to AOM by default, without requiring manual settings. You can manually configure the log collection path. For details, see Collecting Container Logs Using ICAgent.

                                              To disable the standard output of the current workload, add the annotation kubernetes.AOM.log.stdout: [] in Labels and Annotations. For details about how to use this annotation, see Table 1.

                                              +
                                            • (Optional) Security Context: Assign container permissions to protect the system and other containers from being affected. Enter the user ID to assign container permissions and prevent systems and other containers from being affected.
                                            • (Optional) Logging: Report standard container output logs to AOM by default, without requiring manual settings. You can manually configure the log collection path. For details, see Collecting Container Logs Using ICAgent.

                                              To disable the collection of the standard output logs of the current workload, add the annotation kubernetes.AOM.log.stdout: [] in Labels and Annotations in the Advanced Settings area. For details about how to use this annotation, see Table 1.

                                            -
                                        -
                                      • Image Access Credential: Select the credential used for accessing the image repository. The default value is default-secret. You can use default-secret to access images in SWR Shared Edition. For details about default-secret, see default-secret.
                                      • (Optional) GPU: All is selected by default. The workload instance will be scheduled to the node of the specified GPU type.
                                        • - -

                                        Headless Service Parameters

                                        -

                                        A headless Service is used to solve the problem of mutual access between pods in a StatefulSet. The headless Service provides a fixed access domain name for each pod. For details, see Headless Services.

                                        -

                                        (Optional) Service Settings

                                        -

                                        A Service provides external access for pods. With a static IP address, a Service forwards access traffic to pods and automatically balances load for these pods.

                                        -

                                        You can also create a Service after creating a workload. For details about Services of different types, see Overview.

                                        -
                                        (Optional) Advanced Settings
                                        • Upgrade: Specify the upgrade mode and parameters of the workload. Rolling upgrade and Replace upgrade are available. For details, see Configuring Workload Upgrade Policies.
                                        • Pod Management Policies

                                          For some distributed systems, the StatefulSet sequence is unnecessary and/or should not occur. These systems require only uniqueness and identifiers.

                                          -
                                          • OrderedReady: This is the default policy. The StatefulSet will deploy, delete, or scale pods in order and one by one. It continues only after the previous pod is ready or deleted.
                                          • Parallel: The StatefulSet will create pods in parallel to match the desired scale without waiting, and will delete all pods at once.
                                          -
                                        • Scheduling: Configure affinity and anti-affinity policies for flexible workload scheduling. Load affinity and node affinity are provided.
                                          • Load Affinity: Common load affinity policies are offered for quick load affinity deployment.
                                            • Not configured: No load affinity policy is configured.
                                            • Multi-AZ deployment preferred: Workload pods are preferentially scheduled to nodes in different AZs through pod anti-affinity.
                                            • Forcible multi-AZ deployment: Workload pods are forcibly scheduled to nodes in different AZs through pod anti-affinity (podAntiAffinity). If there are fewer AZs than pods, the extra pods will fail to run.
                                            • Customize affinity: Affinity and anti-affinity policies can be customized. For details, see Configuring Workload Affinity or Anti-affinity Scheduling (podAffinity or podAntiAffinity).
                                            -
                                          • Node Affinity: Common node affinity policies are offered for quick load affinity deployment.
                                            • Not configured: No node affinity policy is configured.
                                            • Specify node: Workload pods can be deployed on specified nodes through node affinity (nodeAffinity). If no node is specified, the pods will be randomly scheduled based on the default scheduling policy of the cluster.
                                            • Specify node pool: Workload pods can be deployed in a specified node pool through node affinity (nodeAffinity). If no node pool is specified, the pods will be randomly scheduled based on the default scheduling policy of the cluster.
                                            • Customize affinity: Affinity and anti-affinity policies can be customized. For details, see Configuring Node Affinity Scheduling (nodeAffinity).
                                            -
                                          -
                                        • Toleration: Using both taints and tolerations allows (not forcibly) the pod to be scheduled to a node with the matching taints, and controls the pod eviction policies after the node where the pod is located is tainted. For details, see Configuring Tolerance Policies.
                                        • Labels and Annotations: Add labels or annotations for pods using key-value pairs. After entering the key and value, click Confirm. For details about how to use and configure labels and annotations, see Configuring Labels and Annotations.
                                        • DNS: Configure a separate DNS policy for the workload. For details, see DNS Configuration.
                                        • Network Configuration
                                          • Pod ingress/egress bandwidth limitation: You can set ingress/egress bandwidth limitation for pods. For details, see Configuring QoS for a Pod.
                                          • Whether to enable the static IP address: available only for clusters that support this function. After this function is enabled, you can set the interval for reclaiming expired pod IP addresses. For details, see Configuring a Static IP Address for a Pod.
                                          • Whether to enable a specified container network configuration: available only for clusters that support this function. After you enable a specified container network configuration, the workload will be created using the container subnet and security group in the configuration. For details, see Binding a Subnet and Security Group to a Namespace or Workload Using a Container Network Configuration.
                                          • Specify the container network configuration name: Only the custom container network configuration whose associated resource type is workload can be selected.
                                          • IPv6 shared bandwidth: available only for clusters that support this function. After this function is enabled, you can configure a shared bandwidth for a pod with IPv6 dual-stack ENIs. For details, see Configuring Shared Bandwidth for a Pod with IPv6 Dual-Stack ENIs.
                                          +
                                        • Image Access Credential: Select the credential used for accessing the image repository. The default value is default-secret. You can use default-secret to access images in SWR Shared Edition. For details about default-secret, see default-secret.
                                        • (Optional) GPU: All is selected by default. The workload instance will be scheduled to the node of the specified GPU type.
                                        +

                                      • Configure the settings of the headless Service associated with the workload.

                                        A headless Service provides a fixed access domain name for every pod within a StatefulSet for mutual pod access. For details, see Headless Service.

                                        +

                                      • (Optional) Configure the settings of the Service associated with the workload.

                                        A Service provides external access for pods. With a static IP address, a Service forwards access traffic to pods and automatically balances load for these pods.

                                        +

                                        You can also create a Service after creating a workload. For details about Services of different types, see Service Overview.

                                        +

                                      • (Optional) Configure advanced settings for the workload.

                                        +

                                        + + + + + + + + + + + + + + + + + + + + + + + + + +

                                        Parameter

                                        +

                                        Description

                                        +

                                        Upgrade

                                        +

                                        Specify the upgrade mode and parameters of the workload. Rolling upgrade and Replace upgrade are available. For details, see Upgrading and Rolling Back a Workload.

                                        +

                                        Pod Management Policies

                                        +

                                        For some distributed systems, the StatefulSet ordering guarantees are unnecessary and/or undesirable. These systems require only uniqueness and identifiers.

                                        +
                                        • OrderedReady: This is the default policy. The StatefulSet will deploy, delete, or scale pods in order and one by one. It continues only after the previous pod is ready or deleted.
                                        • Parallel: The StatefulSet will create pods in parallel or delete all pods at once. Changes to the StatefulSets apply immediately on the pods.
                                        +

                                        Scheduling

                                        +

                                        Configure affinity and anti-affinity policies for flexible workload scheduling. Load affinity and node affinity are provided.

                                        +
                                        • Load Affinity: Common load affinity policies are offered for quick load affinity deployment.
                                          • Not configured: No load affinity policy is configured.
                                          • Multi-AZ deployment preferred: Workload pods are preferentially scheduled to nodes in different AZs through pod anti-affinity.
                                          • Forcible multi-AZ deployment: Workload pods are forcibly scheduled to nodes in different AZs through pod anti-affinity (podAntiAffinity). If there are fewer AZs than pods, the extra pods will fail to run.
                                          • Customize affinity: Affinity and anti-affinity policies can be customized. For details, see Configuring Workload Affinity or Anti-affinity Scheduling (podAffinity or podAntiAffinity).
                                          +
                                        • Node Affinity: Common node affinity policies are offered for quick load affinity deployment.
                                          • Not configured: No node affinity policy is configured.
                                          • Specify node: Workload pods can be deployed on specified nodes through node affinity (nodeAffinity). If no node is specified, the pods will be randomly scheduled based on the default scheduling policy of the cluster.
                                          • Specify node pool: Workload pods can be deployed in a specified node pool through node affinity (nodeAffinity). If no node pool is specified, the pods will be randomly scheduled based on the default scheduling policy of the cluster.
                                          • Customize affinity: Affinity and anti-affinity policies can be customized. For details, see Configuring Node Affinity Scheduling (nodeAffinity).
                                        +

                                        Toleration

                                        +

                                        Using both taints and tolerations allows (not forcibly) the pod to be scheduled to a node with the matching taints, and controls the pod eviction policies after the node where the pod is located is tainted. For details, see Configuring Tolerance Policies.

                                        +

                                        Labels and Annotations

                                        +

                                        Add labels or annotations for pods using key-value pairs. After the setting, click Confirm. For details about labels and annotations, see Configuring Labels and Annotations.

                                        +

                                        DNS

                                        +

                                        Configure a separate DNS policy for the workload. For details, see DNS Configuration.

                                        +

                                        Network Configuration

                                        +
                                        • Pod ingress/egress bandwidth limit: You can set ingress and egress bandwidth limits for pods. For details, see Configuring QoS for a Pod.
                                        • Whether to enable the static IP address: available only for clusters that support this function. After this function is enabled, you can set the interval for reclaiming expired pod IP addresses. For details, see Configuring a Static IP Address for a Pod.
                                        • Whether to enable a specified container network configuration: available only for clusters that support this function. After you enable a specified container network configuration, the workload will be created using the container subnet and security group in the configuration. For details, see Binding a Subnet and Security Group to a Namespace or Workload Using a Container Network Configuration.
                                        • Specify the container network configuration name: Only the custom container network configuration whose associated resource type is workload can be selected.
                                        • IPv6 shared bandwidth: available only for clusters that support this function. After this function is enabled, you can configure a shared bandwidth for a pod with IPv6 dual-stack network interfaces. For details, see Configuring Shared Bandwidth for a Pod with IPv6 Dual-Stack Network Interfaces.
                                        +
                                        -

                                      • Click Create Workload in the lower right corner. After a period of time, the workload enters the Running state.

                                        +

                                      • Click Create Workload in the lower right corner. After a period of time, the workload enters the Running state.

                                        • Using kubectl

                                        In this example, a Nginx workload is used and the EVS volume is dynamically mounted to it using the volumeClaimTemplates field.

                                        1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                        2. Create and edit the nginx-statefulset.yaml file.

                                          nginx-statefulset.yaml is an example file name, and you can change it as required.

                                          vi nginx-statefulset.yaml
                                          -

                                          The following provides an example of the file contents. For more information on StatefulSet, see the Kubernetes documentation.

                                          +

                                          The below content shows only an example. For details about StatefulSets, see the Kubernetes official documentation.

                                          apiVersion: apps/v1
 kind: StatefulSet
 metadata:
@@ -165,9 +239,9 @@ spec:
         storageClassName: csi-disk # StorageClass name. The value is csi-disk for the EVS volume.
   updateStrategy:
     type: RollingUpdate
                                          -

                                          Create and edit the nginx-headless.yaml file.

                                          +

                                          Create the nginx-headless.yaml file.

                                          vi nginx-headless.yaml
                                          -

                                          The content is as follows:

                                          +

                                          File content:

                                          apiVersion: v1
 kind: Service
 metadata:
@@ -187,14 +261,14 @@ spec:
       port: 80
       protocol: TCP
   type: ClusterIP
                                          -

                                        3. Create the workload.

                                          kubectl create -f nginx-statefulset.yaml
                                          -

                                          If the following information is displayed, the StatefulSet has been successfully created.

                                          +

                                        4. Create a workload.

                                          kubectl create -f nginx-statefulset.yaml
                                          +

                                          If information similar to the following is displayed, the StatefulSet has been created:

                                          statefulset.apps/nginx created

                                          Create a headless Service.

                                          kubectl create -f nginx-headless.yaml

                                          If the following information is displayed, the headless service has been successfully created.

                                          service/nginx-svc created
                                          -

                                        5. If the workload will be accessed through a ClusterIP or NodePort Service, configure the access mode. For details, see Network.
                                        +

                                      • If the workload will be accessed through a ClusterIP or NodePort Service, configure the access mode. For details, see Networking.
                                        • diff --git a/docs/cce/umn/cce_10_0054.html b/docs/cce/umn/cce_10_0054.html index 4a913e918..d5125ff5b 100644 --- a/docs/cce/umn/cce_10_0054.html +++ b/docs/cce/umn/cce_10_0054.html @@ -20,21 +20,21 @@

                                        The master node's memory is overloaded, affecting system stability.

                                        Stop executing a large number of queries.

                                        -

                                        To improve a cluster's anti-overload capability, scale up the cluster. For details, see Changing a Cluster Scale.

                                        +

                                        To prevent a cluster from being overloaded, scale up the cluster. For details, see Changing a Cluster Scale.

                                        Master node

                                        Modifying the security group of master nodes in a cluster

                                        -
                                        NOTE:

                                        Naming rule of a master node's security group: Cluster name-cce-control-Random digits

                                        +
                                        NOTE:

                                        Naming rule of a master node's security group: Cluster name-cce-control-{Random ID}

                                        The master nodes may be unavailable.

                                        Restore the security group by referring to "Creating a Cluster" and allow traffic from the security group to pass through.

                                        +

                                        Restore the security group by referring to "Creating a Cluster" and allow traffic from and to the master nodes.

                                        Letting the node expire or destroying the node

                                        +

                                        Letting a master node expire or destroying a master node

                                        The master node will be unavailable.

                                        Roll back to the original version.

                                        Deleting or formatting core directory data such as /etc/kubernetes on the node

                                        +

                                        Deleting or formatting core directories such as /etc/kubernetes on a node

                                        The master node will be unavailable.

                                        This operation cannot be undone.

                                        Changing the node IP address

                                        +

                                        Changing the IP address of a master node

                                        The master node will be unavailable.

                                        Change the IP address back to the original one.

                                        Modifying parameters of core components (such as etcd, kube-apiserver, and docker)

                                        +

                                        Modifying parameters of core components (such as etcd, kube-apiserver, and Docker)

                                        The master node may be unavailable.

                                        Worker node

                                        Modifying the security group of worker nodes in a cluster

                                        -
                                        NOTE:

                                        Naming rule of a worker node's security group: Cluster name-cce-node-Random digits

                                        +
                                        NOTE:

                                        Naming rule of a worker node's security group: Cluster name-cce-node-{Random ID}

                                        The node may be unavailable.

                                        Restore the security group by referring to "Creating a Cluster" and allow traffic from the security group to pass through.

                                        +

                                        Restore the security group by referring to "Creating a Cluster" and allow traffic from and to the worker nodes.

                                        Modifying the DNS configuration (/etc/resolv.conf) of a node

                                        Internal domain names cannot be accessed, which may lead to errors in functions such as add-on errors or errors in in-place node upgrade.

                                        +

                                        Internal domain names cannot be accessed, and some functions such as add-ons and in-place node upgrades become abnormal.

                                        NOTE:

                                        If your service needs to use an on-premises DNS, configure the DNS in the workload. Do not change node's DNS address. For details, see DNS Configuration.

                                        Upgrading the kernel or components on which the container platform depends (such as Open vSwitch, IPVLAN, Docker, and containerd)

                                        The node may be unavailable or the network may be abnormal.

                                        -
                                        NOTE:

                                        Node running depends on the system kernel version. Do not use the yum update command to update or reinstall the operating system kernel of a node unless necessary. (Reinstalling the operating system kernel using the original image or other images is a risky operation.)

                                        +
                                        NOTE:

                                        Node running depends on the system kernel version. Do not use the yum update command to update or reinstall the kernel of a node unless necessary. (Reinstalling the operating system kernel using the original image or other images is a risky operation.)

                                        For details, see Resetting a Node.

                                        Changing the node IP address

                                        +

                                        Changing the IP address of a node

                                        The node will become unavailable.

                                        Restore the configuration items or reset the node. For details, see Resetting a Node.

                                        Deleting or modifying the /opt/cloud/cce and /var/paas directories, and deleting the data disk

                                        +

                                        Deleting or modifying the /opt/cloud/cce and /var/paas directories, and deleting a data disk

                                        The node will become unavailable.

                                        Reset the node. For details, see Resetting a Node.

                                        Modifying the node directory permission and the container directory permission, which involves the following directories:

                                        +

                                        Modifying the node directory permission and the container directory permission. The following directories are involved:

                                        /usr/lib/systemd/system/kubelet.service
 /usr/lib/systemd/system/containerd-monit.service
 /usr/lib/systemd/system/docker-monit.service
@@ -177,7 +177,7 @@

                                        Do not modify the permissions. Restore the permissions if they have been modified.

                                        Formatting or partitioning system disks, Docker disks, and kubelet disks on nodes.

                                        +

                                        Formatting or partitioning system disks, Docker disks, and kubelet disks on a node

                                        The node may be unavailable.

                                        Installing other software on nodes

                                        This may cause exceptions on Kubernetes components installed on the node, and make the node unavailable.

                                        +

                                        This may cause exceptions on Kubernetes components installed on the node, and the node may be unavailable.

                                        Uninstall the software that has been installed and restore or reset the node. For details, see Resetting a Node.

                                        +

                                        Uninstall the software and restore or reset the node. For details, see Resetting a Node.

                                        Modifying NetworkManager configurations

                                        @@ -198,11 +198,11 @@

                                        Reset the node. For details, see Resetting a Node.

                                        Deleting system images such as cce-pause from the node

                                        +

                                        Deleting system images such as cce-pause from a node

                                        Containers cannot be created and system images cannot be pulled.

                                        Copy the image from a functional node for restoration.

                                        +

                                        Copy the image from a node that functions normally.

                                        Changing the flavor of a node in a node pool on the ECS console

                                        @@ -246,11 +246,11 @@

                                        Change the value to 0.

                                        Not configuring the node security group to allow UDP packets to pass through port 53 of the container CIDR block

                                        +

                                        Not configuring the node security group to allow UDP traffic to the container CIDR blocks over port 53

                                        The DNS in the cluster cannot work properly.

                                        Restore the security group by referring to the operations provided for a newly created cluster and allow traffic from the security group to pass through.

                                        +

                                        Restore the security group by referring to the operations provided for a newly created cluster and allow traffic to the container CIDR blocks.

                                        Deleting network-attachment-definitions CRD resources of default-network

                                        @@ -282,8 +282,8 @@

                                        Configuring privileged containers for a workload and directly operating the host hardware, which are prone to misoperations on the system files of the node

                                        -

                                        For example, if you set the startup command to /usr/sbin/init and run systemctl in containers, the system files located in the /lib directory of the node may be damaged.

                                        +

                                        Configuring privileged containers for a workload and directly operating the host hardware. There may be misoperations on the system files of the node.

                                        +

                                        For example, if you set the startup command to /usr/sbin/init and run systemctl in containers, the system files in the /lib directory of the node may be damaged.

                                        All mount points of the node will be unmounted. As a result, the node will be malfunctional, resulting in failed pods and affected storage add-on functions.
                                        Table 4 Service ELB

                                        Operation

                                        +
                                        @@ -303,80 +303,80 @@ - - - - - - - - - - - - - - - - - - - - @@ -421,7 +421,7 @@ - @@ -493,9 +493,9 @@ - - diff --git a/docs/cce/umn/cce_10_0059.html b/docs/cce/umn/cce_10_0059.html index 6b421a3cb..9888db721 100644 --- a/docs/cce/umn/cce_10_0059.html +++ b/docs/cce/umn/cce_10_0059.html @@ -1,141 +1,173 @@

                                        Configuring Network Policies to Restrict Pod Access

                                        -

                                        Network policies are designed by Kubernetes to restrict pod access. It is equivalent to a firewall at the application layer to enhance network security. The capabilities supported by network policies depend on the capabilities of the network add-ons of the cluster.

                                        +

                                        Network policies are designed by Kubernetes to restrict pod access. Like a firewall at the application layer, network policies enhance network security. The capabilities supported by network policies depend on the capabilities of the network add-ons of the cluster.

                                        By default, if a namespace does not have any policy, pods in the namespace accept traffic from any source and send traffic to any destination.

                                        The following selectors are available for network policies:

                                        -
                                        • namespaceSelector: selects particular namespaces for which all pods should be allowed as ingress sources or egress destinations.
                                        • podSelector: selects particular pods in the same namespace as the network policy which should be allowed as ingress sources or egress destinations.
                                        • IPBlock: selects particular IP blocks to allow as ingress sources or egress destinations.
                                        +
                                        • namespaceSelector: selects particular namespaces for which all pods should be allowed as ingress sources or egress destinations.
                                        • podSelector: selects particular pods in the same namespace as the network policy which should be allowed as ingress sources or egress destinations.
                                        • IPBlock: selects particular CIDR blocks to allow as ingress sources or egress destinations.

                                        Relationships Between Network Policies and Cluster Types

                                        -
                                        Table 4 Load balancing (operations on the ELB console)

                                        Operation

                                        Impact

                                        Deleting a load balancer that has been bound to a CCE cluster on the ELB console

                                        +

                                        Deleting a load balancer that has been associated with a CCE cluster

                                        Accessing the target Service or ingress will fail.

                                        Do not delete such a load balancer.

                                        +

                                        Do not delete such load balancer.

                                        Disabling a load balancer that has been bound to a CCE cluster on the ELB console

                                        +

                                        Disabling a load balancer that has been associated with a CCE cluster

                                        Accessing the target Service or ingress will fail.

                                        Do not disable such a load balancer. If a load balancer has been disabled, enable it.

                                        Changing the private IPv4 address of a load balancer on the ELB console

                                        +

                                        Changing the private IPv4 address of a load balancer
                                        • The network traffic forwarded using the private IPv4 addresses will be interrupted.
                                        • The IP addresses in the status field of Service or ingress YAML files will be changed.

                                        Do not change private IPv4 addresses of load balancers. Change them back if they have been changed.

                                        Unbinding the IPv4 EIP from a load balancer on the ELB console

                                        +

                                        Unbinding the IPv4 EIP from a load balancer

                                        After the EIP is unbound from the load balancer, the load balancer will not be able to forward Internet traffic.

                                        Restore the EIP binding.

                                        Creating a custom listener on the ELB console for the load balancer managed by CCE

                                        +

                                        Adding a listener to a load balancer that has been associated with a CCE cluster

                                        If a load balancer is automatically created when a Service or an ingress is created, the custom listener of the load balancer cannot be deleted when the Service or ingress is deleted. In this case, the load balancer cannot be automatically deleted.

                                        +

                                        If a load balancer is automatically created when a Service or an ingress is created, any listener added to the load balancer on the ELB console cannot be deleted when the Service or ingress is deleted. In this case, the load balancer cannot be automatically deleted.

                                        Use the listener automatically created when a Service or an ingress is created. If a custom listener is used, manually delete the target load balancer.

                                        +

                                        Use the listener automatically created when a Service or an ingress is created. If a listener added on the ELB console is used, manually delete this load balancer.

                                        Deleting a listener automatically created by CCE on the ELB console

                                        +

                                        Deleting a listener automatically added by CCE

                                        • Accessing the target Service or ingress will fail.
                                        • After master nodes are restarted, for example, due to a cluster upgrade, all your modifications will be reset by CCE.
                                        +
                                        • Accessing the target Service or ingress will fail.
                                        • After master nodes are restarted due to reasons such as a cluster upgrade, all your modifications will be reset by CCE.

                                        Re-create or update the Service or ingress.

                                        Modifying the basic configurations such as the name, access control, timeout, or description of a listener created by CCE on the ELB console

                                        +

                                        Modifying the basic configurations such as the name, access control, timeout, or description of a listener added by CCE

                                        After master nodes are restarted, for example, due to a cluster upgrade, all your modifications will be reset by CCE if the listener is deleted.

                                        +

                                        After master nodes are restarted due to reasons such as a cluster upgrade, all your modifications will be reset by CCE if the listener is deleted.

                                        Do not modify the basic configurations of the listener created by CCE. Restore the configurations if they have been modified.

                                        Modifying the backend server group of a listener created by CCE on the ELB console, including adding or deleting backend servers to or from the server group

                                        +

                                        Modifying the backend server group of a listener added by CCE, including adding or deleting backend servers to or from the server group

                                        • Accessing the target Service or ingress will fail.
                                        • After master nodes are restarted, for example, due to a cluster upgrade, all your modifications will be reset by CCE.
                                          • Deleted backend servers will be restored.
                                          • Added backend servers will be removed.
                                          +
                                        • Accessing the target Service or ingress will fail.
                                        • After master nodes are restarted due to reasons such as a cluster upgrade, all your modifications will be reset by CCE.
                                          • Deleted backend servers will be restored.
                                          • Added backend servers will be removed.

                                        Re-create or update the Service or ingress.

                                        Replacing the backend server group of a listener created by CCE on the ELB console

                                        +

                                        Replacing the backend server group of a listener added by CCE

                                        • Accessing the target Service or ingress will fail.
                                        • After master nodes are restarted, for example, due to a cluster upgrade, all servers in the backend server group will be reset by CCE.
                                        +
                                        • Accessing the target Service or ingress will fail.
                                        • After master nodes are restarted due to reasons such as a cluster upgrade, all servers in the backend server group will be reset by CCE.

                                        Re-create or update the Service or ingress.

                                        Modifying the forwarding policy of a listener created by CCE on the ELB console, including adding or deleting forwarding rules

                                        +

                                        Modifying the forwarding policy of a listener added by CCE, including adding or deleting forwarding rules

                                        • Accessing the target Service or ingress will fail.
                                        • After master nodes are restarted, for example, due to a cluster upgrade, all your modifications will be reset by CCE if the forwarding rules are added using an ingress.
                                        +
                                        • Accessing the target Service or ingress will fail.
                                        • After master nodes are restarted due to reasons such as a cluster upgrade, all your modifications will be reset by CCE if the forwarding rules are added using an ingress.

                                        Do not modify the forwarding policy of such a listener. Restore the configurations if they have been modified.

                                        Changing the ELB certificate on the ELB console for a load balancer managed by CCE

                                        +

                                        Changing the certificate for a load balancer managed by CCE

                                        After master nodes are restarted, for example, due to a cluster upgrade, all servers in the backend server group will be reset by CCE.

                                        +

                                        After master nodes are restarted due to reasons such as a cluster upgrade, all servers in the backend server group will be reset by CCE.

                                        Use the YAML file of the ingress to automatically manage certificates.

                                        The number of collection shards configured in Cloud Native Cluster Monitoring exceeded the recommended value (It is recommended to configure one collection shard per 50 nodes.)

                                        +

                                        Configuring a larger number of collection shards in Cloud Native Cluster Monitoring than the recommended value (one collection shards per 50 nodes)

                                        Excessive shards may overload the master node's memory, affecting system stability.

                                        Modifying add-on resources on the backend

                                        +

                                        Modifying add-on resources in the backend

                                        The add-on becomes malfunctional or other unexpected issues occur.

                                        +

                                        Add-on exceptions or other unexpected issues may occur. For example, parameter settings are overwritten after an upgrade.

                                        Perform operations on the add-on configuration page or using open add-on management APIs.

                                        Cluster Type

                                        +
                                        - - + - - - + - - - + - - - + - - - + - - - - - + - - - - - + - - - + - - - + - - - + - - - + - - - + - - - + - - - + - - - +

                                        Cluster Type

                                        CCE Standard Cluster

                                        +

                                        CCE Standard Cluster

                                        CCE Turbo Cluster

                                        +

                                        CCE Standard Cluster

                                        +

                                        CCE Turbo Cluster

                                        Network Model

                                        +

                                        Network Model

                                        Tunnel

                                        +

                                        Tunnel

                                        Cloud Native Network 2.0

                                        +

                                        VPC

                                        +

                                        Cloud Native Network 2.0

                                        NetworkPolicy

                                        +

                                        NetworkPolicy

                                        Enabled by default

                                        +

                                        Enabled by default

                                        Disabled by default (To use network policies, enable DataPlane V2 when creating a cluster.)

                                        +

                                        Disabled by default (To use network policies, enable DataPlane V2 when creating a cluster.)

                                        +

                                        Disabled by default (To use network policies, enable DataPlane V2 when creating a cluster.)

                                        Data plane implementation

                                        +

                                        Data plane implementation

                                        OpenvSwitch

                                        +

                                        OpenvSwitch

                                        eBPF

                                        +

                                        eBPF

                                        +

                                        eBPF

                                        Cluster version for inbound rules

                                        +

                                        Cluster version for ingress rules

                                        All versions

                                        +

                                        All versions

                                        v1.27.16-r10, v1.28.15-r0, v1.29.10-r0, v1.30.6-r0, or later

                                        +

                                        Cluster version: v1.27.16-r30, v1.28.15-r20, v1.29.13-r0, v1.30.10-r0, v1.31.6-r0, or later

                                        +

                                        Cluster version: v1.27.16-r10, v1.28.15-r0, v1.29.10-r0, v1.30.6-r0, or later

                                        Cluster version for outbound rules

                                        +

                                        Cluster version for egress rules

                                        v1.23 and later

                                        +

                                        v1.23 and later

                                        Selector for inbound rules

                                        +

                                        Selector for ingress rules

                                        namespaceSelector

                                        +

                                        namespaceSelector

                                        podSelector

                                        namespaceSelector

                                        +

                                        namespaceSelector

                                        +

                                        podSelector

                                        +

                                        IPBlock

                                        +

                                        namespaceSelector

                                        podSelector

                                        IPBlock

                                        Selector for outbound rules

                                        +

                                        Selector for egress rules

                                        namespaceSelector

                                        +

                                        namespaceSelector

                                        podSelector

                                        IPBlock

                                        Supported OS

                                        +

                                        Supported OS

                                        EulerOS

                                        -

                                        HCE OS 2.0

                                        +

                                        EulerOS

                                        +

                                        HCE OS 2.0

                                        HCE OS 2.0

                                        +

                                        HCE OS 2.0

                                        +

                                        HCE OS 2.0

                                        IPv6 network policies

                                        +

                                        IPv6 network policies

                                        Not supported

                                        +

                                        Not supported

                                        Supported

                                        +

                                        Not supported

                                        +

                                        Supported

                                        Secure containers

                                        +

                                        Secure containers

                                        Not supported

                                        +

                                        Not supported

                                        Not supported

                                        +

                                        Not supported

                                        +

                                        Not supported

                                        IPBlock scope

                                        +

                                        IPBlock scope

                                        Not limited

                                        +

                                        Not limited

                                        The CIDR blocks and node IP addresses in the container CIDR block cannot be configured.

                                        +

                                        Subnets within the pod CIDR block, Service CIDR block, and node IP addresses

                                        +

                                        Subnets within the pod CIDR block, Service CIDR block, and node IP addresses

                                        Limit ClusterIP access through workload labels

                                        +

                                        Limit ClusterIP access through workload labels

                                        Not supported

                                        +

                                        Not supported

                                        Supported

                                        +

                                        Supported

                                        +

                                        Supported

                                        Limit the internal cloud server CIDR block of 100.125.0.0/16

                                        +

                                        Limit the internal cloud server CIDR block of 100.125.0.0/16

                                        Supported

                                        +

                                        Supported

                                        Not supported

                                        +

                                        Supported

                                        +

                                        Not supported

                                        SCTP

                                        +

                                        SCTP

                                        Not supported

                                        +

                                        Not supported

                                        Not supported

                                        +

                                        Supported

                                        +

                                        Not supported

                                        Always allow access to pods on a node from other nodes

                                        +

                                        Always allow access to pods on a node from other nodes

                                        Supported

                                        +

                                        Supported

                                        Supported

                                        +

                                        Supported

                                        +

                                        Supported

                                        Configure EndPort in network policies

                                        +

                                        Configure EndPort in network policies

                                        Not supported

                                        +

                                        Not supported

                                        Not supported

                                        +

                                        Supported

                                        +

                                        Not supported
                                        -
                                        • CCE DataPlane V2 is released with restrictions. To use this feature, submit a service ticket to CCE.
                                        • Secure containers (such as Kata as the container runtime) are not supported by network policies.
                                        • If you upgrade a CCE standard cluster with a tunnel network to a version that supports egress rules in in-place mode, the rules will not work because the node OS is not upgraded. In this case, reset the node.
                                        • When a network policy is enabled for a cluster that uses a tunnel network, the source IP address of a pod accessing the CIDR block of a Service will be recorded in the optional field of the reported IP address data. This enables the configuration of network policy rules on the destination pod, taking into account the source IP address of the pod.
                                        +
                                        • CCE DataPlane V2 is released with restrictions. To use this feature, submit a service ticket to CCE.
                                        • Secure containers (such as Kata as the container runtime) are not supported by network policies.
                                        • If you upgrade a CCE standard cluster with a tunnel network to a version that supports egress rules in in-place mode, the rules will not work because the node OS is not upgraded. In this case, reset the node.
                                        • When a network policy is enabled for a cluster with a tunnel network, a pod's source IP address is embedded in the optional field of packets it sends to any Service CIDR block. This enables the configuration of network policy rules on the destination pod, taking into account the source IP address of the pod.
                                        -

                                        Using Ingress Rules Through YAML

                                        • Scenario 1: Use a network policy to limit access to a pod to only pods with specific labels.
                                          Figure 1 podSelector
                                          -

                                          The pod labeled with role=db only permits access to its port 6379 from pods labeled with role=frontend. To do so, perform the following operations:

                                          +

                                          Using Ingress Rules Through YAML

                                          • Scenario 1: Controlled by a preset network policy, a pod can only be accessed by pods with specific labels.
                                            Figure 1 podSelector
                                            +

                                            The pod labeled with role=db only permits access to its port 6379 from pods labeled with role=frontend. To achieve this, take the following steps:

                                            1. Create the access-demo1.yaml file.
                                              vim access-demo1.yaml

                                              File content:

                                              apiVersion: networking.k8s.io/v1
@@ -149,19 +181,19 @@ spec:
       role: db
   ingress:                      # This is an ingress rule.
   - from:
-    - podSelector:              # Only allow the access of the pods labeled with role=frontend.
+    - podSelector:              # Only allows the access of the pods labeled with role=frontend.
         matchLabels:
           role: frontend
     ports:                      # Only TCP can be used to access port 6379.
     - protocol: TCP
       port: 6379
                                              -
                                            2. Run the following command to create the network policy based on the access-demo1.yaml file:
                                              kubectl apply -f access-demo1.yaml
                                              +
                                            3. Run the following command to create the network policy defined in the access-demo1.yaml file:
                                              kubectl apply -f access-demo1.yaml

                                              Expected output:

                                              networkpolicy.networking.k8s.io/access-demo1 created
                                          -
                                          • Scenario 2: Use a network policy to limit access to a pod to only pods in a specific namespace.
                                            Figure 2 namespaceSelector
                                            -

                                            The pod labeled with role=db only permits access to its port 6379 from pods in the namespace labeled with project=myproject. To do so, perform the following operations:

                                            +
                                            • Scenario 2: Controlled by a preset network policy, a pod can only be accessed by pods in a specific namespace.
                                              Figure 2 namespaceSelector
                                              +

                                              The pod labeled with role=db only permits access to its port 6379 from pods in the namespace labeled with project=myproject. To achieve this, take the following steps:

                                              1. Create the access-demo2.yaml file.
                                                vim access-demo2.yaml

                                                File content:

                                                apiVersion: networking.k8s.io/v1
@@ -174,23 +206,23 @@ spec:
       role: db
   ingress:                      # This is an ingress rule.
   - from:
-    - namespaceSelector:        # Only allow the access of the pods in the namespace labeled with project=myproject.
+    - namespaceSelector:        # Only allows the access of the pods in the namespace labeled with project=myproject.
         matchLabels:
           project: myproject
     ports:                      # Only TCP can be used to access port 6379.
     - protocol: TCP
       port: 6379
                                                -
                                              2. Run the following command to create the network policy based on the access-demo2.yaml file:
                                                kubectl apply -f access-demo2.yaml
                                                +
                                              3. Run the following command to create the network policy defined in the access-demo2.yaml file:
                                                kubectl apply -f access-demo2.yaml

                                                Expected output:

                                                networkpolicy.networking.k8s.io/access-demo2 created

                                          Using Egress Rules Through YAML

                                          The clusters of v1.23 or later using a tunnel network support egress rules. Only nodes running EulerOS 2.9 or HCE OS 2.0 are supported.

                                          -

                                          Egress rules are only supported by CCE Turbo clusters of v1.27.16-r10, v1.28.15-r0, v1.29.10-r0, v1.30.6-r0, or later with DataPlane V2 enabled. Additionally, nodes in these clusters must only run HCE OS 2.0.

                                          +

                                          Egress rules are only available for CCE Turbo clusters or other CCE clusters using a VPC network. The cluster version must be v1.27.16-r10, v1.28.15-r0, v1.29.10-r0, v1.30.6-r0 or later, and DataPlane V2 must be enabled. Additionally, nodes in these clusters must run HCE OS 2.0.

                                          -
                                          • Scenario 1: Use a network policy to limit a pod's access to specific addresses.
                                            Figure 3 IPBlock
                                            -

                                            The pod labeled with role=db only permits access to the 172.16.0.0/16 CIDR block, excluding 172.16.0.40/32 within it. To do so, perform the following operations:

                                            +
                                            • Scenario 1: Controlled by a preset network policy, pods can only access specific addresses.
                                              Figure 3 IPBlock
                                              +

                                              The pods labeled role=db only allow access to 172.16.0.0/16, excluding 172.16.0.40/32. To achieve this, take the following steps:

                                              1. Create the access-demo3.yaml file.
                                                vim access-demo3.yaml

                                                File content:

                                                apiVersion: networking.k8s.io/v1
@@ -199,23 +231,23 @@ metadata:
   name: access-demo3
   namespace: default
 spec:
-  policyTypes:                  # Must be specified for an egress rule.
+  policyTypes:                  # This policy type must be specified for egress rules.
     - Egress
   podSelector:                  # The rule takes effect for pods with the role=db label.
     matchLabels:
       role: db
-  egress:                       # Egress rule
+  egress:                       # This is an egress rule.
   - to:
     - ipBlock:
-        cidr:172.16.0.0/16    # Allow access to this CIDR block in the outbound direction.
+        cidr: 172.16.0.0/16    # Allows access to this CIDR block in the outbound direction.
         except:
-        - 172.16.0.40/32        # Block access to this address in the CIDR block.
                                                -
                                              2. Run the following command to create the network policy based on the access-demo3.yaml file:
                                                kubectl apply -f access-demo3.yaml
                                                + - 172.16.0.40/32 # Blocks access to this CIDR block. This CIDR block is in the allowed CIDR block. +
                                              3. Run the following command to create the network policy defined in the access-demo3.yaml file:
                                                kubectl apply -f access-demo3.yaml

                                                Expected output:

                                                networkpolicy.networking.k8s.io/access-demo3 created
                                              -
                                            • Scenario 2: Use a network policy to limit access to a pod to only pods with specific labels and this pod can only access specific pods.
                                              Figure 4 Using both ingress and egress
                                              -

                                              The pod labeled with role=db only permits access to its port 6379 from pods labeled with role=frontend, and this pod can only access the pods labeled with role=web. You can use the same rule to configure both ingress and egress in a network policy. To do so, perform the following operations:

                                              +
                                            • Scenario 2: Controlled by a preset network policy, a pod can only be accessed by pods with specific labels, while this pod itself can only access specific pods.
                                              Figure 4 Using both ingress and egress
                                              +

                                              The pod labeled with role=db only permits access to its port 6379 from pods labeled with role=frontend, and this pod can only access the pods labeled with role=web. You can use the same rule to configure both ingress and egress in a network policy. To achieve this, take the following steps:

                                              1. Create the access-demo4.yaml file.
                                                vim access-demo4.yaml

                                                File content:

                                                apiVersion: networking.k8s.io/v1
@@ -232,25 +264,25 @@ spec:
       role: db
   ingress:                      # This is an ingress rule.
   - from:
-    - podSelector:              # Only allow the access of the pods labeled with role=frontend.
+    - podSelector:              # Only allows the access of the pods labeled with role=frontend.
         matchLabels:
           role: frontend
     ports:                      # Only TCP can be used to access port 6379.
     - protocol: TCP
       port: 6379
-  egress:                       # Egress rule
+  egress:                       # This is an egress rule.
   - to:
-    - podSelector:              # Only pods with the role=web label can be accessed.
+    - podSelector:              # The rule takes effect for pods with the role=web label.
         matchLabels:
           role: web
                                                -
                                              2. Run the following command to create the network policy based on the access-demo4.yaml file:
                                                kubectl apply -f access-demo4.yaml
                                                +
                                              3. Run the following command to create the network policy defined the access-demo4.yaml file:
                                                kubectl apply -f access-demo4.yaml

                                                Expected output:

                                                networkpolicy.networking.k8s.io/access-demo4 created
                                          -

                                          Creating a Network Policy on the Console

                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                          2. Choose Policies in the navigation pane, click the Network Policies tab, and click Create Network Policy in the upper right corner.

                                            • Policy Name: Specify a network policy name.
                                            • Namespace: Select a namespace in which the network policy is applied.
                                            • Selector: Enter a label, select the pod to be associated, and click Add. You can also click Reference Workload Label to use the label of an existing workload.
                                            • Inbound Rule: Click to add an inbound rule. For details about parameter settings, see Table 1.

                                              -

                                              +

                                              Creating a Network Policy on the Console

                                              1. Log in to the CCE console and click the cluster name to access the cluster console.
                                              2. Choose Policies in the navigation pane, click the Network Policies tab, and click Create Network Policy in the upper right corner.

                                                • Policy Name: Specify a network policy name.
                                                • Namespace: Select a namespace in which the network policy is applied.
                                                • Selector: Enter a label, select the pod to be associated, and click Add. You can also click Reference Workload Label to use the label of an existing workload.
                                                • Inbound Rule: Click to add an inbound rule. For details about parameter settings, see Table 1.

                                                  +

                                                  @@ -266,7 +298,7 @@ spec:
                                                  Table 1 Adding an inbound rule

                                                  Parameter

                                                  Source CIDR Block

                                                  For clusters of v1.27.16-r10, v1.28.15-r0, v1.29.10-r0, v1.30.6-r0, or later versions with DataPlane V2 enabled, you can configure the source CIDR block.

                                                  -

                                                  The specified source CIDR block allows traffic from a destination CIDR block (multiple exception CIDR blocks can be specified). Separate the destination and exception CIDR blocks using a vertical bar (|). If there are multiple exception CIDR blocks, separate them using commas (,). For example, 172.17.0.0/16|172.17.1.0/24,172.17.2.0/24 indicates that 172.17.0.0/16 is accessible, but not for 172.17.1.0/24 and 172.17.2.0/24.

                                                  +

                                                  The specified source CIDR block allows traffic from a destination CIDR block (multiple exception CIDR blocks can be specified). Separate the destination and exception CIDR blocks using a vertical bar (|). If there are multiple exception CIDR blocks, separate them using commas (,). For example, 172.17.0.0/16|172.17.1.0/24,172.17.2.0/24 indicates that 172.17.0.0/16 is accessible, but 172.17.1.0/24 and 172.17.2.0/24 are inaccessible.

                                                  Source Namespace

                                                  @@ -283,8 +315,8 @@ spec:
                                                  -
                                                • Outbound Rule: Click to add an outbound rule. For details about parameter settings, see Table 2.

                                                  -

                                                  +
                                                • Outbound Rule: Click to add an outbound rule. For details about parameter settings, see Table 2.

                                                  +

                                                  @@ -299,7 +331,7 @@ spec: -
                                                  Table 2 Adding an outbound rule

                                                  Parameter

                                                  Destination CIDR Block

                                                  Allows requests to be routed to a specified CIDR block (and not to the exception CIDR blocks). Separate the destination and exception CIDR blocks using a vertical bar (|). If there are multiple exception CIDR blocks, separate them using commas (,). For example, 172.17.0.0/16|172.17.1.0/24,172.17.2.0/24 indicates that 172.17.0.0/16 is accessible, but not for 172.17.1.0/24 and 172.17.2.0/24.

                                                  +

                                                  Allow requests to be routed to a specified CIDR block (and not to the exception CIDR blocks). Separate the destination and exception CIDR blocks using a vertical bar (|). If there are multiple exception CIDR blocks, separate them using commas (,). For example, 172.17.0.0/16|172.17.1.0/24,172.17.2.0/24 indicates that 172.17.0.0/16 is accessible, but 172.17.1.0/24 and 172.17.2.0/24 are inaccessible.

                                                  Destination Namespace

                                                  diff --git a/docs/cce/umn/cce_10_0063.html b/docs/cce/umn/cce_10_0063.html index 3fc3dd49b..b5239f518 100644 --- a/docs/cce/umn/cce_10_0063.html +++ b/docs/cce/umn/cce_10_0063.html @@ -4,8 +4,8 @@

                                                  Scenario

                                                  After a node scaling policy is created, you can delete, edit, disable, enable, or clone the policy.

                                                  Viewing a Node Scaling Policy

                                                  You can view the associated node pool, rules, and scaling history of a node scaling policy and rectify faults according to the error information displayed.

                                                  -
                                                  1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                  2. In the navigation pane, choose Nodes. On the page displayed, click the Node Pools tab and then the name of the node pool for which an auto scaling policy has been created to view the node pool details.
                                                  3. On the node pool details page, click the Auto Scaling tab to view the auto scaling configuration and scaling records.

                                                    You can obtain created auto scaling policies on the Policies page.

                                                    -
                                                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                    2. In the navigation pane, choose Policies. On the page displayed, click the Node Scaling Policies tab.
                                                    3. Check the configuration of the auto scaling policies. Choose More > Scaling History for the target policy to check the scaling records of the policy.
                                                    +
                                                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                    2. In the navigation pane, choose Nodes.On the page displayed, click the Node Pools tab and then the name of the node pool for which an auto scaling policy has been created to view the node pool details.
                                                    3. On the node pool details page, click the Auto Scaling tab to view the auto scaling configuration and scaling records.

                                                      You can obtain created auto scaling policies on the Policies page.

                                                      +
                                                      1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                      2. In the navigation pane, choose Policies. On the page displayed, click the Node Scaling Policies tab.
                                                      3. Check the configuration of the auto scaling policies. Choose More > Scaling History for the target policy to check the scaling records of the policy.

                                                    @@ -20,7 +20,7 @@
                                                    -
                                                    Parent topic: Scaling a Node
                                                    +
                                                    Parent topic: Node Scaling
                                                    diff --git a/docs/cce/umn/cce_10_0064.html b/docs/cce/umn/cce_10_0064.html index b6aa1fe38..e5745f530 100644 --- a/docs/cce/umn/cce_10_0064.html +++ b/docs/cce/umn/cce_10_0064.html @@ -10,7 +10,7 @@
                                                  4. Cloud Native Observability Add-ons
                                                    5. -
                                                  5. Cloud Native Heterogeneous Computing Add-ons
                                                    +
                                                  6. Cloud Native AI Add-ons
                                                  7. Container Network Add-ons
                                                    8. diff --git a/docs/cce/umn/cce_10_0066.html b/docs/cce/umn/cce_10_0066.html index 28213b8de..957f991cb 100644 --- a/docs/cce/umn/cce_10_0066.html +++ b/docs/cce/umn/cce_10_0066.html @@ -1,129 +1,130 @@

                                                    CCE Container Storage (Everest)

                                                    -

                                                    Introduction

                                                    Everest is a cloud native container storage system, which enables clusters of Kubernetes v1.15.6 or later to access cloud storage services through the CSI.

                                                    +

                                                    Introduction

                                                    Container Storage Interface (CSI) is a storage add-on standard recommended by the Kubernetes community. It is used for unified interconnection between the container orchestration platform and various storage systems. Based on the CSI standard, CCE provides CCE Container Storage (Everest), a self-developed storage add-on. This add-on can seamlessly interconnect with multiple IaaS storage services, including EVS (block storage), SFS, OBS, and SFS Turbo, to provide multiple types of persistent storage capabilities for containers.

                                                    +

                                                    CCE Container Storage (Everest) provides diverse persistent storage capabilities for clusters. It can adapt to storage requirements in various service scenarios, such as databases, high-performance computing, shared file access, and large file archiving. This add-on provides a unified storage interface, supports multiple types of storage media, and works closely with CCE scheduling policies, auto scaling strategies, and security systems. It can significantly improve the storage performance and service continuity of cloud native workloads.

                                                    Everest is a system resource add-on. It is installed by default when a cluster of Kubernetes v1.15 or later is created.

                                                    Notes and Constraints

                                                    • In version 1.2.0 of the Everest add-on, key authentication is optimized when OBS is used. After the Everest add-on is upgraded from a version earlier than 1.2.0, restart all workloads that use OBS in the cluster. Otherwise, workloads may not be able to use OBS.

                                                    Installing the Add-on

                                                    This add-on has been installed by default. If it is uninstalled due to some reasons, you can reinstall it by performing the following steps:

                                                    -
                                                    1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Add-ons, locate CCE Container Storage (Everest) on the right, and click Install.
                                                    2. On the Install Add-on page, configure the specifications as needed.

                                                      • If you selected Preset, you can choose between Small, Medium, or Large as needed. The system will automatically set the number of add-on pods and resource quotas according to the preset specifications. You can see the configurations on the console.

                                                        The small specification is best for clusters with up to 50 nodes and 500 PVCs. The medium specification works well for clusters with up to 200 nodes and 2000 PVCs. The large specification is perfect for clusters with up to 1000 nodes and 10,000 PVCs.

                                                        +
                                                        1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                        2. In the navigation pane, choose Add-ons. Locate CCE Container Storage (Everest) and click Edit.
                                                        3. On the Install Add-on page, configure the specifications as needed.

                                                          • If you selected Preset, you can choose between Small, Medium, or Large as needed. The system will automatically set the number of add-on pods and resource quotas according to the preset specifications. You can see the configurations on the console.

                                                            The small specification is best for clusters with up to 50 nodes and 500 PVCs. The medium specification works well for clusters with up to 200 nodes and 2000 PVCs. The large specification is perfect for clusters with up to 1000 nodes and 10,000 PVCs.

                                                          • If you selected Custom, you can adjust the number of pods and resource quotas as needed. The requested CPUs and memory can be adjusted based on the number of nodes and PVCs. For details, see Table 1.

                                                            In non-typical scenarios, the formulas for estimating the limits are as follows:

                                                            • everest-csi-controller
                                                              • CPU limit: 250m for 200 or fewer nodes, 350m for 1000 nodes, and 500m for 2000 nodes
                                                              • Memory limit = (200 MiB + Number of nodes x 1 MiB + Number of PVCs x 0.2 MiB) x 1.2
                                                            • everest-csi-driver
                                                              • CPU limit: 300m for 200 or fewer nodes, 500m for 1000 nodes, and 800m for 2000 nodes
                                                              • Memory limit: 300 MiB for 200 or fewer nodes, 600 MiB for 1000 nodes, and 900 MiB for 2000 nodes
                                                            -
                                                            Table 1 Recommended configuration limits in typical scenarios

                                                            Configuration Scenario

                                                            +
                                                            - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -131,99 +132,108 @@

                                                          • Configure the add-on parameters.

                                                            -

                                                            • Table 1 Recommended configuration limits in typical scenarios

                                                            Configuration Scenario

                                                            everest-csi-controller

                                                            +

                                                            everest-csi-controller

                                                            everest-csi-driver

                                                            +

                                                            everest-csi-driver

                                                            Nodes

                                                            +

                                                            Nodes

                                                            PVs/PVCs

                                                            +

                                                            PVs/PVCs

                                                            Add-on Pods

                                                            +

                                                            Add-on Pods

                                                            CPU Cores (Limit = Request)

                                                            +

                                                            CPU Cores (Limit = Request)

                                                            Memory (Limit = Request)

                                                            +

                                                            Memory (Limit = Request)

                                                            CPU Cores (Limit = Request)

                                                            +

                                                            CPU Cores (Limit = Request)

                                                            Memory (Limit = Request)

                                                            +

                                                            Memory (Limit = Request)

                                                            50

                                                            +

                                                            50

                                                            1000

                                                            +

                                                            1000

                                                            2

                                                            +

                                                            2

                                                            250m

                                                            +

                                                            250m

                                                            600 MiB

                                                            +

                                                            600 MiB

                                                            300m

                                                            +

                                                            300m

                                                            300 MiB

                                                            +

                                                            300 MiB

                                                            200

                                                            +

                                                            200

                                                            1000

                                                            +

                                                            1000

                                                            2

                                                            +

                                                            2

                                                            250m

                                                            +

                                                            250m

                                                            1 GiB

                                                            +

                                                            1 GiB

                                                            300m

                                                            +

                                                            300m

                                                            300 MiB

                                                            +

                                                            300 MiB

                                                            1000

                                                            +

                                                            1000

                                                            1000

                                                            +

                                                            1000

                                                            2

                                                            +

                                                            2

                                                            350m

                                                            +

                                                            350m

                                                            2 GiB

                                                            +

                                                            2 GiB

                                                            500m

                                                            +

                                                            500m

                                                            600 MiB

                                                            +

                                                            600 MiB

                                                            1000

                                                            +

                                                            1000

                                                            5000

                                                            +

                                                            5000

                                                            2

                                                            +

                                                            2

                                                            450m

                                                            +

                                                            450m

                                                            3 GiB

                                                            +

                                                            3 GiB

                                                            500m

                                                            +

                                                            500m

                                                            600 MiB

                                                            +

                                                            600 MiB

                                                            2000

                                                            +

                                                            2000

                                                            5000

                                                            +

                                                            5000

                                                            2

                                                            +

                                                            2

                                                            550m

                                                            +

                                                            550m

                                                            4 GiB

                                                            +

                                                            4 GiB

                                                            800m

                                                            +

                                                            800m

                                                            900 MiB

                                                            +

                                                            900 MiB

                                                            2000

                                                            +

                                                            2000

                                                            10000

                                                            +

                                                            10000

                                                            2

                                                            +

                                                            2

                                                            650m

                                                            +

                                                            650m

                                                            5 GiB

                                                            +

                                                            5 GiB

                                                            800m

                                                            +

                                                            800m

                                                            900 MiB

                                                            +

                                                            900 MiB
                                                            Table 2 Add-on parameters

                                                            Item

                                                            +
                                                            - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + @@ -234,26 +244,26 @@

                                                          • Configure deployment policies for the add-on pods.

                                                            • Scheduling policies do not take effect on add-on pods of the DaemonSet type.
                                                            • When configuring multi-AZ deployment or node affinity, ensure that there are nodes meeting the scheduling policy and that resources are sufficient in the cluster. Otherwise, the add-on cannot run.
                                                            -
                                                            • Table 2 Add-on parameters

                                                            Item

                                                            Configuration Method

                                                            +

                                                            Configuration Method

                                                            Description

                                                            +

                                                            Description

                                                            Reserved EVS Disks for Non-Container Workloads

                                                            +

                                                            Reserved EVS Disks for Non-Container Workloads

                                                            Visualized GUI configuration

                                                            +

                                                            Visualized GUI configuration

                                                            Number of disks on the node reserved for custom use. This parameter is supported when the add-on version is 2.3.11 or later.

                                                            -

                                                            Assume that a maximum of 20 EVS disks can be attached to a node, and the value of this parameter is set to 6. Then 14 (20-6) disks can be attached to this node when the system schedules the EVS disk attachment workloads. The reserved six disks include one system disk and one data disk that have been attached to the node. You can attach four EVS disks to this node as additional data disks or raw disks for a local storage pool.

                                                            +

                                                            Number of disks on the node reserved for custom use. This parameter is supported when the add-on version is 2.3.11 or later.

                                                            +

                                                            Assume that a maximum of 20 EVS disks can be attached to a node, and the value of this parameter is set to 6. Then 14 (20-6) disks can be attached to this node when the system schedules the EVS disk attachment workloads. The reserved six disks include one system disk and one data disk that are already attached to the node. You can attach four EVS disks to this node as additional data disks or raw disks for a local storage pool.

                                                            Prohibit Global Secret from Mounting Object Storage

                                                            +

                                                            Prohibit Global Secret from Mounting Object Storage

                                                            Visualized GUI configuration

                                                            +

                                                            Visualized GUI configuration

                                                            Whether the default AK/SK can be used when an object bucket or parallel file system is mounted.

                                                            +

                                                            Whether the default AK/SK can be used when an object bucket or parallel file system is mounted.

                                                            • is: If you do not specify a custom secret for mounting OBS storage, the global secret you uploaded will be used.
                                                            • No: If you do not specify a custom secret for mounting OBS storage, only the global secret you uploaded can be used. Otherwise, the mounting will fail.

                                                            Concurrent EVS Disk Attaching Tasks

                                                            +

                                                            Concurrent EVS Disk Attaching Tasks

                                                            Visualized GUI configuration

                                                            +

                                                            Visualized GUI configuration

                                                            Number of workers that can be concurrently processed by Everest for attaching EVS volumes. The default value is 60.

                                                            +

                                                            Number of workers that can be concurrently processed by Everest for attaching EVS volumes. The default value is 60.

                                                            Concurrent EVS Disk Detaching Tasks

                                                            +

                                                            Concurrent EVS Disk Detaching Tasks

                                                            Visualized GUI configuration

                                                            +

                                                            Visualized GUI configuration

                                                            Number of workers that can be concurrently processed by Everest for detaching EVS volumes. The default value is 60.

                                                            +

                                                            Number of workers that can be concurrently processed by Everest for detaching EVS volumes. The default value is 60.

                                                            Distributed Volume Mounting

                                                            +

                                                            Distributed Volume Mounting

                                                            Visualized GUI configuration

                                                            +

                                                            Visualized GUI configuration

                                                            When enabled, the everest-csi-driver component on each node is responsible for attaching or detaching EVS disks.

                                                            +

                                                            When enabled, the everest-csi-driver component on each node is responsible for attaching or detaching EVS disks.

                                                            If disabled, the everest-csi-controller component takes on this responsibility.

                                                            flow_control

                                                            +

                                                            flow_control

                                                            Extended Parameter Settings

                                                            +

                                                            Extended parameter settings

                                                            The default configuration is used. After installing the CCE Container Storage (Everest) add-on, you can refer to ConfigMap everest-driver-th-config in the kube-system namespace for more details.

                                                            +

                                                            The default configuration is used. After installing the CCE Container Storage (Everest) add-on, you can refer to ConfigMap everest-driver-th-config in the kube-system namespace for more details.

                                                            over_subscription

                                                            +

                                                            over_subscription

                                                            Extended parameter settings

                                                            +

                                                            Extended parameter settings

                                                            Overcommitment ratio of the local storage pool (local_storage). The default value for the local storage pool size is set to 80. If the pool size is 100 GiB, it can be overcommitted up to 180 GiB. (Total capacity after overcommitment = (1 + Overcommitment ratio) x Actual capacity)

                                                            +

                                                            Overcommitment ratio of the local storage pool (local_storage). The default value for the local storage pool size is set to 80. If the pool size is 100 GiB, it can be overcommitted up to 180 GiB. (Total capacity after overcommitment = (1 + Overcommitment ratio) x Actual capacity)

                                                            enable_local_autoexpander

                                                            +

                                                            enable_local_autoexpander

                                                            Extended parameter settings

                                                            +

                                                            Extended parameter settings

                                                            Whether to enable automatic scale-out for the local storage pool of thin volumes. If this function is enabled, automatic scale-out is triggered based on the scale-out threshold and scale-out step of the local storage pool.

                                                            +

                                                            Whether to enable automatic scale-out for the local storage pool of thin volumes. If this function is enabled, automatic scale-out is triggered based on the scale-out threshold and scale-out step of the local storage pool.

                                                            expansion_threshold

                                                            +

                                                            expansion_threshold

                                                            Extended parameter settings

                                                            +

                                                            Extended parameter settings

                                                            Capacity expansion threshold of the local storage pool of the thin volume. When the usage of the local storage pool of the thin volume exceeds the threshold, the local storage pool is automatically expanded.

                                                            +

                                                            Capacity expansion threshold of the local storage pool of the thin volume. When the usage of the local storage pool of the thin volume exceeds the threshold, the local storage pool is automatically expanded.

                                                            expansion_step

                                                            +

                                                            expansion_step

                                                            Extended parameter settings

                                                            +

                                                            Extended parameter settings

                                                            Capacity expansion step of a single EVS disk in the local storage pool of thin provisioning volumes (unit: Gi)

                                                            +

                                                            Capacity expansion step of a single EVS disk in the local storage pool of thin provisioning volumes (unit: Gi)

                                                            expansion_max_evs_size

                                                            +

                                                            expansion_max_evs_size

                                                            Extended parameter settings

                                                            +

                                                            Extended parameter settings

                                                            Maximum capacity of a single EVS disk in the local storage pool of thin provisioning volumes (unit: Gi)

                                                            +

                                                            Maximum capacity of a single EVS disk in the local storage pool of thin provisioning volumes (unit: Gi)

                                                            volume_attaching_flow_ctrl

                                                            +

                                                            volume_attaching_flow_ctrl

                                                            Extended parameter settings

                                                            +

                                                            Extended parameter settings

                                                            Maximum number of EVS volumes that can be attached by the Everest add-on within 1 minute. The default value is 0, indicating that the performance of attaching EVS volumes is determined by the underlying storage resources.

                                                            +

                                                            Maximum number of EVS volumes that can be attached by the Everest add-on within 1 minute. The default value is 0, indicating that the performance of attaching EVS volumes is determined by the underlying storage resources.

                                                            +

                                                            enable_aksk_refresh

                                                            +

                                                            Extended parameter settings

                                                            +

                                                            Whether to enable the function of dynamically updating custom access keys (AK/SK) using parallel file systems. This parameter is supported when the add-on version is 2.4.150 or later. For details, see Automatically Applying Updated Access Keys (AK/SK) for an OBS Volume. The default value is false, indicating that the function is disabled. The value true indicates that the function is enabled.

                                                            +

                                                            Whether to enable the function of dynamically updating custom access keys (AK/SK) using object storage. This parameter is supported when the add-on version is 2.4.150 or later. For details, see Automatically Applying Updated Access Keys (AK/SK) for an OBS Volume. The default value is false, indicating that the function is disabled. The value true indicates that the function is enabled.

                                                            +

                                                            If the add-on version is between 2.4.150 (inclusive) and 2.4.165 (exclusive), only parallel file systems are supported. Starting from version 2.4.165 and onward, both parallel file systems and OBS buckets are supported.
                                                            Table 3 Configurations for add-on scheduling

                                                            Parameter

                                                            +
                                                            - - - - - - - @@ -312,8 +322,8 @@ - @@ -324,7 +334,7 @@ - @@ -335,7 +345,7 @@ - @@ -346,7 +356,7 @@ - @@ -401,8 +411,8 @@
                                                            Table 3 Configurations for add-on scheduling

                                                            Parameter

                                                            Description

                                                            +

                                                            Description

                                                            Multi-AZ Deployment

                                                            +

                                                            Multi-AZ Deployment

                                                            • Preferred: Deployment pods of the add-on will be preferentially scheduled to nodes in different AZs. If all the nodes in the cluster are deployed in the same AZ, the pods will be scheduled to different nodes in that AZ.
                                                            • Equivalent mode: Deployment pods of the add-on are evenly scheduled to the nodes in the cluster in each AZ. If a new AZ is added, you are advised to increase add-on pods for cross-AZ HA deployment. With the Equivalent multi-AZ deployment, the difference between the number of add-on pods in different AZs will be less than or equal to 1. If resources in one of the AZs are insufficient, pods cannot be scheduled to that AZ.
                                                            • Forcible: Deployment pods of the add-on are forcibly scheduled to nodes in different AZs. There can be at most one pod in each AZ. If nodes in a cluster are not in different AZs, some add-on pods cannot run properly. If a node is faulty, add-on pods on it may fail to be migrated.
                                                            +
                                                            • Preferred: Deployment pods of the add-on will be preferentially scheduled to nodes in different AZs. If all the nodes in the cluster are deployed in the same AZ, the pods will be scheduled to different nodes in that AZ.
                                                            • Equivalent mode: Deployment pods of the add-on are evenly scheduled to the nodes in the cluster in each AZ. If a new AZ is added, you are advised to increase add-on pods for cross-AZ HA deployment. With the Equivalent multi-AZ deployment, the difference between the number of add-on pods in different AZs will be less than or equal to 1. If resources in one of the AZs are insufficient, pods cannot be scheduled to that AZ.
                                                            • Forcible: Deployment pods of the add-on are forcibly scheduled to nodes in different AZs. There can be at most one pod in each AZ. If nodes in a cluster are not in different AZs, some add-on pods cannot run properly. If a node is faulty, add-on pods on it may fail to be migrated.

                                                            Node Affinity

                                                            +

                                                            Node Affinity

                                                            • Not configured: Node affinity is disabled for the add-on.
                                                            • Specify node: Specify the nodes where the add-on is deployed. If you do not specify the nodes, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                            • Specify node pool: Specify the node pool where the add-on is deployed. If you do not specify the node pools, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                            • Customize affinity: Enter the labels of the nodes where the add-on is to be deployed for more flexible scheduling policies. If you do not specify node labels, the add-on will be randomly scheduled based on the default cluster scheduling policy.

                                                              If multiple custom affinity policies are configured, ensure that there are nodes that meet all the affinity policies in the cluster. Otherwise, the add-on cannot run.

                                                              +
                                                            • Not configured: Node affinity is disabled for the add-on.
                                                            • Specify node: Specify the nodes where the add-on is deployed. If you do not specify the nodes, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                            • Specify node pool: Specify the node pool where the add-on is deployed. If you do not specify the node pools, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                            • Customize affinity: Enter the labels of the nodes where the add-on is to be deployed for more flexible scheduling policies. If you do not specify node labels, the add-on will be randomly scheduled based on the default cluster scheduling policy.

                                                              If multiple custom affinity policies are configured, ensure that there are nodes that meet all the affinity policies in the cluster. Otherwise, the add-on cannot run.

                                                            Toleration

                                                            +

                                                            Toleration

                                                            Using both taints and tolerations allows (not forcibly) the add-on Deployment to be scheduled to a node with the matching taints, and controls the Deployment eviction policies after the node where the Deployment is located is tainted.

                                                            +

                                                            Using both taints and tolerations allows (not forcibly) the add-on Deployment to be scheduled to a node with the matching taints, and controls the Deployment eviction policies after the node where the Deployment is located is tainted.

                                                            The add-on adds the default tolerance policy for the node.kubernetes.io/not-ready and node.kubernetes.io/unreachable taints, respectively. The tolerance time window is 60s.

                                                            For details, see Configuring Tolerance Policies.

                                                            Invoking of different functions

                                                            action: indicates different functions. For details, see Table 6.

                                                            -

                                                            result: indicates that the invoking is successful or fails.

                                                            +

                                                            action: indicates different functions. For details, see Table 6.

                                                            +

                                                            result: indicates that the invoking is successful or fails.

                                                            everest_action_result_total{action="create_snapshot:disk.csi.everest.io",result="success"} 2

                                                            Number of times that different functions are executed at different time

                                                            function: indicates different functions. For details, see Table 6.

                                                            +

                                                            function: indicates different functions. For details, see Table 6.

                                                            everest_function_duration_seconds_bucket{function="create_snapshot:disk.csi.everest.io",le="10"} 2

                                                            Total invoking time of different functions

                                                            function: indicates different functions. For details, see Table 6.

                                                            +

                                                            function: indicates different functions. For details, see Table 6.

                                                            everest_function_duration_seconds_sum{function="create:disk.csi.everest.io"} 24.381399053

                                                            Number of invoking times of different functions

                                                            function: indicates different functions. For details, see Table 6.

                                                            +

                                                            function: indicates different functions. For details, see Table 6.

                                                            everest_function_duration_seconds_count{function="attach:disk.csi.everest.io"} 4

                                                            -

                                                            Change History

                                                            -
                                                            Table 7 Release history

                                                            Add-on Version

                                                            +

                                                            Release History

                                                            +
                                                            @@ -410,7 +420,20 @@ - + + + + - - - - - - diff --git a/docs/cce/umn/cce_10_0068.html b/docs/cce/umn/cce_10_0068.html index 7ec7e0bae..7ee927308 100644 --- a/docs/cce/umn/cce_10_0068.html +++ b/docs/cce/umn/cce_10_0068.html @@ -4,6 +4,8 @@

                                                            Description of DefaultPool

                                                            DefaultPool is not a real node pool. It only classifies nodes that are not in the custom node pools. These nodes are directly created on the console or by calling APIs. DefaultPool does not support any user-created node pool functions, including scaling and parameter configuration. DefaultPool cannot be edited, deleted, expanded, or auto scaled, and nodes in it cannot be migrated.

                                                            -

                                                            Applicable Scenarios

                                                            When a large-scale cluster is required, you are advised to use node pools to manage nodes.

                                                            +

                                                            Application Scenarios

                                                            When a large-scale cluster is required, you are advised to use node pools to manage nodes.

                                                            The following table describes multiple scenarios of large-scale cluster management and the functions of node pools in each scenario.

                                                            Table 7 CCE Container Storage (Everest) add-on

                                                            Add-on Version

                                                            Supported Cluster Version

                                                            2.4.134

                                                            +

                                                            2.4.161

                                                            +

                                                            v1.25

                                                            +

                                                            v1.27

                                                            +

                                                            v1.28

                                                            +

                                                            v1.29

                                                            +

                                                            v1.30

                                                            +

                                                            v1.31

                                                            +

                                                            v1.32

                                                            +

                                                            CCE clusters v1.32 are supported.

                                                            +

                                                            2.4.134

                                                            v1.25

                                                            v1.27

                                                            @@ -431,7 +454,7 @@

                                                            v1.29

                                                            v1.30

                                                            On HCE OS 2.0 nodes, you can configure the EVS PVC's fstype to xfs.

                                                            +

                                                            On HCE OS 2.0 nodes, you can configure the EVS PVC's fstype to xfs.

                                                            2.4.28

                                                            @@ -486,7 +509,7 @@

                                                            v1.25

                                                            v1.27

                                                            Supported HCE OS 2.0.

                                                            +

                                                            Supported HCE OS 2.0.

                                                            2.1.30

                                                            @@ -496,7 +519,7 @@

                                                            v1.23

                                                            v1.25

                                                            • Supported anti-affinity scheduling of add-on pods on nodes in different AZs.
                                                            • Adapts the obsfs package to Ubuntu 22.04.
                                                            +
                                                            • Supported anti-affinity scheduling of add-on pods on nodes in different AZs.
                                                            • Adapted the obsfs package to Ubuntu 22.04.

                                                            2.1.13

                                                            @@ -506,7 +529,7 @@

                                                            v1.23

                                                            v1.25

                                                            Optimized the performance of creating subpath PVCs in batches for SFS Turbo volumes.

                                                            +

                                                            Optimized the performance of creating subPath PVCs in batches for SFS Turbo volumes.

                                                            1.3.28

                                                            @@ -535,7 +558,7 @@

                                                            v1.19

                                                            v1.21

                                                            Optimized the performance of creating subpath PVCs in batches for SFS Turbo volumes.

                                                            +

                                                            Optimized the performance of creating subPath PVCs in batches for SFS Turbo volumes.

                                                            1.2.44

                                                            @@ -572,7 +595,7 @@

                                                            v1.15

                                                            v1.17

                                                            • Supported security hardening.
                                                            • Supported third-party OBS storage.
                                                            • Switched to the EVS query API with better performance.
                                                            • Used snapshots to create disks in clone mode by default.
                                                            • Optimized and enhanced disk status detection and log output for attaching and detaching operations.
                                                            • Improved the reliability of determining authentication expiration.
                                                            +
                                                            • Supported security hardening.
                                                            • Supported third-party OBS storage.
                                                            • Switched to the EVS query API with better performance.
                                                            • Disks can be created from snapshots using clone by default.
                                                            • Optimized and enhanced disk status detection and log output for attaching and detaching operations.
                                                            • Improved the reliability of determining authentication expiration.
                                                            Table 1 Using node pools for different management scenarios

                                                            Scenario

                                                            @@ -122,8 +122,8 @@

                                                            For example, you can use container's resource request as a nodeSelector so that workloads will run only on the nodes that meet the resource request.

                                                            If the workload definition file defines a container that requires four CPUs, the scheduler will not choose the nodes with two CPUs to run workloads.

                                                            -

                                                            Related Operations

                                                            You can log in to the CCE console and refer to the following sections to perform operations on node pools:

                                                            - +

                                                            Helpful Links

                                                            You can log in to the CCE console and refer to the following sections to perform operations on node pools:

                                                            +
                                                            diff --git a/docs/cce/umn/cce_10_0083.html b/docs/cce/umn/cce_10_0083.html index 91e679ea9..78dbddaa7 100644 --- a/docs/cce/umn/cce_10_0083.html +++ b/docs/cce/umn/cce_10_0083.html @@ -4,24 +4,24 @@

                                                            Scenario

                                                            After a workload scaling policy is created, you can update and delete the policy, as well as edit the YAML file.

                                                            Procedure

                                                            You can view the rules, latest status, and events of a workload scaling policy and handle exceptions based on the error information displayed.

                                                            -
                                                            1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                            2. In the navigation pane, choose Policies. On the Scaling Policies tab page, click the HPA Policies/CronHPA Policies tab based on the scaling policy type.
                                                            3. Check the latest status, rules, and associated workloads of a scaling policy.

                                                              You can also check a created scaling policy on the workload details page.

                                                              -
                                                              1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                              2. In the navigation pane, choose Workloads. Click the workload name to view its details.
                                                              3. On the workload details page, switch to the Auto Scaling tab page to obtain the scaling policies. You can also obtain the scaling policies you configured on the Policies page.
                                                              +
                                                              1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                              2. In the navigation pane, choose Policies. On the Scaling Policies tab, click the HPA Policies/CronHPA Policies tab based on the scaling policy type.
                                                              3. Check the latest status, rules, and associated workloads of a scaling policy.

                                                                You can also check a created scaling policy on the workload details page.

                                                                +
                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                2. In the navigation pane, choose Workloads. Click the workload name to view its details.
                                                                3. On the workload details page, switch to the Auto Scaling tab to obtain the scaling policies. You can also obtain the scaling policies you configured on the Policies page.

                                                              4. Manage scaling policies.

                                                                -

                                                                Scaling Policy Type

                                                                +
                                                                - - - - - @@ -32,7 +32,7 @@
                                                                -
                                                                Parent topic: Scaling a Workload
                                                                +
                                                                Parent topic: Workload Scaling
                                                                diff --git a/docs/cce/umn/cce_10_0084.html b/docs/cce/umn/cce_10_0084.html index 9f133d33d..f92ced2fb 100644 --- a/docs/cce/umn/cce_10_0084.html +++ b/docs/cce/umn/cce_10_0084.html @@ -3,7 +3,7 @@

                                                                Enabling ICMP Security Group Rules

                                                                Scenario

                                                                If a workload uses UDP for both load balancing and health check, enable ICMP security group rules for the backend servers.

                                                                -

                                                                Procedure

                                                                1. Log in to the CCE console and choose Networking > Virtual Private Cloud in the service list. In the navigation pane, choose Access Control > Security Groups.
                                                                2. In the security group list, locate the security group of the cluster. Click the Inbound Rules tab page and then Add Rule. In the Add Inbound Rule dialog box, configure inbound parameters.

                                                                  +

                                                                  Procedure

                                                                  1. Log in to the VPC console and choose Access Control > Security Groups.
                                                                  2. In the security group list, locate the security group of the cluster. Click the Inbound Rules tab page and then Add Rule. In the Add Inbound Rule dialog box, configure inbound parameters.

                                                                Scaling Policy Type

                                                                Operation

                                                                +

                                                                Operation

                                                                HPA

                                                                +

                                                                HPA

                                                                • View Events: Check HPA policy events. If an error occurred, locate and rectify the fault based on the error message displayed on the page.
                                                                • Edit YAML: In the dialog box displayed, edit, copy, or download the YAML file.
                                                                • Edit: On the Edit HPA Policy page, configure policy parameters listed in Table 1.
                                                                • Clone: Duplicate an existing auto scaling policy and modify the parameter settings as required.
                                                                • Delete: In the dialog box displayed, click Yes.
                                                                +
                                                                • View Events: Check HPA policy events. If an error occurred, locate and rectify the fault based on the error message displayed on the page.
                                                                • Edit YAML: In the dialog box displayed, edit, copy, or download the YAML file.
                                                                • Edit: On the Edit HPA Policy page, configure policy parameters listed in Table 1.
                                                                • Clone: Duplicate an existing auto scaling policy and modify the parameter settings as required.
                                                                • Delete: In the dialog box displayed, click Yes.

                                                                CronHPA

                                                                +

                                                                CronHPA

                                                                • View YAML: In the dialog box displayed, copy or download the YAML file but you are not allowed to modify it.
                                                                • Delete: In the dialog box displayed, click Yes.
                                                                +
                                                                • View YAML: In the dialog box displayed, copy or download the YAML file but you are not allowed to modify it.
                                                                • Delete: In the dialog box displayed, click Yes.

                                                                Cluster Type

                                                                ELB Type

                                                                diff --git a/docs/cce/umn/cce_10_0091.html b/docs/cce/umn/cce_10_0091.html index eaeea38d6..76660cbee 100644 --- a/docs/cce/umn/cce_10_0091.html +++ b/docs/cce/umn/cce_10_0091.html @@ -10,9 +10,9 @@
                                                              5. Creating a Cluster
                                                                6. -
                                                              6. Connecting to a Cluster
                                                                +
                                                              7. Accessing a Cluster
                                                                8. -
                                                              8. Managing a Cluster
                                                                +
                                                              9. Managing Clusters
                                                              10. Upgrading a Cluster
                                                                11. diff --git a/docs/cce/umn/cce_10_0094.html b/docs/cce/umn/cce_10_0094.html index 81c2a04ac..9424cba94 100644 --- a/docs/cce/umn/cce_10_0094.html +++ b/docs/cce/umn/cce_10_0094.html @@ -1,9 +1,9 @@ -

                                                                Overview

                                                                +

                                                                Ingress Overview

                                                                Why We Need Ingresses?

                                                                A Service is generally used to forward access requests based on TCP and UDP and provide layer-4 load balancing for clusters. However, in actual scenarios, if there is a large number of HTTP/HTTPS access requests on the application layer, the Service cannot meet the forwarding requirements. Therefore, the Kubernetes cluster provides an HTTP-based access mode, ingress.

                                                                An ingress is an independent resource in the Kubernetes cluster and defines rules for forwarding external access traffic. As shown in Figure 1, you can customize forwarding rules based on domain names and URLs to implement fine-grained distribution of access traffic.

                                                                -
                                                                Figure 1 Ingress diagram
                                                                +
                                                                Figure 1 Ingress diagram

                                                                Ingress Overview

                                                                Kubernetes uses ingress resources to define how incoming traffic should be handled, while the Ingress Controller is responsible for processing the actual traffic.

                                                                • Ingress object: a set of access rules that forward requests to specified Services based on domain names or paths. It can be added, deleted, modified, and queried by calling APIs.
                                                                • Ingress Controller: an executor for forwarding requests. It monitors the changes of resource objects such as ingresses, Services, endpoints, secrets (mainly TLS certificates and keys), nodes, and ConfigMaps in real time, parses rules defined by ingresses, and forwards requests to the target backend Services.
                                                                  The way of implementing Ingress Controllers varies depending on their vendors. CCE supports LoadBalancer Ingress Controllers and NGINX Ingress Controllers.
                                                                  • LoadBalancer Ingress Controllers are deployed on master nodes and forward traffic based on the ELB. All policy configurations and forwarding behaviors are managed on the ELB.
                                                                  • NGINX Ingress Controllers are deployed in clusters using charts and images maintained by the Kubernetes community. They provide external access through NodePort and forward external traffic to other services in the cluster through Nginx. All traffic forwarding behaviors and forwarding objects are within the cluster.
                                                                  @@ -83,19 +83,19 @@

                                                                  LoadBalancer Ingress Controllers are deployed on master nodes and bound to load balancers in the cluster's VPC. You can configure different domain names, ports, and forwarding policies for the same load balancer (with the same IP address). The working rules of LoadBalancer Ingress Controllers are as follows:

                                                                  1. A user creates an ingress and configures a traffic access rule in the ingress, including the load balancer, access path, SSL, and backend Service port.
                                                                  2. When Ingress Controller detects that the ingress changes, it reconfigures the listener and backend server route on the ELB according to the traffic access rule.
                                                                  3. When a user attempts to access a workload, the ELB forwards the traffic to the target workload according to the configured forwarding rule.
                                                                  -

                                                                  CCE Standard Clusters

                                                                  Figure 2 Working flow of a LoadBalancer ingress in a CCE standard cluster
                                                                  +

                                                                  CCE Standard Clusters

                                                                  Figure 2 Working flow of a LoadBalancer ingress in a CCE standard cluster
                                                                  -

                                                                  CCE Turbo Clusters Where a Shared Load Balancer Is Used

                                                                  Figure 3 Working flow of a LoadBalancer ingress in a CCE Turbo cluster where a shared load balancer is used
                                                                  +

                                                                  CCE Turbo Clusters Where a Shared Load Balancer Is Used

                                                                  Figure 3 Working flow of a LoadBalancer ingress in a CCE Turbo cluster where a shared load balancer is used

                                                                  CCE Turbo Clusters Where a Dedicated Load Balancer Is Used

                                                                  When a CCE Turbo cluster is used, pod IP addresses are directly allocated from the VPC. Dedicated load balancers enable passthrough networking to pods. When creating an ingress for external cluster access, you can use ELB to access a ClusterIP Service and use pods as the backend server of the ELB listener. In this way, external traffic can directly access the pods in the cluster without being forwarded by node ports.

                                                                  -
                                                                  Figure 4 Working flow of a LoadBalancer ingress in a CCE Turbo cluster where a dedicated load balancer is used
                                                                  +
                                                                  Figure 4 Working flow of a LoadBalancer ingress in a CCE Turbo cluster where a dedicated load balancer is used

                                                                  Working Rules of NGINX Ingress Controller

                                                                  Nginx Ingress uses ELB as the traffic ingress. The NGINX Ingress Controller add-on is deployed in a cluster to balance traffic and control access.

                                                                  NGINX Ingress Controller uses the charts and images provided by the open-source community, and issues may occur during usage. CCE periodically synchronizes the community version to fix known vulnerabilities. Check whether your service requirements can be met.

                                                                  NGINX Ingress Controller is deployed on worker nodes through pods, which will result in O&M costs and Nginx component running overheads. Figure 5 shows the working rules of NGINX Ingress Controller.

                                                                  1. After you update ingress resources, NGINX Ingress Controller writes a forwarding rule defined in the ingress resources into the nginx.conf configuration file of Nginx.
                                                                  2. The built-in Nginx component reloads the updated configuration file to modify and update the Nginx forwarding rule.
                                                                  3. When traffic accesses a cluster, the traffic is first forwarded by the created load balancer to the Nginx component in the cluster. Then, the Nginx component forwards the traffic to each workload based on the forwarding rule.
                                                                  -
                                                                  Figure 5 Working rules of NGINX Ingress Controller
                                                                  +
                                                                  Figure 5 Working rules of NGINX Ingress Controller

                                                                  Services Supported by LoadBalancer Ingresses

                                                                  - diff --git a/docs/cce/umn/cce_10_0105.html b/docs/cce/umn/cce_10_0105.html index 903565d12..8620f2b72 100644 --- a/docs/cce/umn/cce_10_0105.html +++ b/docs/cce/umn/cce_10_0105.html @@ -1,160 +1,227 @@ -

                                                                  Configuring Container Lifecycle Parameters

                                                                  -

                                                                  Scenario

                                                                  CCE provides callback functions for the lifecycle management of containerized applications. For example, if you want a container to perform a certain operation before stopping, you can register a hook function.

                                                                  -

                                                                  CCE provides the following lifecycle callback functions:

                                                                  -
                                                                  • Startup Command: executed to start a container. For details, see Startup Commands.
                                                                  • Post-Start: executed immediately after a container is started. For details, see Post-Start Processing.
                                                                  • Pre-Stop: executed before a container is stopped. The pre-stop processing function helps you ensure that the services running on the pods can be completed in advance in the case of pod upgrade or deletion. For details, see Pre-Stop Processing.
                                                                  -
                                                                  -

                                                                  Startup Commands

                                                                  By default, the default command is executed during image start. To run a specific command or rewrite the default image setting, you must perform specific operations.

                                                                  -

                                                                  A Docker image has metadata that stores image information. If lifecycle commands and arguments are not set, CCE runs the default commands and arguments, that is, Docker instructions ENTRYPOINT and CMD, provided during image creation.

                                                                  -

                                                                  If the commands and arguments used to run a container are set during application creation, the default commands ENTRYPOINT and CMD are overwritten during image build. The rules are as follows:

                                                                  +

                                                                  Configuring the Container Lifecycle

                                                                  +

                                                                  Container lifecycle hooks are core mechanisms provided by Kubernetes that enable you to insert custom logic at key phases throughout the container lifecycle. These hooks provide refined process controls over containerized applications, enabling applications to better adapt to the dynamic characteristics of the cloud native environment. CCE provides the following container lifecycle hooks. For more information, see Container Lifecycle Hooks.

                                                                  +
                                                                  • Startup Command: the command executed when a container starts. It is used to define the main process of a container. The main process is the default entry after the container starts, and its status determines the container lifecycle. This kind of hook is applicable to initialization scenarios where the application entry, environment variables, mount points, or port mapping needs to be specified.
                                                                  • PostStart Hook: used to execute initialization tasks, such as service registration and dynamic configuration generation, immediately after the main process of a container starts. Such a hook is asynchronously triggered by kubelet and runs in parallel with the main process, preventing the container startup process from being blocked and accelerating the container readiness. This kind of hook is applicable to the scenario where the environment needs to be configured or the initialization logic needs to be executed immediately after the application process starts.
                                                                  • PreStop Hook: used to execute predefined cleanup logic before a container is terminated. When a pod is deleted or updated, kubelet triggers this hook to perform operations (such as deregistering services and refreshing status), and then sends the SIGTERM signal to the main process of a container for the application to shut down gracefully. This kind of hook is applicable to the scenario where safe shutdown is required to avoid data loss or there are service exceptions.
                                                                  +

                                                                  Startup Command

                                                                  A startup command is executed when a container starts. It is used to define the main process of a container. The main process status determines the container lifecycle. If the command fails to be executed and no restart policy is configured, the container will be terminated.

                                                                  +

                                                                  By default, the default command is executed during image start. To run a specific command or rewrite the default image setting, you must perform specific operations. By default, the container executes the startup command preset in the image. Docker images contain a set of metadata fields for defining the startup behavior, including ENTRYPOINT and CMD. If the commands and arguments (specified by Command and Args) are not configured in the container specifications, the default values during image build are used.

                                                                  +

                                                                  If the commands and arguments used to run a container are configured during workload creation, the default commands ENTRYPOINT and CMD are overwritten during image build. The rules are as follows:

                                                                  -
                                                                  Table 2 Services supported by LoadBalancer ingresses

                                                                  Cluster Type

                                                                  @@ -137,9 +137,7 @@

                                                                  Supported

                                                                  Not supported

                                                                  -
                                                                  NOTE:

                                                                  ENIs are separately bound to pods in a CCE Turbo cluster, and ELB directly connects to pods. Therefore, NodePort access is not available.

                                                                  -
                                                                  +

                                                                  Supported
                                                                  Table 1 Commands and arguments used to run a container

                                                                  Image ENTRYPOINT

                                                                  +
                                                                  - - - - - - - - - - - - - - - - - - - - - - - -
                                                                  Table 1 Commands and arguments used to run a container

                                                                  Image ENTRYPOINT

                                                                  Image CMD

                                                                  +

                                                                  Image CMD

                                                                  Command to Run a Container

                                                                  +

                                                                  Command to Run a Container

                                                                  Parameters to Run a Container

                                                                  +

                                                                  Argument to Run a Container

                                                                  Command Executed

                                                                  +

                                                                  Command Executed

                                                                  [touch]

                                                                  +

                                                                  [touch]

                                                                  [/root/test]

                                                                  +

                                                                  [/root/test]

                                                                  Not set

                                                                  +

                                                                  Not set

                                                                  Not set

                                                                  +

                                                                  Not set

                                                                  [touch /root/test]

                                                                  +

                                                                  [touch /root/test]

                                                                  [touch]

                                                                  +

                                                                  [touch]

                                                                  [/root/test]

                                                                  +

                                                                  [/root/test]

                                                                  [mkdir]

                                                                  +

                                                                  [mkdir]

                                                                  Not set

                                                                  +

                                                                  Not set

                                                                  [mkdir]

                                                                  +

                                                                  [mkdir]

                                                                  [touch]

                                                                  +

                                                                  [touch]

                                                                  [/root/test]

                                                                  +

                                                                  [/root/test]

                                                                  Not set

                                                                  +

                                                                  Not set

                                                                  [/opt/test]

                                                                  +

                                                                  [/opt/test]

                                                                  [touch /opt/test]

                                                                  +

                                                                  [touch /opt/test]

                                                                  [touch]

                                                                  +

                                                                  [touch]

                                                                  [/root/test]

                                                                  +

                                                                  [/root/test]

                                                                  [mkdir]

                                                                  +

                                                                  [mkdir]

                                                                  [/opt/test]

                                                                  +

                                                                  [/opt/test]

                                                                  [mkdir /opt/test]

                                                                  +

                                                                  [mkdir /opt/test]
                                                                  -
                                                                  1. Log in to the CCE console. When creating a workload, configure container information and select Lifecycle.
                                                                  2. Enter a command and arguments on the Startup Command tab page.

                                                                    -

                                                                    Table 2 Container startup command

                                                                    Configuration Item

                                                                    +
                                                                    1. Log in to the CCE console.
                                                                    2. Click the cluster name to go to the cluster console, choose Workloads in the navigation pane, and click Create Workload in the upper right corner.
                                                                    3. In Container Settings, choose Container Information > Lifecycle > Startup Command and enter the command and arguments.

                                                                      + +
                                                                      - + + - - + - - - + + +
                                                                      Table 2 Container startup command

                                                                      Parameter

                                                                      Procedure

                                                                      +

                                                                      Example Value

                                                                      +

                                                                      Description

                                                                      +

                                                                      Example YAML

                                                                      Command

                                                                      +

                                                                      Command

                                                                      Enter an executable command, for example, /run/server.

                                                                      -

                                                                      If there are multiple executable commands, write them in different lines.

                                                                      +

                                                                      /run/server

                                                                      +

                                                                      Enter one or more executable commands. If you need multiple commands, separate them on different lines.

                                                                      NOTE:

                                                                      In the case of multiple commands, you are advised to run /bin/sh or other shell commands. Other commands are used as parameters.

                                                                      Args

                                                                      +
                                                                      ...
+spec:
+  containers:
+  - image: nginx:latest 
+    command:
+      - /run/server
+     args:
+       - '--port=8080' 
+...

                                                                      Enter the argument that controls the container running command, for example, --port=8080.

                                                                      -

                                                                      If there are multiple arguments, separate them in different lines.

                                                                      +

                                                                      Args

                                                                      +

                                                                      --port=8080

                                                                      +

                                                                      Enter one or more arguments. If you need multiple arguments, separate them on different lines.
                                                                      -

                                                                    +

                                                                  3. Configure other parameters and click Create Workload in the lower right corner. If the workload is in the Running state, the startup command is successfully executed.
                                                                    4. -

                                                                    Post-Start Processing

                                                                    1. Log in to the CCE console. When creating a workload, configure container information and select Lifecycle.
                                                                    2. Set the post-start processing parameters on the Post-Start tab page.

                                                                      -

                                                                      Table 3 Post-start processing parameters

                                                                      Parameter

                                                                      +

                                                                      PostStart Hook

                                                                      A PostStart hook, a container lifecycle hook provided by Kubernetes, is used to execute initialization tasks, such as service registration and dynamic configuration generation, immediately after the main process of a container starts. This hook is asynchronously triggered by kubelet and runs in parallel with the main process. Although the PostStart hook is executed asynchronously with the main process of the container, if the PostStart hook takes too long or is suspended, the container may not change to the Running state. If the PostStart hook fails to be executed, the container may fail to start and be terminated.

                                                                      +
                                                                      1. Log in to the CCE console.
                                                                      2. Click the cluster name to go to the cluster console, choose Workloads in the navigation pane, and click Create Workload in the upper right corner.
                                                                      3. In Container Settings, choose Container Information > Lifecycle > Post-Start and configure parameters. based on the service requirements. For example:

                                                                        • If initialization logic (such as running scripts and configuring the environment) needs to be executed in the container, select CLI.
                                                                        • If external systems or services needs to be notified (for example, when service registration is needed and a configuration center API is called), select HTTP request.
                                                                        +

                                                                        + +
                                                                        - + + - - + + - - + +
                                                                        Table 3 Post-start processing

                                                                        Processing Method

                                                                        Description

                                                                        +

                                                                        Example Value

                                                                        +

                                                                        Description

                                                                        +

                                                                        Example YAML

                                                                        CLI

                                                                        +

                                                                        CLI

                                                                        Set commands to be executed in the container for post-start processing. The command format is Command Args[1] Args[2].... Command is a system command or a user-defined executable program. If no path is specified, an executable program in the default path will be selected. If multiple commands need to be executed, write the commands into a script for execution. Commands that are executed in the background or asynchronously are not supported.

                                                                        -

                                                                        Example command:

                                                                        -
                                                                        exec: 
-  command: 
-  - /install.sh 
-  - install_agent
                                                                        -

                                                                        Enter /install install_agent in the script. This command indicates that install.sh will be executed after the container is created successfully.

                                                                        +

                                                                        /install.sh

                                                                        +

                                                                        install_agent

                                                                        +

                                                                        Used for running the commands in the container. You need to configure Command.

                                                                        +

                                                                        The command format is Command Arg[1] Arg[2]..., where Command indicates a system command or a user-defined executable program. If no path is specified, the system searches for the command in the default path. If multiple commands needed to be executed, write them into a script in the container image in advance and invoke the script using this command. The executable command must be executed synchronously or in the frontend. If it is executed asynchronously or in the backend, the lifecycle hook may fail to be executed.

                                                                        +
                                                                        ...
+lifecycle:
+  postStart:
+    exec:
+      command:
+      - /install.sh
+      - install_agent   
+...

                                                                        HTTP request

                                                                        +

                                                                        HTTP request

                                                                        Send an HTTP request for post-start processing. The related parameters are described as follows:

                                                                        -
                                                                        • Path: (optional) request URL.
                                                                        • Port: (mandatory) request port.
                                                                        • Host: (optional) requested host IP address. The default value is the IP address of the pod.
                                                                        +

                                                                        Path: /nginx

                                                                        +

                                                                        Port: 80

                                                                        +

                                                                        Host: 127.0.0.1

                                                                        +

                                                                        Used for initiating an HTTP request. The related parameters are described as follows:

                                                                        +
                                                                        • Path: (optional) request URL.
                                                                        • Port: (mandatory) requested port.
                                                                        • Host: (optional) requested host IP address. The default value is the IP address of the pod.
                                                                        +
                                                                        lifecycle:
+  postStart:
+    httpGet:
+      path: /nginx
+      port: 80
+      host: 127.0.0.1
+      scheme: HTTP
+...
                                                                        -

                                                                      +

                                                                    3. Configure other parameters and click Create Workload in the lower right corner. After a period of time, the workload status changes to Running.
                                                                      4. -

                                                                      Pre-Stop Processing

                                                                      1. Log in to the CCE console. When creating a workload, configure container information and select Lifecycle.
                                                                      2. Set the pre-start processing parameters on the Pre-Stop tab page.

                                                                        -

                                                                        Table 4 Pre-stop processing parameters

                                                                        Parameter

                                                                        +

                                                                        PreStop Hook

                                                                        If a container crashes or exits abnormally, the PreStop hook will not be triggered. The pod's termination grace period starts to count down before the PreStop hook is executed. Regardless of the outcome of the hook handler, the container will be terminated within the pod's termination grace period unless the finalizer delays the termination process. Other management operations on the container are blocked until the PreStop hook is complete or the termination grace period is reached.

                                                                        +
                                                                        1. Log in to the CCE console.
                                                                        2. Click the cluster name to go to the cluster console, choose Workloads in the navigation pane, and click Create Workload in the upper right corner.
                                                                        3. In Container Settings, choose Container Information > Lifecycle > Pre-Stop and configure parameters.

                                                                          + +
                                                                          - + + - - + + - - + +
                                                                          Table 4 Pre-stop processing parameters

                                                                          Parameter

                                                                          Description

                                                                          +

                                                                          Example Value

                                                                          +

                                                                          Description

                                                                          +

                                                                          Example YAML

                                                                          CLI

                                                                          +

                                                                          CLI

                                                                          Set commands to be executed in the container for pre-stop processing. The command format is Command Args[1] Args[2].... Command is a system command or a user-defined executable program. If no path is specified, an executable program in the default path will be selected. If multiple commands need to be executed, write the commands into a script for execution.

                                                                          -

                                                                          Example command:

                                                                          -
                                                                          exec: 
-  command: 
-  - /uninstall.sh 
-  - uninstall_agent
                                                                          -

                                                                          Enter /uninstall uninstall_agent in the script. This command indicates that uninstall.sh will be executed before the container completes its execution and stops running.

                                                                          +

                                                                          /uninstall.sh

                                                                          +

                                                                          uninstall_agent

                                                                          +

                                                                          Used for running the commands in the container. You need to configure Command.

                                                                          +

                                                                          The command format is Command Arg[1] Arg[2]..., where Command indicates a system command or a user-defined executable program. If no path is specified, the system searches for the command in the default path. If multiple commands needed to be executed, write them into a script in the container image in advance and invoke the script using this command.

                                                                          +
                                                                          ...
+lifecycle:
+  preStop:
+    exec:
+      command:
+      - /uninstall.sh
+      - uninstall_agent   
+...

                                                                          HTTP request

                                                                          +

                                                                          HTTP request

                                                                          Send an HTTP request for pre-stop processing. The related parameters are described as follows:

                                                                          -
                                                                          • Path: (optional) request URL.
                                                                          • Port: (mandatory) request port.
                                                                          • Host: (optional) requested host IP address. The default value is the IP address of the pod.
                                                                          +

                                                                          Path: /nginx

                                                                          +

                                                                          Port: 80

                                                                          +

                                                                          Host: 127.0.0.1

                                                                          +

                                                                          Used for initiating an HTTP request. The related parameters are described as follows:

                                                                          +
                                                                          • Path: (optional) request URL.
                                                                          • Port: (mandatory) requested port.
                                                                          • Host: (optional) requested host IP address. The default value is the IP address of the pod.
                                                                          +
                                                                          lifecycle:
+  preStop:
+    httpGet:
+      path: /nginx
+      port: 80
+      host: 127.0.0.1
+      scheme: HTTP
+...
                                                                          -

                                                                        +

                                                                      3. Configure other parameters and click Create Workload in the lower right corner. After a period of time, the workload status changes to Running.
                                                                        4. -

                                                                        YAML Example

                                                                        This section uses Nginx as an example to describe how to set the container lifecycle.

                                                                        -

                                                                        In the following configuration file, the postStart command is defined to run the install.sh command in the /bin/bash directory. preStop is defined to run the uninstall.sh command.

                                                                        -
                                                                        apiVersion: apps/v1
+
                                                                        Example YAML
                                                                        1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                        2. Create a YAML file for configuring a workload. In this example, the file name is lifecycle.yaml. You can change it as needed.
                                                                          vim lifecycle.yaml
                                                                          
+
                                                                          The file content is as follows:
                                                                          apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: nginx
@@ -170,24 +237,33 @@ spec:
     spec:
       containers:
       - image: nginx 
-        command:
-        - sleep 3600                        # Startup command
+        command:
+        - sleep 3600                        #Startup command: suspends the current process for 3,600s.
         imagePullPolicy: Always
         lifecycle:
-          postStart:
-            exec:
-              command:
-              - /bin/bash
-              - install.sh                  # Post-start command
-          preStop:
-            exec:
-              command:
-              - /bin/bash
-              - uninstall.sh                 # Pre-stop command
+         postStart:
+           exec:
+              command:
+              - /bin/bash
+              - install.sh                  #Post-start command: Run the install.sh command in /bin/bash.
+         preStop:
+            exec:
+              command:
+              - /bin/bash
+              - uninstall.sh                 #Pre-stop command: Run the uninstall.sh command in /bin/bash.
         name: nginx
       imagePullSecrets:
       - name: default-secret
                                                                          
 
                                                                          
+
                                                                        3. Create the workload.
                                                                          kubectl create -f lifecycle.yaml
                                                                          
+
                                                                          If information similar to the following is displayed, the workload is being created:
                                                                          
+
                                                                          deployment.apps/nginx created
                                                                          
+
                                                                        4. Check the workload status.
                                                                          kubectl get deployment
                                                                          
+
                                                                          If all the pods of the workload are available, the workload has been created.
                                                                          
+
                                                                          NAME     READY   UP-TO-DATE   AVAILABLE   AGE
+nginx      1/1     1            1           4m59s
                                                                          
+
                                                                        
+
                                                                        diff --git a/docs/cce/umn/cce_10_0107.html b/docs/cce/umn/cce_10_0107.html index 6a0b70aca..7d99378d2 100644 --- a/docs/cce/umn/cce_10_0107.html +++ b/docs/cce/umn/cce_10_0107.html @@ -1,48 +1,59 @@

                                                                        Accessing a Cluster Using kubectl

                                                                        -
                                                                        kubectl is a command-line tool provided by Kubernetes, enabling you to manage cluster resources, view cluster status, deploy applications, and debug issues through the CLI. To access a CCE cluster using kubectl, you can use either of the following methods:
                                                                        • Intranet access: The client connects to the cluster's API server using an intranet IP address. This method keeps data traffic within the internal network, enhancing security by avoiding the Internet.
                                                                        • Internet access: The cluster's API server exposes a public API, allowing clients to access the Kubernetes cluster over the Internet.
                                                                        +
                                                                        kubectl is a command-line tool provided by Kubernetes, enabling you to manage cluster resources, view cluster status, deploy applications, and debug issues through the CLI. To access a CCE cluster using kubectl, you can use either of the following methods:
                                                                        • Intranet access: Clients access the cluster's API server via an intranet IP address, keeping data traffic internal and enhancing security.
                                                                        • Internet access: The cluster's API server exposes a public API, allowing clients to access the Kubernetes cluster over the Internet. When using Internet access, you can choose whether to enable two-way domain name trust.
                                                                          • If two-way domain name trust is disabled, kubectl and the API server use one-way certificate authentication, which is less secure. In this mode, only kubectl verifies the API server's certificate, while the API server does not verify kubectl's certificate.
                                                                          • If two-way domain name trust is enabled, kubectl and the API server use mutual certificate authentication, which is more secure. In this mode, kubectl verifies the API server's certificate, and the API server verifies kubectl's certificate (specified in the client-certificate-data field in the kubeconfig file). For more details, see Two-Way Domain Name Trust.
                                                                          +

                                                                        This section uses a CCE standard cluster as an example to describe how to access a CCE cluster using kubectl.

                                                                        -

                                                                        Prerequisites

                                                                        • Before using intranet access, ensure that the client and the cluster to be accessed are in the same VPC.
                                                                        • Before using Internet access, ensure that the client can access the Internet and that an EIP has been bound to the target cluster. For details about how to bind an EIP, see Procedure.

                                                                          In a cluster with an EIP bound, kube-apiserver will be exposed to the Internet and may be attacked. To resolve this issue, you can configure Advanced Anti-DDoS for the EIP of the node on which kube-apiserver runs or configure security group rules.

                                                                          +

                                                                          How It Works

                                                                          kubectl retrieves cluster information from a kubeconfig file and communicates with the Kubernetes API server. The kubeconfig file is the identity credential for kubectl to access the Kubernetes cluster. It contains the API server address, user authentication credentials, and other configuration details. With these details, kubectl can interact with the Kubernetes cluster to perform management tasks.

                                                                          +
                                                                          Figure 1 Using kubectl to access a cluster
                                                                          +
                                                                          +

                                                                          Prerequisites

                                                                          • A client computer that can access the Internet is available.
                                                                          • Before using intranet access, ensure that the client and the cluster to be accessed are in the same VPC.
                                                                          • Before using Internet access, ensure the cluster to be accessed has an EIP bound. For details about how to bind an EIP, see Procedure.

                                                                            In a cluster with an EIP bound, kube-apiserver will be exposed to the Internet and may be attacked. To resolve this issue, you can configure Advanced Anti-DDoS for the EIP of the node on which kube-apiserver runs or configure security group rules.

                                                                          -

                                                                          Notes and Constraints

                                                                          When you access a cluster using kubectl, CCE uses kubeconfig generated on the cluster for authentication. This file contains user information, based on which CCE determines which Kubernetes resources can be accessed via kubectl. Since the kubeconfig file contains user identity details, the permissions associated with that user are inherited when accessing the cluster via kubectl.

                                                                          +

                                                                          Notes and Constraints

                                                                          A kubeconfig file contains user authentication credentials. When you use this file to access a cluster, kubectl accesses the cluster based on the credentials and permissions specified in the file.

                                                                          For details about user permissions, see Cluster Permissions (IAM-based) and Namespace Permissions (Kubernetes RBAC-based).

                                                                          -

                                                                          Procedure

                                                                          Before using kubectl to access a cluster, install kubectl on the client. Then, download the kubectl configuration file from the cluster and copy it to the client. Once configured, the client can access the target cluster. The process is as follows:

                                                                          -
                                                                          1. Download kubectl.

                                                                            Prepare a computer that can access the public network and install kubectl in CLI mode. You can run the kubectl version command to check whether kubectl has been installed. If kubectl has been installed, skip this step.

                                                                            -

                                                                            This section uses the Linux environment as an example to describe how to install and configure kubectl. For details, see Installing kubectl.

                                                                            -
                                                                            1. Log in to your client and download kubectl.
                                                                              cd /home
-curl -LO https://dl.k8s.io/release/{v1.25.0}/bin/linux/amd64/kubectl
                                                                              -

                                                                              {v1.25.0} specifies the version. Replace it as required.

                                                                              -
                                                                            2. Install kubectl.
                                                                              chmod +x kubectl
+
                                                                              Step 1: Download kubectl
                                                                              Before using kubectl to access a cluster, install kubectl on the client. Run the kubectl version command to check whether kubectl is installed. If it is, skip this step. This section uses Linux as an example to describe how to install and configure kubectl. For details, see Installing kubectl.
                                                                              
+
                                                                              1. Log in to your client computer and download kubectl. v1.25.0 specifies the version. Replace it as needed.
                                                                                cd /home
+curl -LO https://dl.k8s.io/release/v1.25.0/bin/linux/amd64/kubectl
                                                                                
+
                                                                              2. Run the following command to install kubectl:
                                                                                chmod +x kubectl
 mv -f kubectl /usr/local/bin
                                                                                
-
                                                                              
-
                                                                            3. Obtain the kubectl configuration file.

                                                                              1. On the Overview page, locate the Connection Information area, and click Configure next to kubectl.

                                                                                -
                                                                              2. In the window that slides out from the right, locate the Download the kubeconfig file area, select Intranet access or Public network access for Current data, and download the configuration file.
                                                                              -
                                                                              • The kubectl configuration file kubeconfig is used for cluster authentication. If the file is leaked, your clusters may be attacked.
                                                                              • The Kubernetes permissions assigned by the configuration file downloaded by IAM users are the same as those assigned to the IAM users on the CCE console.
                                                                              • If the KUBECONFIG environment variable is configured in the Linux OS, kubectl preferentially loads the KUBECONFIG environment variable instead of $home/.kube/config.
                                                                              -
                                                                              -

                                                                            4. Configure kubectl.

                                                                              Configure kubectl (A Linux OS is used).
                                                                              1. Log in to your client and copy the configuration file (for example, kubeconfig.yaml) downloaded in 2 to the /home directory on your client.
                                                                              2. Configure the kubectl authentication file.
                                                                                cd /home
-mkdir -p $HOME/.kube
-mv -f kubeconfig.yaml $HOME/.kube/config
                                                                                -
                                                                              3. Switch the kubectl access mode based on service scenarios.
                                                                                • Run this command to enable intra-VPC access:
                                                                                  kubectl config use-context internal
                                                                                  -
                                                                                • Run this command to enable public access (EIP required):
                                                                                  kubectl config use-context external
                                                                                  -
                                                                                • Run this command to enable public access and two-way authentication (EIP required):
                                                                                  kubectl config use-context externalTLSVerify
                                                                                  -

                                                                                  For details about the cluster two-way authentication, see Two-Way Authentication for Domain Names.

                                                                                  -
                                                                                -
                                                                              +

                                                                            5. Run the following command to check whether kubectl has been installed:

                                                                              kubectl version
                                                                              +

                                                                              If information similar to the following is displayed, kubectl has been installed:

                                                                              +
                                                                              Client Version: xxx
+Kustomize Version: xxx
+Server Version: xxx
                                                                              +

                                                                          -

                                                                        • Run the following command on the client to check whether the client can access the cluster using kubectl:

                                                                          kubectl cluster-info    # Check the cluster information.
                                                                          -

                                                                          If the following information is displayed, the client can access the cluster using kubectl:

                                                                          -
                                                                          Kubernetes control plane is running at https://xx.xx.xx.xx:5443
+
                                                                          Step 2: Obtain the kubectl Configuration File (kubeconfig)
                                                                          Obtain the kubeconfig file from the cluster for access.
                                                                          
+
                                                                          1. On the Overview page, locate the Connection Information area, and click Configure next to kubectl.
                                                                            
+
                                                                          2. In the window that slides out from the right, locate the Download the kubeconfig file area, select Private access or Public access for Current data, and copy the configuration file.
                                                                            
+
                                                                             
                                                                            • The kubectl configuration file kubeconfig is used for cluster authentication. If the file is leaked, your clusters may be attacked.
                                                                            • The Kubernetes permissions assigned by the configuration file downloaded by IAM users are the same as those assigned to the IAM users on the CCE console.
                                                                            • In Linux, if the KUBECONFIG environment variable is set, kubectl will load it instead of $home/.kube/config.
                                                                            • An issued kubeconfig certificate remains valid even if the user who requested it is deleted. To ensure cluster security, manually revoke the user's cluster access credentials. For details, see Revoking a Cluster Access Credential.
                                                                            
+
                                                                            
+
                                                                          
+
                                                                          
+
                                                                          Step 3: Configure kubectl
                                                                          The kubeconfig file is stored on the client, and kubectl uses it to access and interact with the cluster.
                                                                          
+
                                                                          1. Log in to your client.
                                                                          2. Create the kubeconfig.yaml file, the name of which is customizable. The file is used to store the configuration file information obtained in 2.
                                                                            vim kubeconfig.yaml
                                                                            
+
                                                                            Copy the configuration file information obtained in 2 to kubeconfig.yaml and save the file.
                                                                            
+
                                                                          3. Save the kubeconfig.yaml file to $HOME/.kube/config. kubectl will automatically read from it. If you save the kubeconfig.yaml file in a different path, set the KUBECONFIG environment variable to point to that path.
                                                                            cd /home
+mkdir -p $HOME/.kube
+mv -f ~/kubeconfig.yaml $HOME/.kube/config  # Change kubeconfig.yaml to the file name.
                                                                            
+
                                                                          4. Switch the kubectl access mode based on service scenarios.
                                                                            • If private access is used via a VPC, run the following command:
                                                                              kubectl config use-context internal
                                                                              
+
                                                                            • If public access is enabled and two-way domain name trust is not required, ensure the cluster is bound to an EIP. Then, run the following command:
                                                                              kubectl config use-context external
                                                                              
+
                                                                            • If public access is enabled and two-way domain name trust is required, ensure the cluster is bound to an EIP. Then, run the following command:
                                                                              kubectl config use-context externalTLSVerify
                                                                              
+
                                                                              For more details, see Two-Way Domain Name Trust.
                                                                              
+
                                                                            
+
                                                                          5. Run the following command on the client to check whether the client can access the cluster using kubectl:
                                                                            kubectl cluster-info    # Check the cluster information.
                                                                            
+
                                                                            If the following information is displayed, the client can access the cluster using kubectl:
                                                                            
+
                                                                            Kubernetes control plane is running at https://xx.xx.xx.xx:5443
 CoreDNS is running at https://xx.xx.xx.xx:5443/api/v1/namespaces/kube-system/services/coredns:dns/proxy
 To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
                                                                            
 
                                                                          
 
                                                                          
-
                                                                          Two-Way Authentication for Domain Names
                                                                          Two-way domain name authentication is a mutual authentication mechanism that verifies the identities of both the client and server. This mode enhances security between clusters and clients, preventing unauthorized access.
                                                                          
-
                                                                          • After an EIP is bound to an API Server, two-way domain name authentication is disabled by default if kubectl is used to access the cluster. You can run kubectl config use-context externalTLSVerify to enable the two-way domain name authentication.
                                                                          • When an EIP is bound to or unbound from a cluster, or a custom domain name is configured or updated, the cluster server certificate will be added the latest cluster access address (including the EIP bound to the cluster and all custom domain names configured for the cluster).
                                                                          • Asynchronous cluster synchronization takes about 5 to 10 minutes. You can view the synchronization result in Synchronize Certificate in Operation Records.
                                                                          • For a cluster that has been bound to an EIP, if the authentication fails (x509: certificate is valid) when two-way authentication is used, bind the EIP again and download kubeconfig.yaml again.
                                                                          • If the two-way domain name authentication is not supported, kubeconfig.yaml contains the "insecure-skip-tls-verify": true field, as shown in Figure 1. To use two-way authentication, download the kubeconfig.yaml file again and enable two-way authentication for the domain names.
                                                                            Figure 1 Two-way authentication disabled for domain names
                                                                            
+
                                                                            Two-Way Domain Name Trust
                                                                            Two-way domain name trust is a mutual authentication mechanism that verifies the identities of both the client and server. This mode enhances security between clusters and clients, preventing unauthorized access.
                                                                            
+
                                                                            • After an EIP is bound to an API server, two-way domain name trust is disabled by default if kubectl is used to access the cluster. You can run kubectl config use-context externalTLSVerify to enable the two-way domain name trust.
                                                                            • When an EIP is bound to or unbound from a cluster, or a custom domain name is configured or updated, the cluster server certificate will be added the latest cluster access address (including the EIP bound to the cluster and all custom domain names configured for the cluster).
                                                                            • Asynchronous cluster synchronization takes about 5 to 10 minutes. You can view the synchronization result in Synchronize Certificate in Operation Records.
                                                                            • For a cluster that has been bound to an EIP, if the authentication fails (x509: certificate is valid) when two-way trust is used, bind the EIP again and download kubeconfig.yaml again.
                                                                            • If the two-way domain name trust is not supported, kubeconfig.yaml contains the "insecure-skip-tls-verify": true field, as shown in Figure 2. To use two-way trust, download the kubeconfig.yaml file again and enable two-way domain name trust.
                                                                              Figure 2 Two-way trust disabled for domain names
                                                                              
 
                                                                            
 
                                                                            
 
                                                                            Common Issues
                                                                            • Error from server Forbidden
                                                                              When you use kubectl to create or query Kubernetes resources, the following output is returned:
                                                                              
@@ -50,13 +61,13 @@ To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
 
                                                                              The cause is that the user does not have the permissions to operate the Kubernetes resources. For details about how to assign permissions, see Namespace Permissions (Kubernetes RBAC-based).
                                                                              
 
                                                                            • The connection to the server localhost:8080 was refused
                                                                              When you use kubectl to create or query Kubernetes resources, the following output is returned:
                                                                              
 
                                                                              The connection to the server localhost:8080 was refused - did you specify the right host or port?
                                                                              
-
                                                                              The cause is that cluster authentication is not configured for the kubectl client. For details, see 3.
                                                                              
+
                                                                              The cause is that cluster authentication is not configured for the kubectl client. For details, see Step 2: Obtain the kubectl Configuration File (kubeconfig).
                                                                              
 
                                                                            
 
                                                                            
 
                                                                          
 
                                                                          
 
                                                                          
-
                                                                          Parent topic: Connecting to a Cluster
                                                                          
+
                                                                          Parent topic: Accessing a Cluster
                                                                          
 
                                                                          
 
                                                                          
 
diff --git a/docs/cce/umn/cce_10_0111.html b/docs/cce/umn/cce_10_0111.html
index 4905d5568..d007e901d 100644
--- a/docs/cce/umn/cce_10_0111.html
+++ b/docs/cce/umn/cce_10_0111.html
@@ -1,11 +1,11 @@
 
 
-
                                                                          Scalable File Service
                                                                          
+
                                                                          SFS
                                                                          
 
                                                                          
 
                                                                          
 
                                                                          
 
                                                                            
-
                                                                          • Overview
                                                                            
+
                                                                          • SFS Overview
                                                                            
 
                                                                            • 
 
                                                                          • Using an Existing SFS File System Through a Static PV
                                                                            
 
                                                                            • 
diff --git a/docs/cce/umn/cce_10_0112.html b/docs/cce/umn/cce_10_0112.html
index 596d8d1fc..68b59d647 100644
--- a/docs/cce/umn/cce_10_0112.html
+++ b/docs/cce/umn/cce_10_0112.html
@@ -1,70 +1,204 @@
 
 
 
                                                                            Configuring Container Health Check
                                                                            
-
                                                                            Scenario
                                                                            Health check regularly checks the health status of containers during container running. If the health check function is not configured, a pod cannot detect application exceptions or automatically restart the application to restore it. This will result in a situation where the pod status is normal but the application in the pod is abnormal.
                                                                            
-
                                                                            Kubernetes provides the following health check probes:
                                                                            
-
                                                                            • Liveness probe (livenessProbe): checks whether a container is still alive. It is similar to the ps command that checks whether a process exists. If the liveness check of a container fails, the cluster restarts the container. If the liveness check is successful, no operation is executed.
                                                                            • Readiness probe (readinessProbe): checks whether a container is ready to process user requests. Upon that the container is detected unready, service traffic will not be directed to the container. It may take a long time for some applications to start up before they can provide services. This is because that they need to load disk data or rely on startup of an external module. In this case, although the application process has started, the application cannot provide services. To address this issue, this health check probe is used. If the container readiness check fails, the cluster masks all requests sent to the container. If the container readiness check is successful, the container can be accessed. 
                                                                            • Startup probe (startupProbe): checks when a containerized application has started. If such a probe is configured, it disables liveness and readiness checks until it succeeds, ensuring that those probes do not interfere with the application startup. This can be used to adopt liveness checks on slow starting containers, avoiding them getting terminated by the kubelet before they are started.
                                                                            
+
                                                                            Scenario
                                                                            Health check regularly checks the health of containers when the containers are running. If health check is not configured, a pod cannot detect application exceptions or automatically restart the application to recover it. As a result, the pod may be in the Running state, but the application is unavailable or abnormal.
                                                                            
+
                                                                            Kubernetes provides three types of health check probes to monitor the applications in containers for system stability and high availability.
                                                                            
+
                                                                            • Liveness probe: checks whether a container is still alive. It is similar to the ps command that checks whether a process exists. If a liveness probe fails, the cluster restarts the container. If the liveness probe is successful, no further action is taken.
                                                                            • Readiness probe: checks whether the application in a container is ready to receive traffic. In some scenarios, an application has started, but it is not ready to provide services because a large amount of disk data needs to be loaded or external services need to be initialized. In this case, you can use a readiness probe to prevent traffic from being routed to the application. If the readiness probe fails, the CCE cluster temporarily removes the container from the endpoint list of the Service to block external requests. If the readiness probe is successful, the container is considered ready and can receive traffic.
                                                                            • Startup probe: checks whether the application in a container has started. The cluster starts the liveness and readiness checks only when the startup probe is successful to ensure that the checks do not affect the application startup. This kind of probe works well for containers that take a long time to start. They can effectively prevent containers from being incorrectly considered as abnormal and terminated before the initialization is complete.
                                                                            
+
                                                                            For more information, see Liveness, Readiness, and Startup Probes and Configure Liveness, Readiness and Startup Probes.
                                                                            
 
                                                                            
-
                                                                            Check Method
                                                                            • HTTP request
                                                                              This health check mode applies to containers that provide HTTP/HTTPS services. The cluster periodically initiates an HTTP/HTTPS GET request to such containers. If the return code of the HTTP/HTTPS response is within 200–399, the probe is successful. Otherwise, the probe fails. In this health check mode, you must specify a container listening port and an HTTP/HTTPS request path.
                                                                              
-
                                                                              For example, for a container that provides HTTP services, the HTTP check path is /health-check, the port is 80, and the host address is optional (which defaults to the container IP address). Here, 172.16.0.186 is used as an example, and we can get such a request: GET http://172.16.0.186:80/health-check. The cluster periodically initiates this request to the container. You can also add one or more headers to an HTTP request. For example, set the request header name to Custom-Header and the corresponding value to example.
                                                                              
-
                                                                            • TCP port
                                                                              For a container that provides TCP communication services, the cluster periodically establishes a TCP connection to the container. If the connection is successful, the probe is successful. Otherwise, the probe fails. In this health check mode, you must specify a container listening port.
                                                                              
-
                                                                              For example, if you have an Nginx container with service port 80, after you specify TCP port 80 for container listening, the cluster will periodically initiate a TCP connection to port 80 of the container. If the connection is successful, the probe is successful. Otherwise, the probe fails.
                                                                              
-
                                                                            • CLI
                                                                              CLI is an efficient tool for health check. When using the CLI, you must specify an executable command in a container. The cluster periodically runs the command in the container. If the command output is 0, the health check is successful. Otherwise, the health check fails.
                                                                              
-
                                                                              The CLI mode can be used to replace the HTTP request-based and TCP port-based health check.
                                                                              
-
                                                                              • For a TCP port, you can use a program script to connect to a container port. If the connection is successful, the script returns 0. Otherwise, the script returns –1.
                                                                              • For an HTTP request, you can use the script command to run the wget command to detect the container.
                                                                                wget http://127.0.0.1:80/health-check
                                                                                
-
                                                                                Check the return code of the response. If the return code is within 200–399, the script returns 0. Otherwise, the script returns –1.
                                                                                
-
                                                                                 
                                                                                • Put the program to be executed in the container image so that the program can be executed. 
                                                                                • If the command to be executed is a shell script, do not directly specify the script as the command, but add a script parser. For example, if the script is /data/scripts/health_check.sh, you must specify sh/data/scripts/health_check.sh for command execution.
                                                                                
-
                                                                                
-
                                                                              
-
                                                                            • gRPC check
                                                                              gRPC checks can configure startup, liveness, and readiness probes for your gRPC application without exposing any HTTP endpoint, nor do you need an executable. Kubernetes can connect to your workload via gRPC and obtain its status.
                                                                               
                                                                              • The gRPC check is supported only in CCE clusters of v1.25 or later.
                                                                              • To use gRPC for check, your application must support the gRPC health checking protocol.
                                                                              • Similar to HTTP and TCP probes, if the port is incorrect or the application does not support the health checking protocol, the check fails.
                                                                              
-
                                                                              
-
                                                                              
-
                                                                            
-
                                                                            
-
                                                                            Common Parameters
                                                                            
-
                                                                            Table 1 Common parameters
                                                                            Parameter
                                                                            
+
                                                                            Configuring Container Health Check
                                                                            1. Log in to the CCE console.
                                                                            2. When creating a workload, select Health Check in Container Information.
                                                                            3. Select and configure a proper probe based on your requirements. The parameters of the liveness, readiness, and startup probes are basically the same. A liveness probe is used as an example to describe the parameters. The parameter meanings of other probes are the same.
                                                                              
+
+
                                                                              
-
-
-
-
+
                                                                              Table 1 Probe parameter
                                                                              Parameter
                                                                              
 
                                                                              Description
                                                                              
+
                                                                              Description
                                                                              
                                                                               		
 
                                                                              
 
                                                                              Period (periodSeconds)
                                                                              
+
                                                                              Check Method
                                                                              
 
                                                                              Indicates the probe detection period, in seconds.
                                                                              
-
                                                                              For example, if this parameter is set to 30, the detection is performed every 30 seconds.
                                                                              
+
                                                                              There are four options. Select one based on your service scenario. For details about the specific parameters of each check method, see "Specific Parameters" in this section. For details about common parameters such as the check period and delay, see Common Parameters.
                                                                              
+
                                                                              • HTTP: applies to a container that provides services over HTTP/HTTPS. The cluster will periodically initiate an HTTP/HTTPS GET request to the container. If the HTTP/HTTPS response status code is within 200–399, the probe is successful. Otherwise, the probe fails. You must specify the port that the container listens on.
                                                                              • TCP: applies to a container that provides services over TCP (such as databases, caches, and custom TCP services). The cluster will periodically establish a TCP connection to the container. If the connection is successful, the probe is successful. Otherwise, the probe fails. You must specify the port that the container listens on.
                                                                              • Command: You must specify an executable command in a container. The cluster will periodically run the command in the container. If the command output is 0, the health check is successful. Otherwise, the health check fails.
                                                                              • GRPC Check: applies to gRPC applications. You do not need to expose HTTP ports or depend on external executable scripts. The container health check can be implemented through standard gRPC APIs.
                                                                              
                                                                               		
 
                                                                              Delay (initialDelaySeconds)
                                                                              
+
                                                                              
+
                                                                              
+
                                                                            4. Configure other parameters and click Create Workload in the lower right corner. If the workload is in the Running state, the startup command is successfully executed.
                                                                            
+
                                                                            
+
                                                                            Specific Parameters
                                                                            • HTTP
                                                                              This option applies to a container that provides services over HTTP/HTTPS. The cluster will periodically send an HTTP/HTTPS GET request to the container and determine the probe results based on HTTP status codes. The details are as follows:
                                                                              
+
                                                                              • If the response status code is within 200–399, the probe is successful.
                                                                              • If the response status code is not within 200–399, the probe fails.
                                                                              
+
                                                                              The following describes the parameters specific to the HTTP request-based check. The example values in Table 2 indicate that the cluster periodically sends "GET http://172.16.0.186:80/health-check" to the container to check its health.
                                                                              
+
                                                                              
+
+
                                                                              
+
+
+
+
+
-
+
-
-
+
-
-
+
-
-
+
+
+
+
                                                                              Table 2 Parameters specific to the HTTP request-based check
                                                                              Parameter
                                                                              
+
                                                                              Example Value
                                                                              
+
                                                                              Description
                                                                              
+
                                                                              Path
                                                                              
 
                                                                              Check delay time in seconds. Set this parameter according to the normal startup time of services.
                                                                              
-
                                                                              For example, if this parameter is set to 30, the health check will be started 30 seconds after the container is started. The time is reserved for containerized services to start.
                                                                              
+
                                                                              /health-check
                                                                              
+
                                                                              HTTP or HTTPS request path for health check. Use an absolute path starting with a slash (/).
                                                                              
                                                                               		
 
                                                                              Timeout (timeoutSeconds)
                                                                              
+
                                                                              Port
                                                                              
 
                                                                              Number of seconds after which the probe times out. Unit: second. 
                                                                              
-
                                                                              For example, if this parameter is set to 10, the timeout wait time for performing a health check is 10s. If the wait time elapses, the health check is regarded as a failure. If the parameter is left blank or set to 0, the default timeout time is 1s. 
                                                                              
+
                                                                              80
                                                                              
+
                                                                              (Mandatory) Container listening port, which is used to locate the container in the pod.
                                                                              
                                                                               		
 
                                                                              Success Threshold (successThreshold)
                                                                              
+
                                                                              Host Address
                                                                              
 
                                                                              Minimum consecutive successes for the probe to be considered successful after having failed. For example, if this parameter is set to 1, the workload status is normal only when the health check is successful for one consecutive time after the health check fails.
                                                                              
-
                                                                              The default value is 1, which is also the minimum value.
                                                                              
-
                                                                              The value of this parameter is fixed to 1 in Liveness Probe and Startup Probe.
                                                                              
+
                                                                              172.16.0.186
                                                                              
+
                                                                              IP address of the requested host. If this parameter is not set, the IP address of the pod is used by default.
                                                                              
                                                                               		
 
                                                                              Failure Threshold (failureThreshold)
                                                                              
+
                                                                              Protocol
                                                                              
 
                                                                              Number of retry times when the detection fails.
                                                                              
-
                                                                              Giving up in case of liveness probe means to restart the container. In case of readiness probe the pod will be marked Unready.
                                                                              
-
                                                                              The default value is 3, and the minimum value is 1.
                                                                              
+
                                                                              HTTP
                                                                              
+
                                                                              Protocol used to send requests. The value must match the service type provided by the container.
                                                                              
+
                                                                              
+
                                                                              
+
                                                                            • TCP
                                                                              This option applies to a container that provides services over TCP (such as databases, caches, and custom TCP services). The cluster will periodically establish a TCP connection to the container to check the container health. If the connection is successful, the probe is successful. Otherwise, the probe fails. You must specify the port that the container listens on.
                                                                              
+
                                                                              The following describes the parameters specific to the TCP port-based check. Assume that the listening port of an Nginx container is 80. If a TCP probe is configured for the container and the probe port is set to 80, the cluster will periodically establish a TCP connection to the port. If the connection is successful, the probe is successful. Otherwise, the probe fails.
                                                                              
+
                                                                              
+
+
                                                                              
+
+
+
+
+
+
+
+
+
+
                                                                              Table 3 Parameters specific to the TCP port-based check
                                                                              Parameter
                                                                              
+
                                                                              Example Value
                                                                              
+
                                                                              Description
                                                                              
+
                                                                              Port
                                                                              
+
                                                                              80
                                                                              
+
                                                                              (Mandatory) Container listening port, which is used to locate the container in the pod.
                                                                              
+
                                                                              
+
                                                                              
+
                                                                            • Command
                                                                              This option is a flexible health check method that allows you to specify the command in a container. The cluster will periodically run the command in the container to check the container status. If the command output is 0, the health check is successful. Otherwise, the health check fails.
                                                                              
+
                                                                              For TCP port- and HTTP request-based checks, you can also specify commands to achieve similar effects. For example, the example values in Table 4 can achieve the effect of HTTP request-based checks.
                                                                              
+
                                                                              
+
+
                                                                              
+
+
+
+
+
+
+
+
+
+
                                                                              Table 4 Parameters specific to the command-based check
                                                                              Parameter
                                                                              
+
                                                                              Example Value
                                                                              
+
                                                                              Description
                                                                              
+
                                                                              Command
                                                                              
+
                                                                              /bin/sh
                                                                              
+
                                                                              -c
                                                                              
+
                                                                              curl -sf http://172.16.0.186:80/health-check || exit 1
                                                                              
+
                                                                              Command executed in the container to check the container status.
                                                                              
+
                                                                               NOTE: 
                                                                              • Before using this method, you must pack the program or tool into the container image. The cluster will directly execute the command in the container, so the file systems of the host machine or other containers cannot be accessed. If the program or tool (such as curl, nc, or a custom script) that the command depends on is not included in the image, "Command not found" is displayed.
                                                                              • If the command is a shell script, you must specify the script parser. The cluster does not execute probes in an interactive terminal environment. For this reason, you cannot directly execute the script as a command. You must use the script editor to invoke the script. For example, if the script is located in /data/scripts/health_check.sh, you need to execute sh /data/scripts/health_check.sh.
                                                                              
+
                                                                              
+
                                                                              
+
                                                                              
+
                                                                            • gRPC Check
                                                                              This option applies to gRPC applications. You do not need to expose HTTP ports or depend on external executable scripts. The container health check can be implemented through standard gRPC APIs. A gRPC check can be used only if the following conditions are met:
                                                                              • The CCE clusters are of v1.25 or later.
                                                                              • Your application supports the gRPC health check protocol.
                                                                              • The port is correct. Similar to HTTP request- and TCP port-based checks, if the port is incorrect, the application does not support the health check protocol, or there are another configuration error, the probe fails.
                                                                              
+
                                                                              
+
                                                                              
+
+
                                                                              
+
+
+
+
+
+
+
+
+
+
                                                                              Table 5 Parameters specific to a gRPC check
                                                                              Parameter
                                                                              
+
                                                                              Example Value
                                                                              
+
                                                                              Description
                                                                              
+
                                                                              Port
                                                                              
+
                                                                              80
                                                                              
+
                                                                              (Mandatory) Container listening port, which is used to locate the container in the pod.
                                                                              
+
                                                                              
+
                                                                              
+
                                                                            
+
                                                                            
+
                                                                            Common Parameters
                                                                            
+
                                                                            
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                            Table 6 Common parameters
                                                                            Parameter
                                                                            
+
                                                                            Description
                                                                            
+
                                                                            Example YAML
                                                                            
+
                                                                            Period (periodSeconds)
                                                                            
+
                                                                            Probe detection period, in seconds.
                                                                            
+
                                                                            For example, if this parameter is set to 30, the probe is performed every 30 seconds.
                                                                            
+
                                                                            The following uses a TCP port-based check of a liveness probe as an example. The configurations of other check methods are similar.
                                                                            
+
                                                                            ...
+livenessProbe:
+  tcpSocket:
+    port: 80
+  initialDelaySeconds: 0
+    timeoutSeconds: 1
+    periodSeconds: 10
+    successThreshold: 1
+    failureThreshold: 3
+...
                                                                            
+
                                                                            Delay (initialDelaySeconds)
                                                                            
+
                                                                            Time reserved for service program startup, in seconds.
                                                                            
+
                                                                            For example, if this parameter is set to 30, the health check starts 30 seconds after the container starts.
                                                                            
+
                                                                            Timeout (timeoutSeconds)
                                                                            
+
                                                                            The timeout duration of a health check, in seconds. If you set this parameter to 0 or do not specify any value, the default value (1) is used.
                                                                            
+
                                                                            Example: Value 10 indicates that the health check timeout duration is 10s. If the health check takes longer than this value, the check is considered failed.
                                                                            
+
                                                                            Success Threshold (successThreshold)
                                                                            
+
                                                                            The minimum number of consecutive successes for the container to be considered healthy after a health check failure. The default value is 1, and the minimum value is 1. This parameter must be set to 1 for both the liveness and startup probes.
                                                                            
+
                                                                            For example, if this parameter is set to 1, the workload will be restored to the normal state if the health check succeeds for one time after a failure.
                                                                            
+
                                                                            Failure Threshold (failureThreshold)
                                                                            
+
                                                                            The number of consecutive failures allowed before the container is considered unhealthy. The default value is 3, and the minimum value is 1.
                                                                            
+
                                                                            • For a liveness probe, if the number of consecutive failures reaches the threshold, the container is marked as unhealthy, and kubelet restarts the container.
                                                                            • For a readiness probe, if the number of consecutive failures reaches the threshold, the pod is marked as not ready, removed from the endpoint list of the Service. In this case, the pod stops receiving new traffic, and its containers are not restarted.
                                                                            
                                                                             		
 
                                                                            
                                                                             
 
                                                                            
 
                                                                            
 
                                                                            
-
                                                                            YAML Example
                                                                            apiVersion: v1
+
                                                                            Example YAML
                                                                            1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                            2. Create a YAML file for configuring a pod. In this example, the file name is health_check.yaml. You can change it as needed.
                                                                              vim health_check.yaml
                                                                              
+
                                                                              The file content is as follows:
                                                                              
+
                                                                              apiVersion: v1
 kind: Pod
 metadata:
   labels:
@@ -73,31 +207,39 @@ metadata:
 spec:
   containers:
   - name: liveness
-    image: <image_address>
+    image: <image_address>
     args:
     - /server
     livenessProbe:                 # Liveness probe
-      httpGet:                     # Checking an HTTP request is used as an example.
+      httpGet:                     # An HTTP request is used to check the containers.
         path: /healthz             # The HTTP check path is /healthz.
-        port: 80                   # The check port number is 80.
+        port: 80                   # The health check port is 80.
         httpHeaders:               # (Optional) The request header name is Custom-Header and the value is Awesome.
         - name: Custom-Header
           value: Awesome
       initialDelaySeconds: 3
       periodSeconds: 3
     readinessProbe:                # Readiness probe
-      exec:                        # Checking an execution command is used as an example.
+      exec:                        # A command is used to check the containers.
         command:                   # Command to be executed
           - cat
           - /tmp/healthy
       initialDelaySeconds: 5
       periodSeconds: 5
     startupProbe:                  # Startup probe
-      httpGet:                     # Checking an HTTP request is used as an example.
-        path: /healthz             # The HTTP check path is /healthz.
-        port: 80                   # The check port number is 80.
+      httpGet:                     # An HTTP request is used to check the containers.
+        path: /healthz             # The HTTP check path is /healthz.
+        port: 80                   # The health check port is 80.
       failureThreshold: 30
       periodSeconds: 10
                                                                              
+
                                                                            3. Create the pod.
                                                                              kubectl create -f health_check.yaml
                                                                              
+
                                                                              If information similar to the following is displayed, the pod is being created:
                                                                              
+
                                                                              pod/liveness-http created
                                                                              
+
                                                                            4. Check the pod status.
                                                                              kubectl get deployment
                                                                              
+
                                                                              If the pod status is Running in the command output, the pod has been created.
                                                                              
+
                                                                              NAME               READY      STATUS       RESTARTS    AGE
+liveness-http      1/1        Running      1           4m59s
                                                                              
+
                                                                            
 
                                                                            
 
                                                                            
 
                                                                            
diff --git a/docs/cce/umn/cce_10_0113.html b/docs/cce/umn/cce_10_0113.html
index 287c14aa8..11286e5bb 100644
--- a/docs/cce/umn/cce_10_0113.html
+++ b/docs/cce/umn/cce_10_0113.html
@@ -1,22 +1,66 @@
 
 
 
                                                                            Configuring Environment Variables
                                                                            
-
                                                                            Scenario
                                                                            An environment variable is a variable whose value can affect the way a running container will behave. You can modify environment variables even after workloads are deployed, increasing flexibility in workload configuration.
                                                                            
-
                                                                            The function of setting environment variables on CCE is the same as that of specifying ENV in a Dockerfile.
                                                                            
-
                                                                             
                                                                            After a container is started, do not modify configurations in the container. If configurations in the container are modified (for example, passwords, certificates, and environment variables of a containerized application are added to the container), the configurations will be lost after the container restarts and container services will become abnormal. An example scenario of container restart is pod rescheduling due to node anomalies.
                                                                            
-
                                                                            Configurations must be imported to a container as arguments. Otherwise, configurations will be lost after the container restarts.
                                                                            
-
                                                                            
-
                                                                            Environment variables can be set in the following modes:
                                                                            
-
                                                                            • Custom: Enter the environment variable name and parameter value.
                                                                            • Added from ConfigMap: Import all key values in a ConfigMap as environment variables.
                                                                            • Added from ConfigMap key: Import the value of a key in a ConfigMap as the value of an environment variable. As shown in Figure 1, if you import configmap_value of configmap_key in configmap-example as the value of environment variable key1, an environment variable named key1 whose value is configmap_value is available in the container.
                                                                            • Added from secret: Import all key values in a secret as environment variables.
                                                                            • Added from secret key: Import the value of a key in a secret as the value of an environment variable. As shown in Figure 1, if you import secret_value of secret_key in secret-example as the value of environment variable key2, an environment variable named key2 whose value is secret_value is available in the container.
                                                                            • Variable Value/Reference: Use the field defined by a pod as the value of the environment variable. As shown in Figure 1, if the pod name is imported as the value of environment variable key3, an environment variable named key3 whose value is the pod name is available in the container.
                                                                            • Resource Reference: The value of Request or Limit defined by the container is used as the value of the environment variable. As shown in Figure 1, if you import the CPU limit of container-1 as the value of environment variable key4, an environment variable named key4 whose value is the CPU limit of container-1 is available in the container.
                                                                            
+
                                                                            Container environment variables (for example, DB_HOST=db.example.com) are configuration parameters dynamically transferred when a container is running. They allow you to flexibly adjust application behaviors and settings without rebuilding the image. They provide:
                                                                            
+
                                                                            • Dynamic application configuration: You can inject different variable values (such as DB_HOST=prod.db.com or DB_HOST=test.db.com) to change application behaviors without rebuilding the image. Even if the container restarts due to scheduling, the configuration information is still valid, including database connection information, API endpoints, and function switches.
                                                                            • Environment isolation configuration: The same image is used with different environment variables to adapt to development, test, and production environments. For example, ENV_MODE=production enables the production environment configuration.
                                                                            • Security management of sensitive data: Sensitive data, such as passwords and keys, is securely transferred using mechanisms such as secrets. Sensitive data is not hardcoded in the image or code.
                                                                            
+
                                                                            You can modify environment variables even after workloads are deployed, increasing flexibility in workload configuration. Configuring environment variables on CCE has the same function as specifying ENV in a Dockerfile. For more information, see Defining Environment Variables for a Container.
                                                                            
+
                                                                            Adding Environment Variables on the Console
                                                                            Before using a ConfigMap or secret as an environment variable, ensure that the ConfigMap and secret have been created in the cluster. For details about how to create a ConfigMap and secret, see Creating a ConfigMap and Creating a Secret.
                                                                            
+
                                                                            1. Log in to the CCE console.
                                                                            2. Click the cluster name to go to the cluster console, choose Workloads in the navigation pane, and click Create Workload in the upper right corner.
                                                                            3. In Container Information (Container Settings > Container Information), choose Environment Variables.
                                                                            4. Configure environment variables as needed. CCE clusters support multiple types of environment variables. For details, see Table 1.
                                                                              • To add environment variables one by one, click Add Variable and set Type, Variable Name, and Variable Value/Reference.
                                                                              • To add environment variables in batches, click Batch Edit Custom Variables. Then, in the displayed dialog box, enter environment variables in the format of "Variable name=Variable value or variable reference".
                                                                              
+
                                                                              Figure 1 Configuring environment variables
                                                                              
+
+
                                                                              
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                              Table 1 Environment variables
                                                                              Parameter
                                                                              
+
                                                                              Description
                                                                              
+
                                                                              Type
                                                                              
+
                                                                              Environment variable type. The options are as follows:
                                                                              
+
                                                                              • Custom: Enter the environment variable name and value.
                                                                              • Added from ConfigMap: Import all key values in a ConfigMap as environment variables.
                                                                                As shown in Figure 1, all key values in configmap-example are imported as environment variables.
                                                                                
+
                                                                              • Added from ConfigMap key: Import a key value in a ConfigMap as the value of an environment variable.
                                                                                As shown in Figure 1, the value of configmap_key in configmap-example is imported as the value of the environment variable. If the value of configmap_key is configmap_value, the value of key1 is configmap_value.
                                                                                
+
                                                                              • Added from secret: Import all key values in a secret as environment variables.
                                                                                As shown in Figure 1, all key values in secret-example are imported as environment variables.
                                                                                
+
                                                                              • Added from secret key: Import the value of a key in a secret as the value of an environment variable.
                                                                                As shown in Figure 1, the value of secret_key in secret-example is imported as the environment variable. If the value of secret_key is secret_value, the value of key2 is secret_value.
                                                                                
+
                                                                              • Variable Value/Reference: Use the field defined by a pod as the value of the environment variable.
                                                                                As shown in Figure 1, the pod name is imported as the value of key3.
                                                                                
+
                                                                              • Resource Reference: The value of Request or Limit defined by the container is used as the value of the environment variable.
                                                                                As shown in Figure 1, the CPU limit of container-1 is imported as the value of key4.
                                                                                
+
                                                                              
+
                                                                              Variable Name
                                                                              
+
                                                                              Name of the environment variable set in the container.
                                                                              
+
                                                                              Variable Value/Reference
                                                                              
+
                                                                              The value of an environment variable or the value of an environment variable obtained from other sources.
                                                                              
+
                                                                              
 
                                                                              
-
                                                                              Adding Environment Variables
                                                                              1. Log in to the CCE console.
                                                                              2. Click the cluster name to go to the cluster console, choose Workloads in the navigation pane, and click the Create Workload in the upper right corner.
                                                                              3. When creating a workload, modify the container information in Container Settings and click the Environment Variables tab.
                                                                              4. Configure environment variables.
                                                                                • To add environment variables one by one, click Adding a Variable and configure its parameters.
                                                                                • To add environment variables in batches, click Editing Custom Variables in Batches. Then, in the displayed dialog box, enter environment variables in the format of "Variable name=Variable or variable reference".
                                                                                
-
                                                                                Figure 1 Configuring environment variables
                                                                                
-
                                                                              
+
                                                                            5. Configure other parameters and click Create Workload in the lower right corner. After a period of time, the workload status changes to Running.
                                                                            
 
                                                                            
-
                                                                            YAML Example
                                                                            apiVersion: apps/v1
+
                                                                            Adding Environment Variables Using kubectl
                                                                            Assume that a ConfigMap and a secret are already available in the cluster. For details about how to create them, see Creating a ConfigMap and Creating a Secret.
                                                                            
+
                                                                            1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                            2. Check the ConfigMap in the cluster. In this example, the ConfigMap is named configmap-example.
                                                                              kubectl get configmap configmap-example -oyaml
                                                                              
+
                                                                              Information similar to the following is displayed:
                                                                              
+
                                                                              apiVersion: v1
+data:
+  configmap_key: configmap_value
+kind: ConfigMap
+...
                                                                              
+
                                                                            3. Check the secret in the cluster. In this example, the secret is named secret-example.
                                                                              kubectl get secret secret-example -oyaml
                                                                              
+
                                                                              Information similar to the following is displayed:
                                                                              
+
                                                                              apiVersion: v1
+data:
+  secret_key: c2VjcmV0X3ZhbHVl              # c2VjcmV0X3ZhbHVl is the value of secret_value in Base64 mode.
+kind: Secret
+...
                                                                              
+
                                                                            4. Create a file named nginx-deployment.yaml. nginx-deployment.yaml is an example file name, and you can rename it as needed.
                                                                              vi nginx-deployment.yaml
                                                                              
+
                                                                              Configure environment variables in the workload YAML file. The following is an example:
                                                                              apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: env-example
+  name: env-example
   namespace: default
 spec:
   replicas: 1
@@ -40,65 +84,55 @@ spec:
               cpu: 250m
               memory: 512Mi
           env:
-            - name: key                     # Custom
+            - name: key                     # Define the environment variable name and value.
               value: value
-            - name: key1                    # Added from ConfigMap key
+            - name: key1                    # Import the value of a key in the ConfigMap as the value of an environment variable.
               valueFrom:
                 configMapKeyRef:
                   name: configmap-example
                   key: configmap_key
-            - name: key2                    # Added from secret key
+            - name: key2                    # Import the value of a key in the secret as the value of an environment variable.
               valueFrom:
                 secretKeyRef:
                   name: secret-example
                   key: secret_key
-            - name: key3                    # Variable reference, which uses the field defined by a pod as the value of the environment variable.
+            - name: key3                    # Use the field defined by the pod as the value of an environment variable.
               valueFrom:
                 fieldRef:
                   apiVersion: v1
                   fieldPath: metadata.name
-            - name: key4                    # Resource reference, which uses the field defined by a container as the value of the environment variable.
+            - name: key4                    # Use the value of the resource request or limit defined in the container as the value of an environment variable.
               valueFrom:
                 resourceFieldRef:
                   containerName: container1
                   resource: limits.cpu
                   divisor: 1
           envFrom:
-            - configMapRef:                 # Added from ConfigMap
+            - configMapRef:                 # Import all key values in a ConfigMap as environment variables.
                 name: configmap-example
-            - secretRef:                    # Added from secret
+            - secretRef:                    # Import all key values in a secret as environment variables.
                 name: secret-example
       imagePullSecrets:
         - name: default-secret
                                                                              
 
                                                                              
-
                                                                              Viewing Environment Variables
                                                                              If the contents of configmap-example and secret-example are as follows:
                                                                              
-
                                                                              $ kubectl get configmap configmap-example -oyaml
-apiVersion: v1
-data:
-  configmap_key: configmap_value
-kind: ConfigMap
-...
-
-$ kubectl get secret secret-example -oyaml
-apiVersion: v1
-data:
-  secret_key: c2VjcmV0X3ZhbHVl              # c2VjcmV0X3ZhbHVl is the value of secret_value in Base64 mode.
-kind: Secret
-...
                                                                              
-
                                                                              The environment variables in the pod are as follows:
                                                                              
-
                                                                              $ kubectl get pod
-NAME                           READY   STATUS    RESTARTS   AGE
-env-example-695b759569-lx9jp   1/1     Running   0          17m
-
-$ kubectl exec env-example-695b759569-lx9jp  -- printenv
-/ # env
+
                                                                            5. Create the Deployment.
                                                                              kubectl create -f nginx-deployment.yaml
                                                                              
+
                                                                              If information similar to the following is displayed, the workload is being created:
                                                                              
+
                                                                              deployment.apps/env-example created
                                                                              
+
                                                                            6. Check the pod name.
                                                                              kubectl get pod
                                                                              
+
                                                                              Information similar to the following is displayed:
                                                                              
+
                                                                              NAME                           READY   STATUS    RESTARTS   AGE
+env-example-695b759569-lx9jp   1/1     Running   0          17m
                                                                              
+
                                                                            7. View environment variables in the pod.
                                                                              kubectl exec env-example-695b759569-lx9jp  -- printenv
                                                                              
+
                                                                              If information similar to the following is displayed, the environment variables are configured successfully:
                                                                              / # env
 key=value                             # Custom environment variable
-key1=configmap_value                  # Added from ConfigMap key
-key2=secret_value                     # Added from secret key
-key3=env-example-695b759569-lx9jp     # metadata.name defined by the pod
-key4=1                                # limits.cpu defined by container1. The value is rounded up, in unit of cores.
-configmap_key=configmap_value         # Added from ConfigMap. The key value in the original ConfigMap key is directly imported.
-secret_key=secret_value               # Added from key. The key value in the original secret is directly imported.
                                                                              
+key1=configmap_value                  # Added from a ConfigMap key
+key2=secret_value                     # Added from a secret key
+key3=env-example-695b759569-lx9jp     # metadata.name defined by the pod
+key4=1                                # limits.cpu defined by container1. The value is rounded up, in unit of cores.
+configmap_key=configmap_value         # Added from a ConfigMap. The key value in the original ConfigMap key is imported.
+secret_key=secret_value               # Added from a secret. The key value in the original secret is imported.
                                                                            
+
                                                                            
+
                                                                            
 
                                                                            
 
                                                                            
 
                                                                            
diff --git a/docs/cce/umn/cce_10_0125.html b/docs/cce/umn/cce_10_0125.html
index b2842e639..f9aa8166d 100644
--- a/docs/cce/umn/cce_10_0125.html
+++ b/docs/cce/umn/cce_10_0125.html
@@ -5,7 +5,7 @@
 
                                                                            
 
                                                                            
 
 
diff --git a/docs/cce/umn/cce_10_0127.html b/docs/cce/umn/cce_10_0127.html
index 72debccc1..66618f5c7 100644
--- a/docs/cce/umn/cce_10_0127.html
+++ b/docs/cce/umn/cce_10_0127.html
@@ -9,7 +9,7 @@
 
 
                                                                            
 
                                                                            Installing the Add-on
                                                                            This add-on has been installed by default. If it is uninstalled due to some reasons, you can reinstall it by performing the following steps:
                                                                            
-
                                                                            If storage-driver is not installed in a cluster, perform the following steps to install it:
                                                                            
+
                                                                            If storage-driver is not installed in a cluster, perform the following operations to install it:
                                                                            
 
                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Add-ons, locate CCE Container Storage (FlexVolume) on the right, and click Install.
                                                                            2. Click Install to install the add-on. Note that the storage-driver has no configurable parameters and can be directly installed.
                                                                            
 
                                                                            
 
                                                                            
diff --git a/docs/cce/umn/cce_10_0129.html b/docs/cce/umn/cce_10_0129.html
index 53ba5eadb..7a974cda7 100644
--- a/docs/cce/umn/cce_10_0129.html
+++ b/docs/cce/umn/cce_10_0129.html
@@ -13,82 +13,82 @@
 
                                                                            Notes and Constraints
                                                                            To run CoreDNS properly or upgrade CoreDNS in a cluster, ensure the number of available nodes in the cluster is greater than or equal to the number of CoreDNS instances and all CoreDNS instances are running. Otherwise, the add-on will malfunction or the upgrade will fail.
                                                                            
 
                                                                            
 
                                                                            Installing the Add-on
                                                                            This add-on has been installed by default. If it is uninstalled due to some reasons, you can reinstall it by performing the following steps:
                                                                            
-
                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Add-ons, locate CoreDNS on the right, and click Install.
                                                                            2. On the Install Add-on page, configure the specifications as needed.
                                                                              • If you selected Preset, you can choose between Small qps, Medium qps, or Large qps as needed. The system will automatically set the number of add-on pods and resource quotas according to the preset specifications. You can see the configurations on the console.
                                                                                The small one can handle up to 2500 external and 10,000 internal domain names QPS. The medium specification can handle up to 5000 external and 20,000 internal domain names QPS. The large specification can handle up to 10,000 external and 40,000 internal domain names QPS.
                                                                                
+
                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                2. In the navigation pane, choose Add-ons. Locate CoreDNS on the right and click Install.
                                                                                3. On the Install Add-on page, configure the specifications as needed.
                                                                                  • If you selected Preset, you can choose between Small qps, Medium qps, or Large qps as needed. The system will automatically set the number of add-on pods and resource quotas according to the preset specifications. You can see the configurations on the console.
                                                                                    The small one can handle up to 2500 external and 10,000 internal domain names QPS. The medium specification can handle up to 5000 external and 20,000 internal domain names QPS. The large specification can handle up to 10,000 external and 40,000 internal domain names QPS.
                                                                                    
 
                                                                                  • If you selected Custom, you can adjust the number of pods and resource quotas as needed. QPS of the CoreDNS add-on is positively correlated with the CPU consumption. If the number of nodes or containers in the cluster grows, the CoreDNS pods will bear heavier workloads. It is recommended that you adjust the number of the CoreDNS pods and their CPU and memory quotas based on the cluster scale. For details, see Table 1.
-
                                                                                    Table 1 Recommended CoreDNS quotas
                                                                                    Nodes
                                                                                    
+
                                                                                    
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@@ -96,23 +96,25 @@
 
                                                                                  • Configure the add-on parameters.
                                                                                    
-
                                                                                    • Table 1 Recommended CoreDNS quotas
                                                                                    Nodes
                                                                                    
 
                                                                                    Recommended QPS
                                                                                    
+
                                                                                    Recommended QPS
                                                                                    
 
                                                                                    Pods
                                                                                    
+
                                                                                    Pods
                                                                                    
 
                                                                                    Requested vCPUs
                                                                                    
+
                                                                                    Requested vCPUs
                                                                                    
 
                                                                                    vCPU Limit
                                                                                    
+
                                                                                    vCPU Limit
                                                                                    
 
                                                                                    Requested Memory
                                                                                    
+
                                                                                    Requested Memory
                                                                                    
 
                                                                                    Memory Limit
                                                                                    
+
                                                                                    Memory Limit
                                                                                    
                                                                                     		
 
                                                                                    
 
                                                                                    50
                                                                                    
+
                                                                                    50
                                                                                    
 
                                                                                    2500
                                                                                    
+
                                                                                    2500
                                                                                    
 
                                                                                    2
                                                                                    
+
                                                                                    2
                                                                                    
 
                                                                                    500m
                                                                                    
+
                                                                                    500m
                                                                                    
 
                                                                                    500m
                                                                                    
+
                                                                                    500m
                                                                                    
 
                                                                                    512 MiB
                                                                                    
+
                                                                                    512 MiB
                                                                                    
 
                                                                                    512 MiB
                                                                                    
+
                                                                                    512 MiB
                                                                                    
                                                                                     		
 
                                                                                    200
                                                                                    
+
                                                                                    200
                                                                                    
 
                                                                                    5000
                                                                                    
+
                                                                                    5000
                                                                                    
 
                                                                                    2
                                                                                    
+
                                                                                    2
                                                                                    
 
                                                                                    1000m
                                                                                    
+
                                                                                    1000m
                                                                                    
 
                                                                                    1000m
                                                                                    
+
                                                                                    1000m
                                                                                    
 
                                                                                    1024 MiB
                                                                                    
+
                                                                                    1024 MiB
                                                                                    
 
                                                                                    1024 MiB
                                                                                    
+
                                                                                    1024 MiB
                                                                                    
                                                                                     		
 
                                                                                    1000
                                                                                    
+
                                                                                    1000
                                                                                    
 
                                                                                    10000
                                                                                    
+
                                                                                    10000
                                                                                    
 
                                                                                    2
                                                                                    
+
                                                                                    2
                                                                                    
 
                                                                                    2000m
                                                                                    
+
                                                                                    2000m
                                                                                    
 
                                                                                    2000m
                                                                                    
+
                                                                                    2000m
                                                                                    
 
                                                                                    2048 MiB
                                                                                    
+
                                                                                    2048 MiB
                                                                                    
 
                                                                                    2048 MiB
                                                                                    
+
                                                                                    2048 MiB
                                                                                    
                                                                                     		
 
                                                                                    2000
                                                                                    
+
                                                                                    2000
                                                                                    
 
                                                                                    20000
                                                                                    
+
                                                                                    20000
                                                                                    
 
                                                                                    4
                                                                                    
+
                                                                                    4
                                                                                    
 
                                                                                    2000m
                                                                                    
+
                                                                                    2000m
                                                                                    
 
                                                                                    2000m
                                                                                    
+
                                                                                    2000m
                                                                                    
 
                                                                                    2048 MiB
                                                                                    
+
                                                                                    2048 MiB
                                                                                    
 
                                                                                    2048Mi
                                                                                    
+
                                                                                    2048 MiB
                                                                                    
                                                                                     		
 
                                                                                    
                                                                                     
 
 
                                                                                    Table 2 Add-on parameters
                                                                                    Parameter
                                                                                    
+
                                                                                    
-
-
-
-
-
                                                                                    Table 2 Add-on parameters
                                                                                    Parameter
                                                                                    
 
                                                                                    Description
                                                                                    
+
                                                                                    Description
                                                                                    
                                                                                     		
 
                                                                                    
 
                                                                                    Stub Domain
                                                                                    
+
                                                                                    Stub Domain
                                                                                    
 
                                                                                    A domain name server for a custom domain name. The format is a key-value pair. The key is a domain name suffix, and the value is one or more DNS IP addresses, for example, acme.local -- 1.2.3.4,6.7.8.9.
                                                                                    
+
                                                                                    A domain name server for a custom domain name. The format is a key-value pair. The key is a domain name suffix, and the value is one or more DNS IP addresses, for example, acme.local -- 1.2.3.4,6.7.8.9.
                                                                                    
 
                                                                                    For details, see Configuring the Stub Domain for CoreDNS.
                                                                                    
 
                                                                                     CAUTION: 
                                                                                    Uppercase letters are not allowed in custom domain names.
                                                                                    
 
                                                                                    
                                                                                     		
 
                                                                                    Extended Parameter Settings
                                                                                    
+
                                                                                    Extended Parameter Settings
                                                                                    
 
                                                                                    • parameterSyncStrategy: indicates whether to configure consistency check when the add-on is upgraded.
                                                                                      • ensureConsistent: indicates that the configuration consistency check is enabled. If the delivered configuration differs from the current effective configuration, the current effective configuration will be replaced. However, if the delivered configuration is the same as the current effective configuration, the current effective configuration will be preserved. The ensureConsistent parameter ensures the configuration consistency. If a ConfigMap is modified manually, the add-on cannot be upgraded. In such cases, you will need to use the force or inherit policy to upgrade the add-on.
                                                                                      • force: indicates that the configuration consistency check is ignored during an upgrade. The configuration provided during the add-on upgrade will be used, so it is important to make sure that it matches the current effective configuration. After the add-on is upgraded, you need to restore the value of parameterSyncStrategy to ensureConsistent to enable the configuration consistency check again.
                                                                                      • inherit: If the configuration provided during the add-on upgrade differs from the current effective configuration, the current effective configuration will be used instead. After the add-on is upgraded, you need to restore the value of parameterSyncStrategy to ensureConsistent to enable the configuration consistency check again.
                                                                                      
+
                                                                                    • parameterSyncStrategy: indicates whether to configure consistency check when the add-on is upgraded.
                                                                                      • ensureConsistent: indicates that the configuration consistency check is enabled. If the delivered configuration differs from the current effective configuration, the current effective configuration will be replaced. However, if the delivered configuration is the same as the current effective configuration, the current effective configuration will be preserved. The ensureConsistent parameter ensures the configuration consistency. If a ConfigMap is modified manually, the add-on cannot be upgraded. In such cases, you will need to use the force or inherit policy to upgrade the add-on.
                                                                                      • force: indicates that the configuration consistency check is ignored during an upgrade. The configuration provided during the add-on upgrade will be used, so it is important to make sure that it matches the current effective configuration. After the add-on is upgraded, you need to restore the value of parameterSyncStrategy to ensureConsistent to enable the configuration consistency check again.
                                                                                      • inherit: If the configuration provided during the add-on upgrade differs from the current effective configuration, the current effective configuration will be used instead. After the add-on is upgraded, you need to restore the value of parameterSyncStrategy to ensureConsistent to enable the configuration consistency check again.
                                                                                         CAUTION: 
                                                                                        After the automatic inheritance of parameter settings (parameterSyncStrategy=inherit) is enabled, stub domain settings will be cleared and merged into the extended parameter settings. The original stub domain settings remain unchanged and can still be viewed under Extended Parameter Settings.
                                                                                        
+
                                                                                        
+
                                                                                      
 
                                                                                    • servers: nameservers, which are available in CoreDNS v1.23.1 and later versions. You can customize nameservers. For details, see dns-custom-nameservers.
                                                                                      plugins indicates the configuration of each component in CoreDNS. Retain the default settings typically to prevent CoreDNS from being unavailable due to configuration errors. Each plugin component contains name, parameters (optional), and configBlock (optional). The format of the generated Corefile is as follows:
                                                                                      $name  $parameters {
 $configBlock
 }
                                                                                      
@@ -183,101 +185,101 @@ $configBlock
 
                                                                                    
 
                                                                                    
 
-
                                                                                    Table 3 Default CoreDNS configurations
                                                                                    Plugin Name
                                                                                    
+
                                                                                    
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                                                    Table 3 Default CoreDNS configurations
                                                                                    Plugin Name
                                                                                    
 
                                                                                    Type
                                                                                    
+
                                                                                    Type
                                                                                    
 
                                                                                    Description
                                                                                    
+
                                                                                    Description
                                                                                    
                                                                                     		
 
                                                                                    
 
                                                                                    bind
                                                                                    
+
                                                                                    bind
                                                                                    
 
                                                                                    Default configuration
                                                                                    
+
                                                                                    Default configuration
                                                                                    
 
                                                                                    Host IP address listened by CoreDNS. Retain the default value {$POD_IP}. For details, see bind.
                                                                                    
+
                                                                                    Host IP address listened by CoreDNS. Retain the default value {$POD_IP}. For details, see bind.
                                                                                    
                                                                                     		
 
                                                                                    cache
                                                                                    
+
                                                                                    cache
                                                                                    
 
                                                                                    Default configuration
                                                                                    
+
                                                                                    Default configuration
                                                                                    
 
                                                                                    Enables DNS cache. For details, see cache.
                                                                                    
+
                                                                                    Enables DNS cache. For details, see cache.
                                                                                    
 
                                                                                    If the add-on version is 1.25.10 or later, the servfail cache can be disabled. To disable the servfail cache, set configBlock to servfail 0. Otherwise, the unit of the servfail cache is second and cannot be omitted.
                                                                                    
                                                                                     		
 
                                                                                    errors
                                                                                    
+
                                                                                    errors
                                                                                    
 
                                                                                    Default configuration
                                                                                    
+
                                                                                    Default configuration
                                                                                    
 
                                                                                    Errors are logged to stdout. For details, see errors.
                                                                                    
+
                                                                                    Errors are logged to stdout. For details, see errors.
                                                                                    
                                                                                     		
 
                                                                                    health
                                                                                    
+
                                                                                    health
                                                                                    
 
                                                                                    Default configuration
                                                                                    
+
                                                                                    Default configuration
                                                                                    
 
                                                                                    Health check for CoreDNS. {$POD_IP}:8080 is listened to. Retain the default setting. Otherwise, the CoreDNS health check will fail and the add-on will restart repeatedly. For details, see health.
                                                                                    
+
                                                                                    Health check for CoreDNS. {$POD_IP}:8080 is listened to. Retain the default setting. Otherwise, the CoreDNS health check will fail and the add-on will restart repeatedly. For details, see health.
                                                                                    
                                                                                     		
 
                                                                                    ready
                                                                                    
+
                                                                                    ready
                                                                                    
 
                                                                                    Default configuration
                                                                                    
+
                                                                                    Default configuration
                                                                                    
 
                                                                                    Whether the backend server is ready to receive traffic. {$POD_IP}:8081 is listened to. If the backend server is not ready, CoreDNS will suspend DNS resolution until the backend server is ready. For details, see ready.
                                                                                    
+
                                                                                    Whether the backend server is ready to receive traffic. {$POD_IP}:8081 is listened to. If the backend server is not ready, CoreDNS will suspend DNS resolution until the backend server is ready. For details, see ready.
                                                                                    
                                                                                     		
 
                                                                                    kubernetes
                                                                                    
+
                                                                                    kubernetes
                                                                                    
 
                                                                                    Default configuration
                                                                                    
+
                                                                                    Default configuration
                                                                                    
 
                                                                                    CoreDNS Kubernetes plugin, which provides the service parsing capability in a cluster. For details, see kubernetes.
                                                                                    
+
                                                                                    CoreDNS Kubernetes plugin, which provides the service parsing capability in a cluster. For details, see kubernetes.
                                                                                    
                                                                                     		
 
                                                                                    loadbalance
                                                                                    
+
                                                                                    loadbalance
                                                                                    
 
                                                                                    Default configuration
                                                                                    
+
                                                                                    Default configuration
                                                                                    
 
                                                                                    Round-robin DNS load balancer that randomizes the order of A, AAAA, and MX records in an answer. For details, see loadbalance.
                                                                                    
+
                                                                                    Round-robin DNS load balancer that randomizes the order of A, AAAA, and MX records in an answer. For details, see loadbalance.
                                                                                    
                                                                                     		
 
                                                                                    prometheus
                                                                                    
+
                                                                                    prometheus
                                                                                    
 
                                                                                    Default configuration
                                                                                    
+
                                                                                    Default configuration
                                                                                    
 
                                                                                    API for obtaining CoreDNS metrics. {$POD_IP}:9153 is listened to by default. Retain the default setting. Otherwise, Prometheus cannot collect CoreDNS metrics. For details, see Prometheus.
                                                                                    
+
                                                                                    API for obtaining CoreDNS metrics. {$POD_IP}:9153 is listened to by default. Retain the default setting. Otherwise, Prometheus cannot collect CoreDNS metrics. For details, see Prometheus.
                                                                                    
                                                                                     		
 
                                                                                    forward
                                                                                    
+
                                                                                    forward
                                                                                    
 
                                                                                    Default configuration
                                                                                    
+
                                                                                    Default configuration
                                                                                    
 
                                                                                    Forwards any queries that are not within the cluster domain of Kubernetes to predefined resolvers (/etc/resolv.conf). For details, see forward.
                                                                                    
+
                                                                                    Forwards any queries that are not within the cluster domain of Kubernetes to predefined resolvers (/etc/resolv.conf). For details, see forward.
                                                                                    
                                                                                     		
 
                                                                                    reload
                                                                                    
+
                                                                                    reload
                                                                                    
 
                                                                                    Default configuration
                                                                                    
+
                                                                                    Default configuration
                                                                                    
 
                                                                                    Automatically reloads modified Corefiles. After you modify a ConfigMap, wait for two minutes for the modification to take effect. For details, see reload.
                                                                                    
+
                                                                                    Automatically reloads modified Corefiles. After you modify a ConfigMap, wait for two minutes for the modification to take effect. For details, see reload.
                                                                                    
                                                                                     		
 
                                                                                    log
                                                                                    
+
                                                                                    log
                                                                                    
 
                                                                                    Extended configuration
                                                                                    
+
                                                                                    Extended configuration
                                                                                    
 
                                                                                    Enables CoreDNS logging. For details, see log.
                                                                                    
+
                                                                                    Enables CoreDNS logging. For details, see log.
                                                                                    
 
                                                                                    The following is an example:
                                                                                    
 
                                                                                    {
    "name": "log"
 }
                                                                                    
                                                                                     		
 
                                                                                    template
                                                                                    
+
                                                                                    template
                                                                                    
 
                                                                                    Extended configuration
                                                                                    
+
                                                                                    Extended configuration
                                                                                    
 
                                                                                    A quick response template, where AAAA indicates an IPv6 request. If NXDOMAIN is returned in an rcode response, no IPv6 resolution result is returned. For details, see template.
                                                                                    
+
                                                                                    A quick response template, where AAAA indicates an IPv6 request. If NXDOMAIN is returned in an rcode response, no IPv6 resolution result is returned. For details, see template.
                                                                                    
 
                                                                                    The following is an example:
                                                                                    
 
                                                                                    {
    "configBlock": "rcode NXDOMAIN",
@@ -292,26 +294,26 @@ $configBlock
 
                                                                                  • Configure deployment policies for the add-on pods.
                                                                                     
                                                                                    • Scheduling policies do not take effect on add-on pods of the DaemonSet type.
                                                                                    • When configuring multi-AZ deployment or node affinity, ensure that there are nodes meeting the scheduling policy and that resources are sufficient in the cluster. Otherwise, the add-on cannot run.
                                                                                    
 
                                                                                    
 
-
                                                                                    Table 4 Configurations for add-on scheduling
                                                                                    Parameter
                                                                                    
+
                                                                                    
-
-
-
-
-
-
-
@@ -321,36 +323,36 @@ $configBlock
 
                                                                                  • Click Install.
                                                                                    • 
-
                                                                                    Configure CoreDNS Using Corefile
                                                                                     
                                                                                    If you install the CoreDNS add-on, the Corefile view configuration is not available. This configuration is supported only when you are editing or upgrading the add-on.
                                                                                    
-
                                                                                    
-
                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Add-ons, locate CoreDNS on the right, and click Edit.
                                                                                    2. In the Parameters area, select whether to switch to the Corefile View (supported by add-on 1.30.3 and later versions).
                                                                                      Once the function is enabled, the ConfigMap of CoreDNS in the kube-system namespace will be directly configured in the Corefile format. Any existing stub domain configurations and parameters such as parameterSyncStrategy, servers, and upstream_nameservers in the advanced configuration will no longer be in effect. It is important to verify that the Corefile configuration is accurate.
                                                                                      
-
                                                                                      For description of the Corefile format, see Configuration.
                                                                                      
-
                                                                                       
                                                                                      • Once the Corefile view is disabled, the ConfigMap of CoreDNS will continue to be configured based on to the stub domain configurations and parameters such as parameterSyncStrategy, servers, and upstream_nameservers in the advanced configuration. It is important to verify that the configuration is correct during the function switchover.
                                                                                      • Once the Corefile view is enabled, the add-on can be upgraded. However, if the Corefile view is disabled again, the add-on upgrade will override the current configurations. To complete the upgrade, parameterSyncStrategy must be set to either force or inherit.
                                                                                      • Once the Corefile configuration is modified, simply wait for CoreDNS' reload mechanism to automatically update the configuration. This typically takes about 10 seconds for the changes to take effect.
                                                                                      
-
                                                                                      
-
                                                                                    3. After editing the Corefile, click OK.
                                                                                    
-
                                                                                    
-
                                                                                    Components
                                                                                    
-
                                                                                    Table 4 Configurations for add-on scheduling
                                                                                    Parameter
                                                                                    
 
                                                                                    Description
                                                                                    
+
                                                                                    Description
                                                                                    
                                                                                     		
 
                                                                                    
 
                                                                                    Multi-AZ Deployment
                                                                                    
+
                                                                                    Multi-AZ Deployment
                                                                                    
 
                                                                                    • Preferred: Deployment pods of the add-on will be preferentially scheduled to nodes in different AZs. If all the nodes in the cluster are deployed in the same AZ, the pods will be scheduled to different nodes in that AZ.
                                                                                    • Equivalent mode: Deployment pods of the add-on are evenly scheduled to the nodes in the cluster in each AZ. If a new AZ is added, you are advised to increase add-on pods for cross-AZ HA deployment. With the Equivalent multi-AZ deployment, the difference between the number of add-on pods in different AZs will be less than or equal to 1. If resources in one of the AZs are insufficient, pods cannot be scheduled to that AZ.
                                                                                    • Forcible: Deployment pods of the add-on are forcibly scheduled to nodes in different AZs. There can be at most one pod in each AZ. If nodes in a cluster are not in different AZs, some add-on pods cannot run properly. If a node is faulty, add-on pods on it may fail to be migrated.
                                                                                    
+
                                                                                    • Preferred: Deployment pods of the add-on will be preferentially scheduled to nodes in different AZs. If all the nodes in the cluster are deployed in the same AZ, the pods will be scheduled to different nodes in that AZ.
                                                                                    • Equivalent mode: Deployment pods of the add-on are evenly scheduled to the nodes in the cluster in each AZ. If a new AZ is added, you are advised to increase add-on pods for cross-AZ HA deployment. With the Equivalent multi-AZ deployment, the difference between the number of add-on pods in different AZs will be less than or equal to 1. If resources in one of the AZs are insufficient, pods cannot be scheduled to that AZ.
                                                                                    • Forcible: Deployment pods of the add-on are forcibly scheduled to nodes in different AZs. There can be at most one pod in each AZ. If nodes in a cluster are not in different AZs, some add-on pods cannot run properly. If a node is faulty, add-on pods on it may fail to be migrated.
                                                                                    
                                                                                     		
 
                                                                                    Node Affinity
                                                                                    
+
                                                                                    Node Affinity
                                                                                    
 
                                                                                    • Not configured: Node affinity is disabled for the add-on.
                                                                                    • Specify node: Specify the nodes where the add-on is deployed. If you do not specify the nodes, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                    • Specify node pool: Specify the node pool where the add-on is deployed. If you do not specify the node pools, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                    • Customize affinity: Enter the labels of the nodes where the add-on is to be deployed for more flexible scheduling policies. If you do not specify node labels, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                      If multiple custom affinity policies are configured, ensure that there are nodes that meet all the affinity policies in the cluster. Otherwise, the add-on cannot run.
                                                                                      
+
                                                                                    • Not configured: Node affinity is disabled for the add-on.
                                                                                    • Specify node: Specify the nodes where the add-on is deployed. If you do not specify the nodes, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                    • Specify node pool: Specify the node pool where the add-on is deployed. If you do not specify the node pools, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                    • Customize affinity: Enter the labels of the nodes where the add-on is to be deployed for more flexible scheduling policies. If you do not specify node labels, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                      If multiple custom affinity policies are configured, ensure that there are nodes that meet all the affinity policies in the cluster. Otherwise, the add-on cannot run.
                                                                                      
 
                                                                                    
                                                                                     		
 
                                                                                    Toleration
                                                                                    
+
                                                                                    Toleration
                                                                                    
 
                                                                                    Using both taints and tolerations allows (not forcibly) the add-on Deployment to be scheduled to a node with the matching taints, and controls the Deployment eviction policies after the node where the Deployment is located is tainted.
                                                                                    
+
                                                                                    Using both taints and tolerations allows (not forcibly) the add-on Deployment to be scheduled to a node with the matching taints, and controls the Deployment eviction policies after the node where the Deployment is located is tainted.
                                                                                    
 
                                                                                    The add-on adds the default tolerance policy for the node.kubernetes.io/not-ready and node.kubernetes.io/unreachable taints, respectively. The tolerance time window is 60s.
                                                                                    
 
                                                                                    For details, see Configuring Tolerance Policies.
                                                                                    
                                                                                     		
 
 
                                                                                    Table 5 Add-on components
                                                                                    Component
                                                                                    
+
                                                                                    Components
                                                                                    
+
                                                                                    
-
-
-
-
-
                                                                                    Table 5 Add-on components
                                                                                    Component
                                                                                    
 
                                                                                    Description
                                                                                    
+
                                                                                    Description
                                                                                    
 
                                                                                    Resource Type
                                                                                    
+
                                                                                    Resource Type
                                                                                    
                                                                                     		
 
                                                                                    
 
                                                                                    CoreDNS
                                                                                    
+
                                                                                    CoreDNS
                                                                                    
 
                                                                                    DNS server for clusters
                                                                                    
+
                                                                                    DNS server for clusters
                                                                                    
 
                                                                                    Deployment
                                                                                    
+
                                                                                    Deployment
                                                                                    
                                                                                     		
 
                                                                                    
                                                                                     
 
                                                                                    
 
                                                                                    
 
                                                                                    
+
                                                                                    Configure CoreDNS Using Corefile
                                                                                     
                                                                                    If you install the CoreDNS add-on, the Corefile view configuration is not available. This configuration is supported only when you are editing or upgrading the add-on.
                                                                                    
+
                                                                                    
+
                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                    2. In the navigation pane, choose Add-ons. Locate CoreDNS on the right and click Edit.
                                                                                    3. In the Parameters area, select whether to switch to the Corefile View (supported by add-on 1.30.3 and later versions).
                                                                                      Once the function is enabled, the ConfigMap of CoreDNS in the kube-system namespace will be directly configured in the Corefile format. Any existing stub domain configurations and parameters such as parameterSyncStrategy, servers, and upstream_nameservers in the advanced configuration will no longer be in effect. It is important to verify that the Corefile configuration is accurate.
                                                                                      
+
                                                                                      For description of the Corefile format, see Configuration.
                                                                                      
+
                                                                                       
                                                                                      • Once the Corefile view is disabled, the ConfigMap of CoreDNS will continue to be configured based on to the stub domain configurations and parameters such as parameterSyncStrategy, servers, and upstream_nameservers in the advanced configuration. It is important to verify that the configuration is correct during the function switchover.
                                                                                      • Once the Corefile view is enabled, the add-on can be upgraded. However, if the Corefile view is disabled again, the add-on upgrade will override the current configurations. To complete the upgrade, parameterSyncStrategy must be set to either force or inherit.
                                                                                      • Once the Corefile configuration is modified, simply wait for CoreDNS' reload mechanism to automatically update the configuration. This typically takes about 10 seconds for the changes to take effect.
                                                                                      
+
                                                                                      
+
                                                                                    4. After editing the Corefile, click OK.
                                                                                    
+
                                                                                    
 
                                                                                    How Does Domain Name Resolution Work in Kubernetes?
                                                                                    DNS policies can be configured for each pod. Kubernetes supports DNS policies Default, ClusterFirst, ClusterFirstWithHostNet, and None. For details, see DNS for Services and Pods. These policies are specified in the dnsPolicy field in the pod-specific.
                                                                                    
-
                                                                                    • Default: Pods inherit the name resolution configuration from the node that the pods run on. The custom upstream DNS server and the stub domain cannot be used together with this policy.
                                                                                    • ClusterFirst: Any DNS query that does not match the configured cluster domain suffix, such as www.kubernetes.io, is forwarded to the upstream name server inherited from the node. Cluster administrators may have extra stub domains and upstream DNS servers configured. 
                                                                                    • ClusterFirstWithHostNet: For pods running with hostNetwork, set its DNS policy ClusterFirstWithHostNet.
                                                                                    • None: It allows a pod to ignore DNS settings from the Kubernetes environment. All DNS settings are supposed to be provided using the dnsPolicy field in the pod-specific.
                                                                                    
+
                                                                                    • Default: Pods inherit the name resolution configuration from the node that the pods run on. The custom upstream DNS server and the stub domain cannot be used together with this policy.
                                                                                    • ClusterFirst: Any DNS query that does not match the configured cluster domain suffix, such as www.kubernetes.io, is forwarded to the upstream name server inherited from the node. Cluster administrators may have extra stub domains and upstream DNS servers configured. 
                                                                                    • ClusterFirstWithHostNet: For pods running with hostNetwork, set its DNS policy ClusterFirstWithHostNet.
                                                                                    • None: It allows a pod to ignore DNS settings from the Kubernetes environment. All DNS settings should be provided using the dnsPolicy field in dnsConfigPod.
                                                                                    
 
                                                                                     
                                                                                    • Clusters of Kubernetes v1.10 and later support Default, ClusterFirst, ClusterFirstWithHostNet, and None. Clusters earlier than Kubernetes v1.10 support only Default, ClusterFirst, and ClusterFirstWithHostNet.
                                                                                    • Default is not the default DNS policy. If dnsPolicy is not explicitly specified, ClusterFirst is used.
                                                                                    
 
                                                                                    
 
                                                                                    Routing
                                                                                    
@@ -359,10 +361,10 @@ $configBlock
 
                                                                                    1. The query is first sent to the DNS caching layer in CoreDNS.
                                                                                    2. From the caching layer, the suffix of the request is examined and then the request is forwarded to the corresponding DNS:
                                                                                      • Names with the cluster suffix, for example, .cluster.local: The request is sent to CoreDNS.
                                                                                      
 
                                                                                      • Names with the stub domain suffix, for example, .acme.local: The request is sent to the configured custom DNS resolver that listens, for example, on 1.2.3.4.
                                                                                      • Names that do not match the suffix (for example, widget.com): The request is forwarded to the upstream DNS.
                                                                                      
 
                                                                                    
-
                                                                                    Figure 1 Routing
                                                                                    
+
                                                                                    Figure 1 Routing
                                                                                    
 
                                                                                    
-
                                                                                    Change History
                                                                                    
-
                                                                                    Table 6 Release history
                                                                                    Add-on Version
                                                                                    
+
                                                                                    Release History
                                                                                    
+
                                                                                    
@@ -372,7 +374,22 @@ $configBlock
 
-
+
+
+
+
+
                                                                                    Table 6 CoreDNS add-on
                                                                                    Add-on Version
                                                                                    
                                                                                     		
 
                                                                                    Supported Cluster Version
                                                                                    
                                                                                     		
 
                                                                                    
 
                                                                                    1.30.30
                                                                                    
+
                                                                                    1.30.33
                                                                                    
+
                                                                                    v1.25
                                                                                    
+
                                                                                    v1.27
                                                                                    
+
                                                                                    v1.28
                                                                                    
+
                                                                                    v1.29
                                                                                    
+
                                                                                    v1.30
                                                                                    
+
                                                                                    v1.31
                                                                                    
+
                                                                                    v1.32
                                                                                    
+
                                                                                    CCE clusters v1.32 are supported.
                                                                                    
+
                                                                                    1.11.4
                                                                                    
+
                                                                                    1.30.30
                                                                                    
                                                                                     		
 
                                                                                    v1.25
                                                                                    
 
                                                                                    v1.27
                                                                                    
diff --git a/docs/cce/umn/cce_10_0130.html b/docs/cce/umn/cce_10_0130.html
index bacc160fa..5ea5f491f 100644
--- a/docs/cce/umn/cce_10_0130.html
+++ b/docs/cce/umn/cce_10_0130.html
@@ -14,13 +14,13 @@
 
 
                                                                                  • Configuring Container Specifications
                                                                                    
 
                                                                                    • 
-
                                                                                  • Configuring Container Lifecycle Parameters
                                                                                    
+
                                                                                  • Configuring the Container Lifecycle
                                                                                    
 
                                                                                    • 
 
                                                                                  • Configuring Container Health Check
                                                                                    
 
                                                                                    • 
 
                                                                                  • Configuring Environment Variables
                                                                                    
 
                                                                                    • 
-
                                                                                  • Configuring Workload Upgrade Policies
                                                                                    
+
                                                                                  • Upgrading and Rolling Back a Workload
                                                                                    
 
                                                                                    • 
 
                                                                                  • Configuring Tolerance Policies
                                                                                    
 
                                                                                    • 
diff --git a/docs/cce/umn/cce_10_0132.html b/docs/cce/umn/cce_10_0132.html
index 520a2220e..f500b9883 100644
--- a/docs/cce/umn/cce_10_0132.html
+++ b/docs/cce/umn/cce_10_0132.html
@@ -10,31 +10,31 @@
 
                                                                                    In addition, CCE mitigates risks according to the least privilege principle. Only the following privileges are available for NPD running:
                                                                                    
 
                                                                                    • cap_dac_read_search: permission to access /run/log/journal.
                                                                                    • cap_sys_admin: permission to access /dev/kmsg.
                                                                                    
 
-
                                                                                    Installing the Add-on
                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Add-ons, locate CCE Node Problem Detector on the right, and click Install.
                                                                                    2. On the Install Add-on page, configure the specifications as needed.
                                                                                      You can adjust the number of add-on pods and resource quotas as required. High availability is not possible with a single pod. If an error occurs on the node where the add-on instance runs, the add-on will fail.
                                                                                      
+
                                                                                      Installing the Add-on
                                                                                      1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                      2. In the navigation pane, choose Add-ons. In the right pane, find the CCE Node Problem Detector add-on and click Install.
                                                                                      3. On the Install Add-on page, configure the specifications as needed.
                                                                                        You can adjust the number of add-on pods and resource quotas as required. High availability is not possible with a single pod. If an error occurs on the node where the add-on instance runs, the add-on will fail.
                                                                                        
 
                                                                                      4. Configure the add-on parameters.
                                                                                        Maximum Number of Isolated Nodes in a Fault: specifies the maximum number of nodes that can be isolated to prevent avalanches in case of a fault occurring on multiple nodes. You can configure this parameter either by percentage or quantity.
                                                                                        
 
                                                                                      5. Configure deployment policies for the add-on pods.
                                                                                         
                                                                                        • Scheduling policies do not take effect on add-on pods of the DaemonSet type.
                                                                                        • When configuring multi-AZ deployment or node affinity, ensure that there are nodes meeting the scheduling policy and that resources are sufficient in the cluster. Otherwise, the add-on cannot run.
                                                                                        
 
                                                                                        
 
-
                                                                                        Table 1 Configurations for add-on scheduling
                                                                                        Parameter
                                                                                        
+
                                                                                        
-
-
-
-
-
-
-
@@ -87,7 +87,7 @@
 
@@ -112,7 +112,7 @@
 
@@ -237,7 +237,7 @@
 
-
@@ -271,7 +271,7 @@
 
                                                                                        Typical scenario: When creating a node, a user configures two data disks as an ephemeral volume storage pool. Some data disks are deleted by mistake. As a result, the storage pool becomes abnormal.
                                                                                        Table 1 Configurations for add-on scheduling
                                                                                        Parameter
                                                                                        
 
                                                                                        Description
                                                                                        
+
                                                                                        Description
                                                                                        
                                                                                         		
 
                                                                                        
 
                                                                                        Multi-AZ Deployment
                                                                                        
+
                                                                                        Multi-AZ Deployment
                                                                                        
 
                                                                                        • Preferred: Deployment pods of the add-on will be preferentially scheduled to nodes in different AZs. If all the nodes in the cluster are deployed in the same AZ, the pods will be scheduled to different nodes in that AZ.
                                                                                        • Equivalent mode: Deployment pods of the add-on are evenly scheduled to the nodes in the cluster in each AZ. If a new AZ is added, you are advised to increase add-on pods for cross-AZ HA deployment. With the Equivalent multi-AZ deployment, the difference between the number of add-on pods in different AZs will be less than or equal to 1. If resources in one of the AZs are insufficient, pods cannot be scheduled to that AZ.
                                                                                        • Forcible: Deployment pods of the add-on are forcibly scheduled to nodes in different AZs. There can be at most one pod in each AZ. If nodes in a cluster are not in different AZs, some add-on pods cannot run properly. If a node is faulty, add-on pods on it may fail to be migrated.
                                                                                        
+
                                                                                        • Preferred: Deployment pods of the add-on will be preferentially scheduled to nodes in different AZs. If all the nodes in the cluster are deployed in the same AZ, the pods will be scheduled to different nodes in that AZ.
                                                                                        • Equivalent mode: Deployment pods of the add-on are evenly scheduled to the nodes in the cluster in each AZ. If a new AZ is added, you are advised to increase add-on pods for cross-AZ HA deployment. With the Equivalent multi-AZ deployment, the difference between the number of add-on pods in different AZs will be less than or equal to 1. If resources in one of the AZs are insufficient, pods cannot be scheduled to that AZ.
                                                                                        • Forcible: Deployment pods of the add-on are forcibly scheduled to nodes in different AZs. There can be at most one pod in each AZ. If nodes in a cluster are not in different AZs, some add-on pods cannot run properly. If a node is faulty, add-on pods on it may fail to be migrated.
                                                                                        
                                                                                         		
 
                                                                                        Node Affinity
                                                                                        
+
                                                                                        Node Affinity
                                                                                        
 
                                                                                        • Not configured: Node affinity is disabled for the add-on.
                                                                                        • Specify node: Specify the nodes where the add-on is deployed. If you do not specify the nodes, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                        • Specify node pool: Specify the node pool where the add-on is deployed. If you do not specify the node pools, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                        • Customize affinity: Enter the labels of the nodes where the add-on is to be deployed for more flexible scheduling policies. If you do not specify node labels, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                          If multiple custom affinity policies are configured, ensure that there are nodes that meet all the affinity policies in the cluster. Otherwise, the add-on cannot run.
                                                                                          
+
                                                                                        • Not configured: Node affinity is disabled for the add-on.
                                                                                        • Specify node: Specify the nodes where the add-on is deployed. If you do not specify the nodes, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                        • Specify node pool: Specify the node pool where the add-on is deployed. If you do not specify the node pools, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                        • Customize affinity: Enter the labels of the nodes where the add-on is to be deployed for more flexible scheduling policies. If you do not specify node labels, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                          If multiple custom affinity policies are configured, ensure that there are nodes that meet all the affinity policies in the cluster. Otherwise, the add-on cannot run.
                                                                                          
 
                                                                                        
                                                                                         		
 
                                                                                        Toleration
                                                                                        
+
                                                                                        Toleration
                                                                                        
 
                                                                                        Using both taints and tolerations allows (not forcibly) the add-on Deployment to be scheduled to a node with the matching taints, and controls the Deployment eviction policies after the node where the Deployment is located is tainted.
                                                                                        
+
                                                                                        Using both taints and tolerations allows (not forcibly) the add-on Deployment to be scheduled to a node with the matching taints, and controls the Deployment eviction policies after the node where the Deployment is located is tainted.
                                                                                        
 
                                                                                        The add-on adds the default tolerance policy for the node.kubernetes.io/not-ready and node.kubernetes.io/unreachable taints, respectively. The tolerance time window is 60s.
                                                                                        
 
                                                                                        For details, see Configuring Tolerance Policies.
                                                                                        
 
                                                                                        OOMKilling
                                                                                        
                                                                                         		
 
                                                                                        Listen to the kernel logs and check whether OOM events occur and are reported.
                                                                                        
-
                                                                                        Typical scenario: When the memory usage of a process in a container exceeds the limit, OOM is triggered and the process is terminated.
                                                                                        
+
                                                                                        Typical scenario: The memory used by the process in the container exceeds the limit, triggering OOM and terminating the process.
                                                                                        
                                                                                         		
 
                                                                                        Warning event
                                                                                        
 
                                                                                        Listening object: /dev/kmsg
                                                                                        
@@ -100,7 +100,7 @@
 
                                                                                        Typical scenario: Disk I/O suspension causes process suspension.
                                                                                        
                                                                                         		
 
                                                                                        Warning event
                                                                                        
-
                                                                                        Listening object: /dev/kmsg
                                                                                        
+
                                                                                        Listening object: /dev/kmsg
                                                                                        
 
                                                                                        Matching rule: "task \\S+:\\w+ blocked for more than \\w+ seconds\\."
                                                                                        
                                                                                         		
 
                                                                                        
 
 
                                                                                        Warning event
                                                                                        
-
                                                                                        Listening object: /dev/kmsg
                                                                                        
+
                                                                                        Listening object: /dev/kmsg
                                                                                        
 
                                                                                        Matching rule: Remounting filesystem read-only
                                                                                        
                                                                                         		
 
                                                                                        
 
                                                                                        Check whether PID process resources are exhausted.
                                                                                        
 
                                                                                        • Default threshold: 90%
                                                                                        • Usage: denominator of the fourth value in /proc/loadavg, which indicates the total number of processes that can run
                                                                                        • Maximum value: smaller value between /proc/sys/kernel/pid_max and /proc/sys/kernel/threads-max.
                                                                                        
+
                                                                                        • Default threshold: 90%
                                                                                        • Usage: denominator of the fourth value in /proc/loadavg, which indicates the total number of processes that can run
                                                                                        • Maximum value: smaller value between /proc/sys/kernel/pid_max and /proc/sys/kernel/threads-max.
                                                                                        
                                                                                         		
 
                                                                                        
                                                                                         
 
 
                                                                                        • Detection period: 30s
                                                                                        • Source:
                                                                                          vgs -o vg_name, vg_attr
                                                                                          
-
                                                                                        • Principle: Check whether the VG (storage pool) is in the P state. If yes, some PVs (data disks) are lost.
                                                                                        • Joint scheduling: The scheduler can automatically identify a PV storage pool error and prevent pods that depend on the storage pool from being scheduled to the node.
                                                                                        • Exceptional scenario: The NPD add-on cannot detect the loss of all PVs (data disks), resulting in the loss of VGs (storage pools). In this case, kubelet automatically isolates the node, detects the loss of VGs (storage pools), and updates the corresponding resources in nodestatus.allocatable to 0. This prevents pods that depend on the storage pool from being scheduled to the node. The damage of a single PV cannot be detected by this check item, but by the ReadonlyFilesystem check item.
                                                                                        
+
                                                                                      6. Principle: Check whether the VG (storage pool) is in the P state. If yes, some PVs (data disks) are lost.
                                                                                      7. Joint scheduling: The scheduler can automatically identify a PV storage pool error and prevent pods that depend on the storage pool from being scheduled to the node.
                                                                                      8. Exceptional scenario: The NPD add-on cannot detect the loss of all PVs (data disks), resulting in the loss of VGs (storage pools). In this case, kubelet automatically isolates the node, detects the loss of VGs (storage pools), and updates the corresponding resources in nodestatus.allocatable to 0. This prevents pods that depend on the storage pool from being scheduled to the node. The damage of a single PV cannot be detected by this check item, but by the ReadonlyFilesystem check item.
                                                                                        9. 
                                                                                         		
 
                                                                                        
 
                                                                                        PV storage pool error
                                                                                        
@@ -286,7 +286,7 @@
 
                                                                                        MountPointProblem
                                                                                        
                                                                                         		
 
                                                                                        Check the mount point on the node.
                                                                                        
-
                                                                                        Definition: You cannot access the mount point by running the cd command.
                                                                                        
+
                                                                                        Definition: You cannot access the mount point by running the cd command.
                                                                                        
 
                                                                                        Typical scenario: Network File System (NFS), for example, obsfs and s3fs is mounted to a node. When the connection is abnormal due to network or peer NFS server exceptions, all processes that access the mount point are suspended. For example, during a cluster upgrade, a kubelet is restarted, and all mount points are scanned. If the abnormal mount point is detected, the upgrade fails.
                                                                                        
                                                                                         		
 
                                                                                        Alternatively, you can run the following command:
                                                                                        
@@ -468,12 +468,12 @@
 
 
 
                                                                                        Viewing NPD Events
                                                                                        Events reported by the NPD add-on can be queried on the Nodes page.
                                                                                        
-
                                                                                        1. Log in to the CCE console.
                                                                                        2. Click the cluster name to access the cluster console. Choose Nodes in the navigation pane.
                                                                                        3. Locate the row that contains the target node, and click View Events.
                                                                                        
+
                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                        2. In the navigation pane, choose Nodes. In the right pane, click the Nodes tab, locate the row containing the target node, and click View Events in the Operation column.
                                                                                        
 
                                                                                        
 
                                                                                        Collecting Prometheus Metrics
                                                                                        The NPD daemon pod exposes Prometheus metric data on port 19901. By default, the NPD pod is added with the annotation metrics.alpha.kubernetes.io/custom-endpoints: '[{"api":"prometheus","path":"/metrics","port":"19901","names":""}]'. You can build a Prometheus collector to identify and obtain NPD metrics from http://{{NpdPodIP}}:{{NpdPodPort}}/metrics.
                                                                                        
 
                                                                                         
                                                                                        If the NPD add-on version is earlier than 1.16.5, the exposed port of Prometheus metrics is 20257.
                                                                                        
 
                                                                                        
-
                                                                                        Currently, the metric data includes problem_counter and problem_gauge, as shown below.
                                                                                        
+
                                                                                        The metric data includes problem_counter and problem_gauge, as shown below.
                                                                                        
 
                                                                                        # HELP problem_counter Number of times a specific type of problem have occurred.
 # TYPE problem_counter counter
 problem_counter{reason="DockerHung"} 0
@@ -488,8 +488,8 @@ problem_gauge{reason="CRIIsDown",type="CRIProblem"} 0
 problem_gauge{reason="CRIIsUp",type="CRIProblem"} 0
 ..
                                                                                        
 
                                                                                        
-
                                                                                        Change History
                                                                                        
-
                                                                                        Table 10 Release history
                                                                                        Add-on Version
                                                                                        
+
                                                                                        Release History
                                                                                        
+
                                                                                        
@@ -499,7 +499,22 @@ problem_gauge{reason="CRIIsUp",type="CRIProblem"} 0
 
-
+
+
+
+
+
                                                                                        Table 10 CCE Node Problem Detector add-on
                                                                                        Add-on Version
                                                                                        
                                                                                         		
 
                                                                                        Supported Cluster Version
                                                                                        
                                                                                         		
 
                                                                                        
 
                                                                                        1.19.20
                                                                                        
+
                                                                                        1.19.25
                                                                                        
+
                                                                                        v1.25
                                                                                        
+
                                                                                        v1.27
                                                                                        
+
                                                                                        v1.28
                                                                                        
+
                                                                                        v1.29
                                                                                        
+
                                                                                        v1.30
                                                                                        
+
                                                                                        v1.31
                                                                                        
+
                                                                                        v1.32
                                                                                        
+
                                                                                        CCE clusters v1.32 are supported.
                                                                                        
+
                                                                                        0.8.10
                                                                                        
+
                                                                                        1.19.20
                                                                                        
                                                                                         		
 
                                                                                        v1.25
                                                                                        
 
                                                                                        v1.27
                                                                                        
diff --git a/docs/cce/umn/cce_10_0140.html b/docs/cce/umn/cce_10_0140.html
index 9274e77a7..5981722aa 100644
--- a/docs/cce/umn/cce_10_0140.html
+++ b/docs/cce/umn/cce_10_0140.html
@@ -1,9 +1,11 @@
 
 
-
                                                                                        Connecting to a Cluster
                                                                                        
+
                                                                                        Accessing a Cluster
                                                                                        
 
                                                                                        
 
                                                                                        
 
                                                                                          
+
                                                                                        • Cluster Access Overview
                                                                                          
+
                                                                                          • 
 
                                                                                        • Accessing a Cluster Using kubectl
                                                                                          
 
                                                                                          • 
 
                                                                                        • Accessing a Cluster Using an X.509 Certificate
                                                                                          
diff --git a/docs/cce/umn/cce_10_0141.html b/docs/cce/umn/cce_10_0141.html
index 293003e11..3787ad09d 100644
--- a/docs/cce/umn/cce_10_0141.html
+++ b/docs/cce/umn/cce_10_0141.html
@@ -1,22 +1,29 @@
 
 
 
                                                                                          CCE AI Suite (NVIDIA GPU)
                                                                                          
-
                                                                                          Introduction
                                                                                          NVIDIA GPU is a device management add-on that supports GPUs in containers. To use GPU nodes in a cluster, this add-on must be installed.
                                                                                          
+
                                                                                          
+
                                                                                          Introduction
                                                                                          The CCE AI Suite (NVIDIA GPU) add-on helps you use and manage GPUs in your clusters. It supports access to GPUs in containers and helps you efficiently run and maintain GPU-based compute-intensive workloads in cloud native environments. With this add-on, both CCE standard and Turbo clusters can handle GPU scheduling, install drivers automatically, manage runtimes, and monitor performance. This means you get full support for GPU workloads throughout their entire lifecycle. To run GPU nodes in a cluster, you must install this add-on.
                                                                                          
 
                                                                                          
-
                                                                                          Notes and Constraints
                                                                                          • The driver to be downloaded must be a .run file.
                                                                                          • Only NVIDIA Tesla drivers are supported, not GRID drivers.
                                                                                          • When installing or reinstalling the add-on, ensure that the driver download address is correct and accessible. CCE does not verify the address validity.
                                                                                          • The gpu-beta add-on only enables you to download the driver and execute the installation script. The add-on status only indicates that how the add-on is running, not whether the driver is successfully installed.
                                                                                          • CCE does not guarantee the compatibility between the GPU driver version and the CUDA library version of your application. You need to check the compatibility by yourself.
                                                                                          • If a custom OS image has had a GPU driver installed, CCE cannot ensure that the GPU driver is compatible with other GPU components such as the monitoring components used in CCE.
                                                                                          
+
                                                                                          How nvidia-gpu-device-plugin Works
                                                                                          nvidia-gpu-device-plugin is one of the core components of CCE AI Suite (NVIDIA GPU). As a bridge between the container platform and GPU hardware, nvidia-gpu-device-plugin abstracts physical GPUs into resources that can be identified and scheduled by the container platform. This addresses the GPU allocation and usage problems in containerized environments.
                                                                                          
+
                                                                                          This component runs as a DaemonSet so that the GPUs on every node can be identified by kubelet and reported to Kubernetes. You only need to declare the GPU resource requests in pod specs to use the GPUs on nodes. kubelet does not automatically detect GPU devices on its own. Instead, it relies on nvidia-gpu-device-plugin to register and report GPU information. nvidia-gpu-device-plugin runs on every GPU node and uses the gRPC protocol to communicate with kubelet Device Plugin Manager and complete the registration. The workflow is shown below.
                                                                                          Figure 1 GPU resource reporting and health
                                                                                          
+
                                                                                          1. Sending a registration request: nvidia-gpu-device-plugin sends a registration request to kubelet as a client along with:
                                                                                            • Device name (nvidia.com/gpu): identifies the type of hardware resource managed by the add-on for kubelet to identify and schedule.
                                                                                            • Unix socket: enables local gRPC communication between the component and kubelet to ensure that kubelet can properly call the correct services.
                                                                                            • API version: specifies the version of the Device Plugin API protocol. It ensures that the communication protocols of both parties are compatible.
                                                                                            
+
                                                                                          2. Starting a service: After registration, nvidia-gpu-device-plugin starts a gRPC server to provide services for external systems. The gRPC server handles kubelet requests, including device list queries, health status reporting, and resource allocation. The listening address (Unix socket path) of the gRPC server and supported Device Plugin API version have been reported to kubelet during registration. This ensures that kubelet can properly establish connections and call the correct APIs based on the registration information.
                                                                                          3. Health monitoring: After the gRPC server is started, kubelet establishes a persistent connection with nvidia-gpu-device-plugin through the ListAndWatch API to continuously listen to the device IDs and their health. If a device becomes unhealthy, nvidia-gpu-device-plugin reports the error to kubelet through the connection.
                                                                                          4. Information reporting: kubelet integrates the device information into the node statuses and reports resource details such as the number of devices to Kubernetes API server. The scheduler (kube-scheduler or Volcano) uses these details to make scheduling decisions.
                                                                                          5. Persistent storage: CCE stores the GPU device information (such as quantity and status) reported by nodes in etcd for cluster-level resource persistence. This ensures that GPU data can be kept after a cluster component is faulty or restarted, and provides consistent data sources for components such as the scheduler and controller, ensuring reliability of resource scheduling and management.
                                                                                          
 
                                                                                          
-
                                                                                          Installing the Add-on
                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Add-ons, locate CCE AI Suite (NVIDIA GPU) on the right, and click Install.
                                                                                          2. Determine whether to enable Use DCGM-Exporter to Observe DCGM Metrics. After this function is enabled, DCGM-Exporter is deployed on the GPU node.
                                                                                             
                                                                                            If the add-on version is 2.7.40 or later, DCGM-Exporter can be deployed. DCGM-Exporter maintains the community capability and does not support the sharing mode or GPU virtualization.
                                                                                            
+
                                                                                            
+
                                                                                            Notes and Constraints
                                                                                            • The driver to be downloaded must be a .run file.
                                                                                            • Only NVIDIA Tesla drivers are supported, not GRID drivers.
                                                                                            • When installing or reinstalling the add-on, ensure that the driver download address is correct and accessible. CCE does not verify the address validity.
                                                                                            • This add-on only enables you to download the driver and execute the installation script. The add-on status only indicates that how the add-on is running, not whether the driver is successfully installed.
                                                                                            • CCE does not guarantee the compatibility between the GPU driver version and the CUDA library version of your application. You need to check the compatibility by yourself.
                                                                                            • If a custom OS image has had a GPU driver installed, CCE cannot ensure that the GPU driver is compatible with other GPU components such as the monitoring components used in CCE.
                                                                                            
+
                                                                                            
+
                                                                                            Installing the Add-on
                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                            2. In the navigation pane, choose Add-ons. In the right pane, find the CCE AI Suite (NVIDIA GPU) add-on and click Install.
                                                                                            3. Determine whether to enable Use DCGM-Exporter to Observe DCGM Metrics. After this function is enabled, DCGM-Exporter is deployed on the GPU node.
                                                                                               
                                                                                              If the add-on version is 2.7.40 or later, DCGM-Exporter can be deployed. DCGM-Exporter maintains the community capability and does not support the sharing mode or GPU virtualization.
                                                                                              
 
                                                                                              
 
                                                                                            4. Configure the add-on parameters.
                                                                                              
-
                                                                                              Table 1 Add-on parameters
                                                                                              Parameter
                                                                                              
+
                                                                                              
-
-
-
@@ -31,207 +38,369 @@
 
                                                                                              Verifying the Add-on
                                                                                              After the add-on is installed, run the nvidia-smi command on the GPU node and the container that schedules GPU resources to verify the availability of the GPU device and driver.
                                                                                              
-
                                                                                              • GPU node:
                                                                                                # If the add-on version is earlier than 2.0.0, run the following command:
-cd /opt/cloud/cce/nvidia/bin && ./nvidia-smi
-
-# If the add-on version is 2.0.0 or later and the driver installation path is changed, run the following command:
-cd /usr/local/nvidia/bin && ./nvidia-smi
                                                                                                
-
                                                                                              • Container:
                                                                                                cd /usr/local/nvidia/bin && ./nvidia-smi
                                                                                                
+
                                                                                                • GPU node:
                                                                                                  • If the add-on version is earlier than 2.0.0, run the following command:
                                                                                                    cd /opt/cloud/cce/nvidia/bin && ./nvidia-smi
                                                                                                    
+
                                                                                                  • If the add-on version is 2.0.0 or later, run the following command:
                                                                                                    cd /usr/local/nvidia/bin && ./nvidia-smi
                                                                                                    
+
                                                                                                  
+
                                                                                                • Container:
                                                                                                  • If the cluster version is v1.27 or earlier, run the following command:
                                                                                                    cd /usr/local/nvidia/bin && ./nvidia-smi
                                                                                                    
+
                                                                                                  • If the cluster version is v1.28 or later, run the following command:
                                                                                                    cd /usr/bin && ./nvidia-smi
                                                                                                    
+
                                                                                                  
 
                                                                                                
 
                                                                                                If GPU information is returned, the device is available and the add-on has been installed.
                                                                                                
-
                                                                                                
+
                                                                                                
 
                                                                                              
-
                                                                                              Obtaining the Driver Link from Public Network
                                                                                              1. Log in to the CCE console.
                                                                                              2. Create a node. In the Specifications area, select the GPU node flavor. The GPU card models are displayed in the lower part of the area.
                                                                                                
-
                                                                                              1. Log in to the NVIDIA driver download page and search for the driver information. The OS must be Linux 64-bit.
                                                                                                Figure 1 Selecting parameters
                                                                                                
-
                                                                                              2. After confirming the driver information, click Find. On the displayed page, find the driver to be downloaded and click View.
                                                                                                Figure 2 Viewing the driver information
                                                                                                
-
                                                                                              3. Click Download and copy the download link.
                                                                                                Figure 3 Obtaining the link
                                                                                                
+
                                                                                                Managing the Add-on
                                                                                                Once the add-on is installed, you can upgrade or roll back it as needed. Before upgrading or rolling back the CCE AI Suite (NVIDIA GPU) add-on, make sure there are no GPU virtualization workloads running on the GPU node. If the GPU node has GPU virtualization workloads, when you upgrade or roll back the add-on, you need to drain the GPU node.
                                                                                                
+
                                                                                                
+
                                                                                                Upgrading the Add-on
                                                                                                CCE regularly launches new add-on versions to update features, improve performance, and address bugs. The upgrade procedure is as follows:
                                                                                                
+
                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                2. In the navigation pane, choose Add-ons. In the right pane, find the CCE AI Suite (NVIDIA GPU) add-on and click Upgrade.
                                                                                                3. In the window that slides out from the right, click the version number next to Add-on Versions and select the target version from the drop-down list. Set other parameters as required. For details, see Installing the Add-on. If you need to change the Default Cluster Driver setting, manually restart the GPU node after the add-on upgrade is complete. For details, see "Upgrading a GPU Driver."
                                                                                                  After all parameters are configured, click OK in the lower right corner. If the add-on status transitions from Upgrading to Running, the upgrade is successful.
                                                                                                  
+
                                                                                                  
+
                                                                                                
+
                                                                                                
+
                                                                                                Rolling Back the Add-on
                                                                                                If an add-on upgrade fails or any other exceptions occur, you have the option to roll back the add-on to the source version. After an add-on rollback, the virtualization and driver configurations of node pools remain unchanged and are not reverted. The add-on rollback feature has specific requirements based on the cluster and add-on versions.
                                                                                                
+
                                                                                                • If the cluster version is v1.28 or later, only add-on of 2.7.35 or later versions can be rolled back. (The source version must be later than 2.7.13).
                                                                                                • If the cluster version is v1.27 or earlier, only add-on of 2.1.19 or later versions can be rolled back. (The source version must be later than 2.1.8).
                                                                                                
+
                                                                                                 
                                                                                                If you have modified the add-on startup parameters, check and delete the custom parameters before the rollback. If you do not perform these operations, the rollback may fail because the target version does not support these parameters.
                                                                                                
+
                                                                                                
+
                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                2. In the navigation pane, choose Add-ons. In the right pane, find the CCE AI Suite (NVIDIA GPU) add-on and choose More > Roll Back.
                                                                                                3. In the Roll Back Add-on dialog box displayed, check that the target version is correct and click Yes. If the add-on status transitions from Rolling back to Running, the rollback is successful.
                                                                                                  
+
                                                                                                
+
                                                                                                
+
                                                                                                Upgrading a GPU Driver
                                                                                                When the CUDA library in use is incompatible with an NVIDIA driver version, the associated GPU node becomes unavailable. To resolve this, you need to upgrade the driver version. Both CCE standard and Turbo clusters provide support for driver upgrades at the cluster and node pool levels. This section covers the procedure for upgrading a cluster driver. For details about how to upgrade a node pool driver, see Upgrading the Driver Version of a GPU Node Using a Node Pool.
                                                                                                
+
                                                                                                Upgrading the NVIDIA driver of a cluster involves reinstalling the driver during the node restart. After specifying the desired cluster driver version on the console, you must manually restart the GPU node. To do so, perform the following operations:
                                                                                                
+
                                                                                                1. Specify the cluster driver version. You can specify the cluster driver version through either of the following ways:
                                                                                                  • Upgrading the add-on: In the navigation pane, choose Add-ons. In the right pane, find the CCE AI Suite (NVIDIA GPU) add-on and click Upgrade. In the window that slides out from the right, change the value of Cluster Default Driver to a proper one, for example, 535.216.03, and click OK.
                                                                                                  • Editing the add-on: In the navigation pane, choose Add-ons. In the right pane, find the CCE AI Suite (NVIDIA GPU) add-on and click Edit. In the window that slides out from the right, change the value of Cluster Default Driver to a proper one, for example, 535.216.03, and click OK.
                                                                                                  • Configuring heterogeneous resources: In the navigation pane, choose Settings. In the right pane, click the Heterogeneous Resources tab, change the value of Cluster Default Driver to a proper one, for example, 535.216.03, and click Confirm Settings.
                                                                                                  
+
                                                                                                2. Perform rolling restart on the GPU node and install the driver of the specified version. Evict pods on the GPU node before restarting the node. For details, see Draining a Node. When draining a GPU node, make sure to reserve enough GPU resources on other nodes to meet pod scheduling needs. This helps avoid pod scheduling issues due to inadequate resources and ensures smooth service operation.
                                                                                                  1. In the navigation pane, choose Nodes. In the right pane, click the Nodes tab and view all GPU nodes.
                                                                                                  2. Click the GPU node name. On the page displayed, click Restart in the upper right corner. After the GPU node is restarted, wait for 5 to 10 minutes for the driver installation to complete. You can check the CCE AI Suite (NVIDIA GPU) add-on status to see whether the driver has been installed. If the add-on status changes to Running, the driver has been installed.
                                                                                                  
+
                                                                                                3. Log in to the node, verify the version of the driver installed on it, and confirm that the GPU node driver upgrade was successful. The command for obtaining a driver version varies based on the CCE AI Suite (NVIDIA GPU) version.
                                                                                                  • For v1.x.x, run the following command:
                                                                                                    /opt/cloud/cce/nvidia/bin/nvidia-smi
                                                                                                    
+
                                                                                                  • For v2.0.0 through v2.5.3, run the following command:
                                                                                                    /usr/local/nvidia/bin/nvidia-smi
                                                                                                    
+
                                                                                                  • For versions later than v2.5.4, run the following command:
                                                                                                    nvidia-smi
                                                                                                    
+
                                                                                                  
+
                                                                                                  The following command output is displayed. The node driver version is 535.216.03 and matches the specified version. This indicates that the upgrade has been completed.
                                                                                                  
+
                                                                                                  
+
                                                                                                  Once you have verified that the node and services are operating properly, follow the preceding steps again to perform a restart of the remaining GPU nodes within the cluster.
                                                                                                  
+
                                                                                                
+
                                                                                                
+
                                                                                                Supported GPU Drivers
                                                                                                 
                                                                                                • The list of supported GPU drivers applies only to CCE AI Suite (NVIDIA GPU) of v1.2.28 or later.
                                                                                                • To use the latest GPU driver, upgrade your CCE AI Suite (NVIDIA GPU) to the latest version.
                                                                                                • The compatibility of the OSs, GPU drivers, and GPU models listed in Table 2 has been tested and verified. To ensure excellent performance and stability, use these GPU drivers. If the deployment is performed in an unverified environment, perform full tests based on the environment to ensure the compatibility and stability.
                                                                                                • NVIDIA no longer provides updates or security patches for GPU drivers that have reached their end of life (EOL). For details, see Driver Lifecycle. For example, a Production Branch (PB) provides one-year support from the date of release, and a Long-Term Support Branch (LTSB) provides three-year support.
                                                                                                  According to this policy, CCE does not provide technical support for GPU drivers that have reached EOL, including driver installation and updates. The following drivers have reached EOL: 510.47.03, 470.141.03, and 470.57.02.
                                                                                                  
+
                                                                                                • When installing a GPU driver on Ubuntu, pay attention to the OS version. For details, see Table 3. For more information, see NVIDIA Driver Documentation.
                                                                                                
+
                                                                                                
+
+
                                                                                              Table 1 Add-on parameters
                                                                                              Parameter
                                                                                              
 
                                                                                              Description
                                                                                              
+
                                                                                              Description
                                                                                              
                                                                                               		
 
                                                                                              
 
                                                                                              Default Cluster Driver
                                                                                              
+
                                                                                              Default Cluster Driver
                                                                                              
 
                                                                                              All GPU nodes in a cluster use the same driver. You can select a proper GPU driver version or customize the driver link and enter the download link of the NVIDIA driver.
                                                                                               NOTICE: 
                                                                                              • If the download link is a public network address, for example, https://us.download.nvidia.com/tesla/470.103.01/NVIDIA-Linux-x86_64-470.103.01.run, bind an EIP to each GPU node. For details about how to obtain the driver link, see Obtaining the Driver Link from Public Network.
                                                                                              • If the download link is an OBS URL, you do not need to bind an EIP to GPU nodes. For details about how to obtain the driver link, see Obtaining the Driver Link from OBS.
                                                                                              • Ensure that the NVIDIA driver version matches the GPU node. 
                                                                                              • If the driver version is changed, restart the node to apply the change.
                                                                                              
+
                                                                                              All GPU nodes in a cluster use the same driver. You can select a proper GPU driver version or customize the driver link and enter the download link of the NVIDIA driver.
                                                                                               NOTICE: 
                                                                                              • If the download link is a public network address, for example, https://us.download.nvidia.com/tesla/470.103.01/NVIDIA-Linux-x86_64-470.103.01.run, bind an EIP to each GPU node. For details about how to obtain the driver link, see Obtaining a Driver Link from the Internet.
                                                                                              • If the download link is an OBS URL, you do not need to bind an EIP to GPU nodes. For details about how to obtain the driver link, see Obtaining a Driver Link from the OBS Link.
                                                                                              • Ensure that the NVIDIA driver version matches the GPU node. 
                                                                                              • If the driver version is changed, restart the node to apply the change.
                                                                                              
 
                                                                                              
 
                                                                                              
                                                                                               		
 
 
                                                                                              
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                              Table 2 Supported GPU drivers
                                                                                              GPU Model
                                                                                              
+
                                                                                              Supported Cluster Type
                                                                                              
+
                                                                                              Specification
                                                                                              
+
                                                                                              HCE OS 2.0
                                                                                              
+
                                                                                              Ubuntu 22.04
                                                                                              
+
                                                                                              EulerOS release 2.9
                                                                                              
+
                                                                                              Tesla T4
                                                                                              
+
                                                                                              CCE standard cluster
                                                                                              
+
                                                                                              g6
                                                                                              
+
                                                                                              pi2
                                                                                              
+
                                                                                              535.216.03
                                                                                              
+
                                                                                              535.161.08
                                                                                              
+
                                                                                              535.54.03
                                                                                              
+
                                                                                              510.47.03
                                                                                              
+
                                                                                              470.57.02
                                                                                              
+
                                                                                              535.216.03
                                                                                              
+
                                                                                              535.161.08
                                                                                              
+
                                                                                              535.54.03
                                                                                              
+
                                                                                              535.54.03
                                                                                              
+
                                                                                              470.141.03
                                                                                              
+
                                                                                              Tesla V100
                                                                                              
+
                                                                                              CCE standard cluster
                                                                                              
+
                                                                                              p2s
                                                                                              
+
                                                                                              p2vs
                                                                                              
+
                                                                                              p2v
                                                                                              
+
                                                                                              535.216.03
                                                                                              
+
                                                                                              535.161.08
                                                                                              
+
                                                                                              535.54.03
                                                                                              
+
                                                                                              510.47.03
                                                                                              
+
                                                                                              470.57.02
                                                                                              
+
                                                                                              535.216.03
                                                                                              
+
                                                                                              535.161.08
                                                                                              
+
                                                                                              535.54.03
                                                                                              
+
                                                                                              535.54.03
                                                                                              
+
                                                                                              470.141.03
                                                                                              
+
                                                                                              
+
                                                                                              
+
+
                                                                                              
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                              Table 3 Mapping between GPU driver versions and OS versions
                                                                                              Driver Version
                                                                                              
+
                                                                                              Ubuntu 22.04
                                                                                              
+
                                                                                              535.216.03
                                                                                              
+
                                                                                              Ubuntu 22.04.z LTS (where z ≤ 4)
                                                                                              
+
                                                                                              535.161.08
                                                                                              
+
                                                                                              Ubuntu 22.04.z LTS (where z ≤ 3)
                                                                                              
+
                                                                                              535.54.03
                                                                                              
+
                                                                                              Ubuntu 22.04.z LTS (where z ≤ 2)
                                                                                              
+
                                                                                              510.47.03
                                                                                              
+
                                                                                              Not supported
                                                                                              
+
                                                                                              470.141.03
                                                                                              
+
                                                                                              Not supported
                                                                                              
+
                                                                                              470.57.02
                                                                                              
+
                                                                                              Not supported
                                                                                              
+
                                                                                              
+
                                                                                              
+
                                                                                              
+
+
                                                                                              Obtaining a Driver Link from the Internet
                                                                                              1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                              2. Create a node. In the Specifications area, select the GPU node flavor. The GPU card models are displayed in the lower part of the area.
                                                                                                
+
                                                                                              1. Log in to the NVIDIA driver download page and search for the driver information. The OS must be Linux 64-bit.
                                                                                                Figure 2 Selecting parameters
                                                                                                
+
                                                                                              2. After confirming the driver information, click Find. On the displayed page, find the driver to be downloaded and click View.
                                                                                                Figure 3 Viewing the driver information
                                                                                                
+
                                                                                              3. Click Download and copy the download link.
                                                                                                Figure 4 Obtaining the link
                                                                                                
 
                                                                                              
 
                                                                                              
-
                                                                                              Obtaining the Driver Link from OBS
                                                                                              1. Upload the driver to OBS and set the driver file to public read. 
                                                                                                 
                                                                                                When the node is restarted, the driver will be downloaded and installed again. Ensure that the OBS bucket link of the driver is valid.
                                                                                                
+
                                                                                                Obtaining a Driver Link from the OBS Link
                                                                                                1. Upload the driver to OBS and set the driver file to public read. 
                                                                                                   
                                                                                                  When the node is restarted, the driver will be downloaded and installed again. Ensure that the OBS bucket link of the driver is valid.
                                                                                                  
 
                                                                                                  
 
                                                                                                2. In the bucket list, click a bucket name, and then the Overview page of the bucket is displayed.
                                                                                                3. In the navigation pane, choose Objects.
                                                                                                4. Select the name of the target object and copy the driver link on the object details page.
                                                                                                
 
                                                                                                
 
                                                                                                Components
                                                                                                
-
                                                                                                Table 2 Add-on components
                                                                                                Component
                                                                                                
+
                                                                                                
-
-
-
-
-
-
-
-
-
-
-
                                                                                                Table 4 Add-on components
                                                                                                Component
                                                                                                
 
                                                                                                Description
                                                                                                
+
                                                                                                Description
                                                                                                
 
                                                                                                Resource Type
                                                                                                
+
                                                                                                Resource Type
                                                                                                
                                                                                                 		
 
                                                                                                
 
                                                                                                nvidia-driver-installer
                                                                                                
+
                                                                                                nvidia-driver-installer
                                                                                                
 
                                                                                                A workload for installing the NVIDIA GPU driver on a node, which only uses resources during the installation process (Once the installation is finished, no resources are used.)
                                                                                                
+
                                                                                                A workload for installing the NVIDIA GPU driver on a node, which only uses resources during the installation process (Once the installation is finished, no resources are used.)
                                                                                                
 
                                                                                                DaemonSet
                                                                                                
+
                                                                                                DaemonSet
                                                                                                
                                                                                                 		
 
                                                                                                nvidia-gpu-device-plugin
                                                                                                
+
                                                                                                nvidia-gpu-device-plugin
                                                                                                
 
                                                                                                A Kubernetes device plugin that provides NVIDIA GPU heterogeneous compute for containers
                                                                                                
+
                                                                                                A Kubernetes device plugin that provides NVIDIA GPU heterogeneous compute for containers
                                                                                                
 
                                                                                                DaemonSet
                                                                                                
+
                                                                                                DaemonSet
                                                                                                
                                                                                                 		
 
                                                                                                nvidia-operator
                                                                                                
+
                                                                                                nvidia-operator
                                                                                                
 
                                                                                                A component that provides NVIDIA GPU node management capabilities for clusters
                                                                                                
+
                                                                                                A component that provides NVIDIA GPU node management capabilities for clusters
                                                                                                
 
                                                                                                Deployment
                                                                                                
+
                                                                                                Deployment
                                                                                                
                                                                                                 		
 
                                                                                                
                                                                                                 
 
                                                                                                
 
                                                                                                
 
-
                                                                                                GPU Metrics
                                                                                                For more details, see GPU Metrics.
                                                                                                
+
                                                                                                Helpful Links
                                                                                                • CCE AI Suite (NVIDIA GPU) provides GPU monitoring metrics. For details about GPU metrics, see GPU Metrics.
                                                                                                
 
                                                                                                
-
                                                                                                Change History
                                                                                                
-
                                                                                                
@@ -60,11 +60,11 @@
 
-
                                                                                                Uploading a Chart
                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console. Choose App Templates in the navigation pane and click Upload Chart in the upper right corner.
                                                                                                2. Click Select File, select the chart to be uploaded, and click Upload.
                                                                                                   
                                                                                                  When you upload a chart, the naming rule of the OBS bucket is changed from cce-charts-{region}-{domain_name} to cce-charts-{region}-{domain_id}. In the old naming rule, the system converts the domain_name value into a Base64 string and uses the first 63 characters. If you cannot find the chart in the OBS bucket with the new name, search for the bucket with the old name.
                                                                                                  
+
                                                                                                  Uploading a Chart
                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                  2. In the navigation pane, choose App Templates. Then click Upload Chart in the upper right corner.
                                                                                                  3. Click Select File, select the chart to be uploaded, and click Upload.
                                                                                                     
                                                                                                    When you upload a chart, the naming rule of the OBS bucket is changed from cce-charts-{region}-{domain_name} to cce-charts-{region}-{domain_id}. In the old naming rule, the system converts the domain_name value into a Base64 string and uses the first 63 characters. If you cannot find the chart in the OBS bucket with the new name, search for the bucket with the old name.
                                                                                                    
 
                                                                                                    
 
                                                                                                  
 
                                                                                                  
-
                                                                                                  Creating a Release
                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose App Templates.
                                                                                                  2. On the My Charts tab page, click Install of the target chart.
                                                                                                  3. Set workload installation parameters by referring to Table 2.
                                                                                                    
+
                                                                                                    Creating a Release
                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                    2. In the navigation pane, choose App Templates. On the My Charts tab, click Install under the target chart.
                                                                                                    3. Set workload installation parameters by referring to Table 2.
                                                                                                      
 
                                                                                                Table 3 Release history
                                                                                                Add-on Version
                                                                                                
+
                                                                                                Release History
                                                                                                
+
                                                                                                
-
-
-
-
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@@ -241,7 +410,7 @@ cd /usr/local/nvidia/bin && ./nvidia-smi
 
diff --git a/docs/cce/umn/cce_10_0142.html b/docs/cce/umn/cce_10_0142.html
index 7f150c14f..d53d0302c 100644
--- a/docs/cce/umn/cce_10_0142.html
+++ b/docs/cce/umn/cce_10_0142.html
@@ -1,15 +1,63 @@
 
                                                                                                NodePort
                                                                                                
-
                                                                                                Scenario
                                                                                                A Service is exposed on each node's IP address at a static port (NodePort). When you create a NodePort Service, Kubernetes automatically allocates an internal IP address (ClusterIP) of the cluster. When clients outside the cluster access <NodeIP>:<NodePort>, the traffic will be forwarded to the target pod through the ClusterIP of the NodePort Service.
                                                                                                
-
                                                                                                Figure 1 NodePort access
                                                                                                
+
                                                                                                NodePort is a basic Service type in Kubernetes. It adds node port mapping to intra-cluster access. This means the Service is exposed on each node's IP address at a static port. When you create a NodePort Service, Kubernetes automatically allocates a cluster-scoped IP address (ClusterIP). When clients outside the cluster access <node-IP>:<node-port>, the traffic will be forwarded to the target pod through the ClusterIP of the NodePort Service.
                                                                                                
+
                                                                                                If pods require temporary access or the traffic is low, you can create a NodePort Service. For example, in a testing environment, you can use a NodePort Service when deploying and debugging a web application.
                                                                                                
+
                                                                                                Figure 1 NodePort Service access
                                                                                                
+
                                                                                                Constraints
                                                                                                • By default, a NodePort Service is accessed within a VPC. To use an EIP to access a NodePort Service through public networks, bind an EIP to the node in the cluster in advance.
                                                                                                • After a Service is created, if the affinity setting is switched from the cluster level to the node level, the connection tracing table will not be cleared. Do not modify the Service affinity setting after the Service is created. To modify it, create a Service again.
                                                                                                • In a CCE Turbo cluster, node-level affinity is supported only when the Service backend is connected to a hostNetwork pod.
                                                                                                • In VPC network mode, when container A is published through a NodePort service and the service affinity is set to the node level (that is, externalTrafficPolicy is set to local), container B deployed on the same node cannot access container A through the node IP address and NodePort service.
                                                                                                • When a NodePort service is created in a cluster of v1.21.7 or later, the port on the node is not displayed using netstat by default. If the cluster forwarding mode is iptables, run the iptables -t nat -L command to view the port. If the cluster forwarding mode is IPVS, run the ipvsadm -Ln command to view the port.
                                                                                                
 
                                                                                                
-
                                                                                                Notes and Constraints
                                                                                                • By default, a NodePort Service is accessed within a VPC. To use an EIP to access a NodePort Service through public networks, bind an EIP to the node in the cluster in advance.
                                                                                                • After a Service is created, if the affinity setting is switched from the cluster level to the node level, the connection tracing table will not be cleared. Do not modify the Service affinity setting after the Service is created. To modify it, create a Service again.
                                                                                                • In a CCE Turbo cluster, node-level affinity is supported only when the Service backend is connected to a hostNetwork pod.
                                                                                                • In VPC network mode, when container A is published through a NodePort service and the service affinity is set to the node level (that is, externalTrafficPolicy is set to local), container B deployed on the same node cannot access container A through the node IP address and NodePort service.
                                                                                                • When a NodePort service is created in a cluster of v1.21.7 or later, the port on the node is not displayed using netstat by default. If the cluster forwarding mode is iptables, run the iptables -t nat -L command to view the port. If the cluster forwarding mode is IPVS, run the ipvsadm -Ln command to view the port.
                                                                                                
+
                                                                                                Using the CCE Console
                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                2. In the navigation pane, choose Services & Ingresses. In the upper right corner, click Create Service.
                                                                                                3. Configure the parameters.
                                                                                                  
+
                                                                                                Table 5 CCE AI Suite (NVIDIA GPU) add-on
                                                                                                Add-on Version
                                                                                                
 
                                                                                                Supported Cluster Version
                                                                                                
+
                                                                                                Supported Cluster Version
                                                                                                
 
                                                                                                New Feature
                                                                                                
+
                                                                                                New Feature
                                                                                                
                                                                                                 		
 
                                                                                                
 
                                                                                                2.7.63
                                                                                                
+
                                                                                                2.8.4
                                                                                                
 
                                                                                                v1.28
                                                                                                
+
                                                                                                v1.28
                                                                                                
+
                                                                                                v1.29
                                                                                                
+
                                                                                                v1.30
                                                                                                
+
                                                                                                v1.31
                                                                                                
+
                                                                                                v1.32
                                                                                                
+
                                                                                                Fixed CVE-2025-23266 and CVE-2025-23267.
                                                                                                
+
                                                                                                2.7.66
                                                                                                
+
                                                                                                v1.28
                                                                                                
+
                                                                                                v1.29
                                                                                                
+
                                                                                                v1.30
                                                                                                
+
                                                                                                v1.31
                                                                                                
+
                                                                                                Fixed some issues.
                                                                                                
+
                                                                                                2.7.63
                                                                                                
+
                                                                                                v1.28
                                                                                                
 
                                                                                                v1.29
                                                                                                
 
                                                                                                v1.30
                                                                                                
 
                                                                                                v1.31
                                                                                                
 
                                                                                                Fixed the security vulnerabilities.
                                                                                                
+
                                                                                                Fixed the security vulnerabilities.
                                                                                                
                                                                                                 		
 
                                                                                                2.7.19
                                                                                                
+
                                                                                                2.7.19
                                                                                                
 
                                                                                                v1.28
                                                                                                
+
                                                                                                v1.28
                                                                                                
 
                                                                                                v1.29
                                                                                                
 
                                                                                                v1.30
                                                                                                
 
                                                                                                Fixed the nvidia-container-toolkit CVE-2024-0132 container escape vulnerability.
                                                                                                
+
                                                                                                Fixed the nvidia-container-toolkit CVE-2024-0132 container escape vulnerability.
                                                                                                
                                                                                                 		
 
                                                                                                2.7.13
                                                                                                
+
                                                                                                2.7.13
                                                                                                
 
                                                                                                v1.28
                                                                                                
+
                                                                                                v1.28
                                                                                                
 
                                                                                                v1.29
                                                                                                
 
                                                                                                v1.30
                                                                                                
 
                                                                                                • Supported xGPU configuration by node pool.
                                                                                                • Supported GPU rendering.
                                                                                                • Clusters v1.30 are supported.
                                                                                                
+
                                                                                                • Supported xGPU configuration by node pool.
                                                                                                • Supported GPU rendering.
                                                                                                • Clusters v1.30 are supported.
                                                                                                
                                                                                                 		
 
                                                                                                2.6.4
                                                                                                
+
                                                                                                2.6.4
                                                                                                
 
                                                                                                v1.28
                                                                                                
+
                                                                                                v1.28
                                                                                                
 
                                                                                                v1.29
                                                                                                
 
                                                                                                Updated the isolation logic of GPU cards.
                                                                                                
+
                                                                                                Updated the isolation logic of GPU cards.
                                                                                                
                                                                                                 		
 
                                                                                                2.6.1
                                                                                                
+
                                                                                                2.6.1
                                                                                                
 
                                                                                                v1.28
                                                                                                
+
                                                                                                v1.28
                                                                                                
 
                                                                                                v1.29
                                                                                                
 
                                                                                                Upgraded the base images of the add-on.
                                                                                                
+
                                                                                                Upgraded the base images of the add-on.
                                                                                                
                                                                                                 		
 
                                                                                                2.5.6
                                                                                                
+
                                                                                                2.5.6
                                                                                                
 
                                                                                                v1.28
                                                                                                
+
                                                                                                v1.28
                                                                                                
 
                                                                                                Fixed an issue that occurred during the installation of the driver.
                                                                                                
+
                                                                                                Fixed an issue that occurred during the installation of the driver.
                                                                                                
                                                                                                 		
 
                                                                                                2.5.4
                                                                                                
+
                                                                                                2.5.4
                                                                                                
 
                                                                                                v1.28
                                                                                                
+
                                                                                                v1.28
                                                                                                
 
                                                                                                Clusters v1.28 are supported.
                                                                                                
+
                                                                                                Clusters v1.28 are supported.
                                                                                                
                                                                                                 		
 
                                                                                                2.0.69
                                                                                                
+
                                                                                                2.2.4
                                                                                                
 
                                                                                                v1.21
                                                                                                
+
                                                                                                v1.25
                                                                                                
+
                                                                                                v1.27
                                                                                                
+
                                                                                                Fixed CVE-2025-23266 and CVE-2025-23267.
                                                                                                
+
                                                                                                2.0.69
                                                                                                
+
                                                                                                v1.21
                                                                                                
 
                                                                                                v1.23
                                                                                                
 
                                                                                                v1.25
                                                                                                
 
                                                                                                v1.27
                                                                                                
 
                                                                                                Upgraded the base images of the add-on.
                                                                                                
+
                                                                                                Upgraded the base images of the add-on.
                                                                                                
                                                                                                 		
 
                                                                                                2.0.48
                                                                                                
+
                                                                                                2.0.48
                                                                                                
 
                                                                                                v1.21
                                                                                                
+
                                                                                                v1.21
                                                                                                
 
                                                                                                v1.23
                                                                                                
 
                                                                                                v1.25
                                                                                                
 
                                                                                                v1.27
                                                                                                
 
                                                                                                Fixed an issue that occurred during the installation of the driver.
                                                                                                
+
                                                                                                Fixed an issue that occurred during the installation of the driver.
                                                                                                
                                                                                                 		
 
                                                                                                2.0.46
                                                                                                
+
                                                                                                2.0.46
                                                                                                
 
                                                                                                v1.21
                                                                                                
+
                                                                                                v1.21
                                                                                                
 
                                                                                                v1.23
                                                                                                
 
                                                                                                v1.25
                                                                                                
 
                                                                                                v1.27
                                                                                                
 
                                                                                                • Supported Nvidia driver 535.
                                                                                                • Non-root users can use xGPUs.
                                                                                                • Optimized startup logic.
                                                                                                
+
                                                                                                • Supported NVIDIA driver 535.
                                                                                                • Non-root users can use xGPUs.
                                                                                                • Optimized startup logic.
                                                                                                
                                                                                                 		
 
                                                                                                1.2.28
                                                                                                
+
                                                                                                1.2.28
                                                                                                
 
                                                                                                v1.19
                                                                                                
+
                                                                                                v1.19
                                                                                                
 
                                                                                                v1.21
                                                                                                
 
                                                                                                v1.23
                                                                                                
 
                                                                                                v1.25
                                                                                                
 
                                                                                                • Adapted to Ubuntu 22.04.
                                                                                                • Optimized the automatic mounting of the GPU driver directory.
                                                                                                
+
                                                                                                • Adapted to Ubuntu 22.04.
                                                                                                • Optimized the automatic mounting of the GPU driver directory.
                                                                                                
                                                                                                 		
 
                                                                                                1.2.20
                                                                                                
+
                                                                                                1.2.20
                                                                                                
 
                                                                                                v1.19
                                                                                                
+
                                                                                                v1.19
                                                                                                
 
                                                                                                v1.21
                                                                                                
 
                                                                                                v1.23
                                                                                                
 
                                                                                                v1.25
                                                                                                
 
                                                                                                Set the add-on alias to gpu.
                                                                                                
+
                                                                                                Set the add-on alias to gpu.
                                                                                                
                                                                                                 		
 
                                                                                                1.2.15
                                                                                                
+
                                                                                                1.2.15
                                                                                                
 
                                                                                                v1.15
                                                                                                
+
                                                                                                v1.15
                                                                                                
 
                                                                                                v1.17
                                                                                                
 
                                                                                                v1.19
                                                                                                
 
                                                                                                v1.21
                                                                                                
 
                                                                                                v1.23
                                                                                                
 
                                                                                                CCE clusters v1.23 are supported.
                                                                                                
+
                                                                                                CCE clusters v1.23 are supported.
                                                                                                
                                                                                                 		
 
                                                                                                1.2.9
                                                                                                
+
                                                                                                1.2.9
                                                                                                
 
                                                                                                v1.15
                                                                                                
+
                                                                                                v1.15
                                                                                                
 
                                                                                                v1.17
                                                                                                
 
                                                                                                v1.19
                                                                                                
 
                                                                                                v1.21
                                                                                                
 
                                                                                                CCE clusters v1.21 are supported.
                                                                                                
+
                                                                                                CCE clusters v1.21 are supported.
                                                                                                
                                                                                                 		
 
                                                                                                1.2.2
                                                                                                
+
                                                                                                1.2.2
                                                                                                
 
                                                                                                v1.15
                                                                                                
+
                                                                                                v1.15
                                                                                                
 
                                                                                                v1.17
                                                                                                
 
                                                                                                v1.19
                                                                                                
 
                                                                                                Supported the new EulerOS kernel.
                                                                                                
+
                                                                                                Supported the new EulerOS kernel.
                                                                                                
                                                                                                 		
 
                                                                                                
                                                                                                 
 
 
 
 
                                                                                                
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                Parameter
                                                                                                
+
                                                                                                Description
                                                                                                
+
                                                                                                Service Name
                                                                                                
+
                                                                                                Enter a name, which be can be the same as the workload name.
                                                                                                
+
                                                                                                Service Type
                                                                                                
+
                                                                                                Select NodePort.
                                                                                                
+
                                                                                                Namespace
                                                                                                
+
                                                                                                Select the namespace that the workload belongs to.
                                                                                                
+
                                                                                                Service Affinity
                                                                                                
+
                                                                                                Whether to route external traffic to a local node or a cluster-wide endpoint. For details, see Service Affinity (externalTrafficPolicy).
                                                                                                • Cluster-level: The IP addresses and ports of all nodes in a cluster can access the workload associated with the Service. However, accessing the Service may result in a performance decrease due to route redirection, and the client's source IP address may not be obtainable.
                                                                                                • Node-level: Only the IP address and port of the node where the workload is located can access the workload associated with the Service. Accessing the Service will not result in a performance decrease due to route redirection, and the client's source IP address can be obtained.
                                                                                                
 
                                                                                                
-
                                                                                                Creating a NodePort Service
                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                2. In the navigation pane, choose Services & Ingresses. In the upper right corner, click Create Service.
                                                                                                3. Configure intra-cluster access parameters.
                                                                                                  • Service Name: Specify a Service name, which can be the same as the workload name.
                                                                                                  • Service Type: Select NodePort.
                                                                                                  • Namespace: namespace that the workload belongs to.
                                                                                                  • Service Affinity: For details, see externalTrafficPolicy (Service Affinity).
                                                                                                    • Cluster level: The IP addresses and access ports of all nodes in a cluster can access the workload associated with the Service. Service access will cause performance loss due to route redirection, and the source IP address of the client cannot be obtained.
                                                                                                    • Node level: Only the IP address and access port of the node where the workload is located can access the workload associated with the Service. Service access will not cause performance loss due to route redirection, and the source IP address of the client can be obtained.
                                                                                                    
-
                                                                                                  • Selector: Add a label and click Confirm. The Service will use this label to select pods. You can also click Reference Workload Label to use the label of an existing workload. In the dialog box that is displayed, select a workload and click OK.
                                                                                                  • IPv6: This function is disabled by default. After this function is enabled, the cluster IP address of the Service changes to an IPv6 address.  This parameter is available only in clusters of v1.15 or later with IPv6 enabled (set during cluster creation).
                                                                                                  • Ports
                                                                                                    • Protocol: protocol used by the Service.
                                                                                                    • Service Port: port used by the Service. The port number ranges from 1 to 65535.
                                                                                                    • Container Port: listener port of the workload. For example, Nginx uses port 80 by default.
                                                                                                    • Node Port: You are advised to select Auto. You can also specify a port. The default port ranges from 30000 to 32767.
                                                                                                    
-
                                                                                                  
-
                                                                                                4. Click OK.
                                                                                                
+
                                                                                                Selector
                                                                                                
+
                                                                                                The Service will be associated with the workload pods based on the label and direct traffic to the pods with this label.
                                                                                                
+
                                                                                                You can add a key and value for the pod label and click Confirm.
                                                                                                
+
                                                                                                You can also click Reference Workload Label to use the label of an existing workload. In the dialog box displayed, select a workload and click OK.
                                                                                                
+
                                                                                                IPv6
                                                                                                
+
                                                                                                This function is disabled by default. After this function is enabled, the cluster IP address of the Service changes to an IPv6 address. This function is available only in clusters of v1.15 or later with IPv6 enabled (set during cluster creation).
                                                                                                
+
                                                                                                Port
                                                                                                
+
                                                                                                • Protocol: the protocol supported by the Service.
                                                                                                • Container Port: the listening port of the service containers. The port ranges from 1 to 65535. You need to determine the port based on the container image. For example, the default port of Nginx is 80, and the default port of MySQL is 3306.
                                                                                                • Service Port: the port used to access the ClusterIP Service. You can customize the port as required. The port ranges from 1 to 65535.
                                                                                                
+
                                                                                                • Node Port: the port used for accessing the node using the node IP address. You are advised to select Auto. You can also specify a port. The default port range is 30000 to 32767.
                                                                                                
+
                                                                                                
+
                                                                                                
+
                                                                                              2. Click OK. After creating the Service, access it through <node-IP-address>:<node-port>. Cloud servers within the same VPC as the cluster or containers within the cluster can access this IP address. If an EIP is bound to a node, you can also use the EIP for access.
                                                                                                
+
                                                                                                
+
                                                                                                3. 
 
                                                                                                
 
                                                                                                Using kubectl
                                                                                                You can configure Service access using kubectl. This section uses an Nginx workload as an example to describe how to configure a NodePort Service using kubectl.
                                                                                                
 
                                                                                                1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                2. Create and edit the nginx-deployment.yaml file to configure the sample workload. For details, see Creating a Deployment. nginx-deployment.yaml is an example file name. You can rename it as needed.
                                                                                                  vi nginx-deployment.yaml
                                                                                                  
@@ -65,8 +113,7 @@ spec:
 
                                                                                                  Check the created Service.
                                                                                                  
 
                                                                                                  kubectl get svc
                                                                                                  
 
                                                                                                  If information similar to the following is displayed, the Service has been created:
                                                                                                  
-
                                                                                                  # kubectl get svc
-NAME             TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)          AGE
+
                                                                                                  NAME             TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)          AGE
 kubernetes       ClusterIP   10.247.0.1     <none>        443/TCP          4d8h
 nginx-nodeport   NodePort    10.247.30.40   <none>        8080:30000/TCP   18s
                                                                                                  
 
                                                                                                3. Access the Service. By default, a NodePort Service can be accessed using IP-address-of-any-node:node-port. Cloud servers within the same VPC or containers within the cluster can access the Service. If an EIP is bound to a node, you can also use the EIP to access the Service.
                                                                                                  Create a container in the cluster and access it using IP-address-of-the-node:node-port.
                                                                                                  
@@ -110,7 +157,7 @@ Commercial support is available at
 
                                                                                                
 
                                                                                                
 
                                                                                                
-
                                                                                                Parent topic: Service
                                                                                                
+
                                                                                                Parent topic: Services
                                                                                                
 
                                                                                                
 
                                                                                                
 
diff --git a/docs/cce/umn/cce_10_0144.html b/docs/cce/umn/cce_10_0144.html
index 2e79109dd..32dde00dc 100644
--- a/docs/cce/umn/cce_10_0144.html
+++ b/docs/cce/umn/cce_10_0144.html
@@ -1,11 +1,11 @@
 
 
 
                                                                                                Deploying an Application Through the Helm v3 Client
                                                                                                
-
                                                                                                Prerequisites
                                                                                                • The Kubernetes cluster created on CCE has been connected to kubectl. For details, see Procedure.
                                                                                                • To pull a public image when deploying Helm, ensure an EIP has been bound to the node.
                                                                                                
+
                                                                                                Prerequisites
                                                                                                • The Kubernetes cluster created on CCE has been connected to kubectl. For details, see Step 1: Download kubectl.
                                                                                                • To pull a public image when deploying with Helm, ensure an EIP has been bound to the node.
                                                                                                
 
                                                                                                
 
                                                                                                Installing Helm v3
                                                                                                This section uses Helm v3.3.0 as an example.
                                                                                                
 
                                                                                                For other versions, visit https://github.com/helm/helm/releases.
                                                                                                
-
                                                                                                1. Download the Helm client from the VM connected to the cluster.
                                                                                                  wget https://get.helm.sh/helm-v3.3.0-linux-amd64.tar.gz
                                                                                                  
+
                                                                                                  1. Download the v3.3.0 Helm client from the VM connected to the cluster.
                                                                                                    wget https://get.helm.sh/helm-v3.3.0-linux-amd64.tar.gz
                                                                                                    
 
                                                                                                  2. Decompress the Helm package.
                                                                                                    tar -xzvf helm-v3.3.0-linux-amd64.tar.gz
                                                                                                    
 
                                                                                                  3. Copy Helm to the system path, for example, /usr/local/bin/helm.
                                                                                                    mv linux-amd64/helm /usr/local/bin/helm
                                                                                                    
 
                                                                                                  4. Query the Helm version.
                                                                                                    helm version
                                                                                                    
@@ -49,20 +49,20 @@ Error: Unable to find a match: socat
 
                                                                                                    Error information:
                                                                                                    
 
                                                                                                    Client: &version.Version{SemVer:"v3.3.0", GitCommit:"021cb0ac1a1b2f888144ef5a67b8dab6c2d45be6", GitTreeState:"clean"}
 Error: cannot connect to Tiller
                                                                                                    
-
                                                                                                    The Helm chart reads the configuration certificate in .Kube/config and communicates with Kubernetes. The preceding error indicates that the kubectl configuration is incorrect. In this case, reconnect the cluster to kubectl. For details, see Procedure.
                                                                                                    
+
                                                                                                    The Helm chart reads the configuration certificate in .kube/config and communicates with Kubernetes. The preceding error indicates that the kubectl configuration is incorrect. In this case, reconnect the cluster to kubectl. For details, see Step 1: Download kubectl.
                                                                                                    
 
                                                                                                  5. Storage fails to be created after you have connected to cloud storage services.
                                                                                                    This issue may be caused by the annotation field in the created PVC. Change the chart name and install the chart again.
                                                                                                    
 
                                                                                                  6. If kubectl is not properly configured, the error message "Error: Kubernetes cluster unreachable..." will be displayed when you install Helm.
                                                                                                    Example:
                                                                                                    
 
                                                                                                    helm install prometheus/ --generate-name
                                                                                                    
 
                                                                                                    Error information:
                                                                                                    WARNING: This chart is deprecated
 Error: Kubernetes cluster unreachable: Get "http://localhost:8080/version?timeout=32s": dial tcp [::1]:8080: connect: connection refused
                                                                                                    
 
                                                                                                    
-
                                                                                                    Solution: Configure kubeconfig for the node. For details, see Procedure.
                                                                                                    
+
                                                                                                    Solution: Configure kubeconfig for the node. For details, see Step 1: Download kubectl.
                                                                                                    
 
                                                                                                    7. 
 
                                                                                                
 
                                                                                                
 
                                                                                                
 
                                                                                                
-
                                                                                                Parent topic: Helm Chart
                                                                                                
+
                                                                                                Parent topic: Helm Charts
                                                                                                
 
                                                                                                
 
                                                                                                
 
diff --git a/docs/cce/umn/cce_10_0146.html b/docs/cce/umn/cce_10_0146.html
index b0f714a6c..95c03ac3e 100644
--- a/docs/cce/umn/cce_10_0146.html
+++ b/docs/cce/umn/cce_10_0146.html
@@ -33,7 +33,7 @@
 
 
                                                                                                Describes configuration parameters required by templates.
                                                                                                
 
                                                                                                 NOTICE: 
                                                                                                Make sure that the image address set in the values.yaml file is the same as the image address in the container image repository. Otherwise, an exception occurs when you create a workload, and the system displays a message indicating that the image fails to be pulled.
                                                                                                
-
                                                                                                To obtain the image address, perform the following operations: Log in to the CCE console. In the navigation pane, choose Image Repository to access the SWR console. Choose My Images > Private Images and click the name of the uploaded image. On the Image Tags tab page, obtain the image address from the pull command. You can click  to copy the command in the Image Pull Command column.
                                                                                                
+
                                                                                                To obtain the image address, perform the following operations: Log in to the CCE console. In the navigation pane, choose Image Repository to access the SWR console. Choose My Images > Private Images and click the name of the uploaded image. On the Image Tags tab page, obtain the image address from the pull command. You can click  to copy the command in the Image Pull Command column.
                                                                                                
 
                                                                                                
                                                                                                 		
 
                                                                                                
 
 
                                                                                                Table 2 Installation parameters
                                                                                                Parameter
                                                                                                
                                                                                                 		
 
                                                                                                Description
                                                                                                
@@ -101,17 +101,17 @@
 
                                                                                              3. Click Install.
                                                                                                On the Releases tab page, you can view the installation status of the release.
                                                                                                
 
                                                                                                4. 
 
-
                                                                                                Upgrading a Chart-based Workload
                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console. Choose App Templates in the navigation pane. In the right pane, click the Releases tab.
                                                                                                2. Click Upgrade in the row where the desired workload resides and set the parameters for the workload.
                                                                                                3. Select a chart version for Chart Version.
                                                                                                4. Follow the prompts to modify the chart parameters. Confirm the modification and click Upgrade.
                                                                                                5. If the execution status is Upgraded, the workload has been upgraded.
                                                                                                
+
                                                                                                Upgrading a Chart-based Workload
                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                2. In the navigation pane, choose App Templates. On the right, click the Releases tab.
                                                                                                3. Click Upgrade in the row where the desired workload resides and set the parameters for the workload.
                                                                                                4. Select a chart version for Chart Version.
                                                                                                5. Follow the prompts to modify the chart parameters. Confirm the modification and click Upgrade.
                                                                                                6. If the execution status is Upgraded, the workload has been upgraded.
                                                                                                
 
                                                                                                
-
                                                                                                Rolling Back a Chart-based Workload
                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console. Choose App Templates in the navigation pane. In the right pane, click the Releases tab.
                                                                                                2. Choose More > Roll Back for the release to be rolled back, select the target release version, and roll the release back.
                                                                                                  In the workload list, if the status is Rollback successful, the workload is rolled back successfully.
                                                                                                  
+
                                                                                                  Rolling Back a Chart-based Workload
                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                  2. In the navigation pane, choose App Templates. On the right, click the Releases tab.
                                                                                                  3. Choose More > Roll Back for the release to be rolled back, select the target release version, and roll the release back.
                                                                                                    In the workload list, if the status is Rollback successful, the workload is rolled back successfully.
                                                                                                    
 
                                                                                                  
 
                                                                                                  
-
                                                                                                  Uninstalling a Chart-based Workload
                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console. Choose App Templates in the navigation pane. In the right pane, click the Releases tab.
                                                                                                  2. Click More > Uninstall next to the release to be uninstalled, and click Yes. Exercise caution when performing this operation because releases cannot be restored after being uninstalled.
                                                                                                  
+
                                                                                                  Uninstalling a Chart-based Workload
                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                  2. In the navigation pane, choose App Templates. On the right, click the Releases tab.
                                                                                                  3. Click More > Uninstall next to the release to be uninstalled, and click Yes. Exercise caution when performing this operation because releases cannot be restored after being uninstalled.
                                                                                                  
 
                                                                                                  
 
                                                                                                  
 
                                                                                                  
 
                                                                                                  
-
                                                                                                  Parent topic: Helm Chart
                                                                                                  
+
                                                                                                  Parent topic: Helm Charts
                                                                                                  
 
                                                                                                  
 
                                                                                                  
 
diff --git a/docs/cce/umn/cce_10_0150.html b/docs/cce/umn/cce_10_0150.html
index e5bf8b7ce..f89b66835 100644
--- a/docs/cce/umn/cce_10_0150.html
+++ b/docs/cce/umn/cce_10_0150.html
@@ -1,77 +1,110 @@
 
 
 
                                                                                                  Creating a Job
                                                                                                  
-
                                                                                                  Scenario
                                                                                                  Jobs are short-lived and run for a certain time to completion. They can be executed immediately after being deployed. It is completed after it exits normally (exit 0).
                                                                                                  
-
                                                                                                  A job is a resource object that is used to control batch tasks. It is different from a long-term servo workload (such as Deployment and StatefulSet).
                                                                                                  
-
                                                                                                  A job is started and terminated at specific times, while a long-term servo workload runs unceasingly unless being terminated. The pods managed by a job automatically exit after successfully completing the job based on user configurations. The success flag varies according to the spec.completions policy.
                                                                                                  
-
                                                                                                  • One-off jobs: A single pod runs once until successful termination.
                                                                                                  • Jobs with a fixed success count: N pods run until successful termination.
                                                                                                  • A queue job is considered completed based on the global success confirmed by the application.
                                                                                                  
+
                                                                                                  A job is a Kubernetes workload designed for managing batch processing tasks, handling one-time or short-lived tasks. Unlike long-running services managed by Deployments or StatefulSets, a job creates one or more pods, executing them with defined start and end phases. If the task is not completed, the job retries pod execution until the target is reached.
                                                                                                  
+
                                                                                                  You can set different tasks for a job as required.
                                                                                                  
+
                                                                                                  • One-off job: A job creates only one pod to execute a task. If the task is successfully completed, the pod exits (exit 0).
                                                                                                  • Job with fixed completion counts: A job must have multiple pods successfully executed tasks. When a specified number of successful pod completions are reached, the task is complete.
                                                                                                  • Job with a work queue: A job processes tasks in a work queue. Each pod is allocated with an index. If each of these pods is successfully completed, the job is finished.
                                                                                                  
+
                                                                                                  Prerequisites
                                                                                                  
 
                                                                                                  
-
                                                                                                  Prerequisites
                                                                                                  Resources have been created. For details, see Creating a Node. If clusters and nodes are available, you need not create them again.
                                                                                                  
-
                                                                                                  
-
                                                                                                  Using the CCE Console
                                                                                                  1. Log in to the CCE console.
                                                                                                  2. Click the cluster name to go to the cluster console, choose Workloads in the navigation pane, and click the Create Workload in the upper right corner.
                                                                                                  3. Set basic information about the workload. 
                                                                                                    Basic Info
                                                                                                    • Workload Type: Select Job. For details about workload types, see Overview.
                                                                                                    • Workload Name: Enter the name of the workload. Enter 1 to 63 characters starting with a lowercase letter and ending with a lowercase letter or digit. Only lowercase letters, digits, and hyphens (-) are allowed.
                                                                                                    • Namespace: Select the namespace of the workload. The default value is default. You can also click Create Namespace to create one. For details, see Creating a Namespace.
                                                                                                    • Pods: Enter the number of pods of the workload.
                                                                                                    • Container Runtime: A CCE standard cluster uses a common runtime by default, whereas a CCE Turbo cluster supports both common and secure runtimes. For details about the differences, see Secure Runtime and Common Runtime.
                                                                                                    
-
                                                                                                    
-
                                                                                                    Container Settings
                                                                                                    • Container Information
                                                                                                      Multiple containers can be configured in a pod. You can click Add Container on the right to configure multiple containers for the pod.
                                                                                                      • Basic Info: Configure basic information about the container.
-
                                                                                                        Parameter
                                                                                                        
+
                                                                                                        Using the CCE Console
                                                                                                        1. Log in to the CCE console.
                                                                                                        2. Click the cluster name to go to the cluster console, choose Workloads in the navigation pane, and click the Create Workload in the upper right corner.
                                                                                                        3. Configure basic information about the workload.
                                                                                                          
+
                                                                                                          
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
                                                                                                          Parameter
                                                                                                          
 
                                                                                                          Description
                                                                                                          
+
                                                                                                          Description
                                                                                                          
                                                                                                           		
 
                                                                                                          
 
                                                                                                          Container Name
                                                                                                          
+
                                                                                                          Workload Type
                                                                                                          
 
                                                                                                          Name the container.
                                                                                                          
+
                                                                                                          Select Job. For details about different workload types, see Workload Overview.
                                                                                                          
                                                                                                           		
 
                                                                                                          Pull Policy
                                                                                                          
+
                                                                                                          Workload Name
                                                                                                          
 
                                                                                                          Image update or pull policy. If you select Always, the image is pulled from the image repository each time. If you do not select Always, the existing image of the node is preferentially used. If the image does not exist, the image is pulled from the image repository.
                                                                                                          
+
                                                                                                          Enter a name for the workload. Enter 1 to 63 characters starting with a lowercase letter and ending with a lowercase letter or digit. Only lowercase letters, digits, and hyphens (-) are allowed.
                                                                                                          
                                                                                                           		
 
                                                                                                          Image Name
                                                                                                          
+
                                                                                                          Namespace
                                                                                                          
 
                                                                                                          Click Select Image and select the image used by the container.
                                                                                                          
+
                                                                                                          Select a namespace for the workload. The default value is default. You can also click Create Namespace to create one. For details, see Creating a Namespace.
                                                                                                          
+
                                                                                                          Pods
                                                                                                          
+
                                                                                                          Enter the number of workload pods.
                                                                                                          
+
                                                                                                          Container Runtime
                                                                                                          
+
                                                                                                          A CCE standard cluster uses a common runtime by default, whereas a CCE Turbo cluster supports both common and secure runtimes. For details about their differences, see Secure Runtime and Common Runtime.
                                                                                                          
+
                                                                                                          
+
                                                                                                          
+
                                                                                                        4. Configure container settings for the workload.
                                                                                                          • Container Information: Click Add Container on the right to configure multiple containers for the pod.
                                                                                                             
                                                                                                            If you configured multiple containers for a pod, ensure that the ports used by each container do not conflict with each other, or the workload cannot be deployed.
                                                                                                            
+
                                                                                                            
+
                                                                                                            • Basic Info: Configure basic information about the container.
+
                                                                                                              
+
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@@ -80,20 +113,38 @@
 
                                                                                                              Parameter
                                                                                                              
+
                                                                                                              Description
                                                                                                              
+
                                                                                                              Container Name
                                                                                                              
+
                                                                                                              Enter a name for the container.
                                                                                                              
+
                                                                                                              Pull Policy
                                                                                                              
+
                                                                                                              Image update or pull policy. If you select Always, the image is pulled from the image repository each time. If you do not select Always, the existing image of the node is preferentially used. If the image does not exist, the image is pulled from the image repository.
                                                                                                              
+
                                                                                                              Image Name
                                                                                                              
+
                                                                                                              Click Select Image and select the image used by the container.
                                                                                                              
 
                                                                                                              To use a third-party image, directly enter image path. Ensure that the image access credential can be used to access the image repository. For details, see Using Third-Party Images.
                                                                                                              
                                                                                                               		
 
                                                                                                              Image Tag
                                                                                                              
+
                                                                                                              Image Tag
                                                                                                              
 
                                                                                                              Select the image tag to be deployed.
                                                                                                              
+
                                                                                                              Select the image tag to be deployed.
                                                                                                              
                                                                                                               		
 
                                                                                                              CPU Quota
                                                                                                              
+
                                                                                                              CPU Quota
                                                                                                              
 
                                                                                                              • Request: minimum number of CPU cores required by a container. The default value is 0.25 cores.
                                                                                                              • Limit: maximum number of CPU cores that can be used by a container. This prevents containers from using excessive resources.
                                                                                                              
+
                                                                                                              • Request: minimum number of CPU cores required by a container. The default value is 0.25 cores.
                                                                                                              • Limit: maximum number of CPU cores that can be used by a container. This prevents containers from using excessive resources.
                                                                                                              
 
                                                                                                              If Request and Limit are not specified, the quota is not limited. For more information and suggestions about Request and Limit, see Configuring Container Specifications.
                                                                                                              
                                                                                                               		
 
                                                                                                              Memory Quota
                                                                                                              
+
                                                                                                              Memory Quota
                                                                                                              
 
                                                                                                              • Request: minimum amount of memory required by a container. The default value is 512 MiB.
                                                                                                              • Limit: maximum amount of memory available for a container. When memory usage exceeds the specified memory limit, the container will be terminated.
                                                                                                              
+
                                                                                                              • Request: minimum amount of memory required by a container. The default value is 512 MiB.
                                                                                                              • Limit: maximum amount of memory available for a container. When memory usage exceeds the specified memory limit, the container will be terminated.
                                                                                                              
 
                                                                                                              If Request and Limit are not specified, the quota is not limited. For more information and suggestions about Request and Limit, see Configuring Container Specifications.
                                                                                                              
                                                                                                               		
 
                                                                                                              (Optional) GPU Quota
                                                                                                              
+
                                                                                                              (Optional) GPU Quota
                                                                                                              
 
                                                                                                              Configurable only when the cluster contains GPU nodes and the CCE AI Suite (NVIDIA GPU) add-on has been installed.
                                                                                                              
+
                                                                                                              Configurable only when the cluster contains GPU nodes and the CCE AI Suite (NVIDIA GPU) add-on has been installed.
                                                                                                              
 
                                                                                                              • Do not use: No GPU will be used.
                                                                                                              • GPU card: The GPU is dedicated for the container.
                                                                                                              • GPU Virtualization: percentage of GPU resources used by the container. For example, if this parameter is set to 10%, the container will use 10% of GPU resources.
                                                                                                              
-
                                                                                                              For details about how to use GPUs in the cluster, see Default GPU Scheduling in Kubernetes.
                                                                                                              
+
                                                                                                              For details about how to use GPUs in a cluster, see Default GPU Scheduling in Kubernetes.
                                                                                                              
                                                                                                               		
 
                                                                                                              (Optional) Privileged Container
                                                                                                              
+
                                                                                                              (Optional) Privileged Container
                                                                                                              
 
                                                                                                              Programs in a privileged container have certain privileges.
                                                                                                              
-
                                                                                                              If Privileged Container is enabled, the container is assigned privileges. For example, privileged containers can manipulate network devices on the host machine and modify kernel parameters.
                                                                                                              
+
                                                                                                              Programs in a privileged container have certain privileges. If this option is enabled, the container will be assigned privileges. For example, privileged containers can manipulate network devices on the host machine, modify kernel parameters, access all devices on the node.
                                                                                                              
+
                                                                                                              For more information, see Pod Security Standards.
                                                                                                              
                                                                                                               		
 
                                                                                                              (Optional) Init Container
                                                                                                              
+
                                                                                                              (Optional) Init Container
                                                                                                              
 
                                                                                                              Whether to use the container as an init container. An init container does not support health check.
                                                                                                              
+
                                                                                                              Whether to use the container as an init container. An init container does not support health check.
                                                                                                              
 
                                                                                                              An init container is a special container that runs before other app containers in a pod are started. Each pod can contain multiple containers. In addition, a pod can contain one or more init containers. Application containers in a pod are started and run only after the running of all init containers completes. For details, see Init Containers.
                                                                                                              
                                                                                                               		
 
                                                                                                              (Optional) Run Option
                                                                                                              
+
                                                                                                              (Optional) Run Option
                                                                                                              
 
                                                                                                              Add run options for the container. For details, see Pod. CCE supports the following run options:
                                                                                                              
+
                                                                                                              Add run options for the container. For details, see Pod. CCE supports the following run options:
                                                                                                              
 
                                                                                                              • stdin: allows containers to receive input from external sources, such as terminals or other input streams.
                                                                                                              • tty: allocates a pseudo terminal to containers, allowing you to send commands to them as if you were using a local terminal.
                                                                                                                In most cases, tty is enabled along with stdin, indicating that the terminal (tty) is associated with the standard input (stdin) of the container. This allows for interactive operations, similar to the kubectl exec -i -t command. The difference is that this parameter has been configured when the pod is launched.
                                                                                                                
 
                                                                                                              
 
                                                                                                              
 
                                                                                                              
 
                                                                                                            
-
                                                                                                            • (Optional) Lifecycle: Configure operations to be performed in a specific phase of the container lifecycle, such as Startup Command, Post-Start, and Pre-Stop. For details, see Configuring Container Lifecycle Parameters.
                                                                                                            • (Optional) Environment Variables: Configure variables for the container running environment using key-value pairs. These variables transfer external information to containers running in pods and can be flexibly modified after application deployment. For details, see Configuring Environment Variables.
                                                                                                            • (Optional) Data Storage: Mount local storage or cloud storage to the container. The application scenarios and mounting modes vary with the storage type. For details, see Storage.
                                                                                                               
                                                                                                              If the workload contains more than one pod, EVS volumes cannot be mounted.
                                                                                                              
+
                                                                                                              • (Optional) Lifecycle: Configure operations to be performed in a specific phase of the container lifecycle, such as Startup Command, Post-Start, and Pre-Stop. For details, see Configuring the Container Lifecycle.
                                                                                                              • (Optional) Environment Variables: Configure variables for the container running environment using key-value pairs. These variables transfer external information to containers running in pods and can be flexibly modified after application deployment. For details, see Configuring Environment Variables.
                                                                                                              • (Optional) Data Storage: Mount local storage or cloud storage to the container. The application scenarios and mounting modes vary with the StorageClass. For details, see Storage.
                                                                                                                 
                                                                                                                If the workload contains more than one pod, EVS volumes cannot be mounted.
                                                                                                                
 
                                                                                                                
-
                                                                                                              • (Optional) Logging: Report standard container output logs to AOM by default, without requiring manual settings. You can manually configure the log collection path. For details, see Collecting Container Logs Using ICAgent.
                                                                                                                To disable the standard output of the current workload, add the annotation kubernetes.AOM.log.stdout: [] in Labels and Annotations. For details about how to use this annotation, see Table 1.
                                                                                                                
+
                                                                                                              • (Optional) Logging: Report standard container output logs to AOM by default, without requiring manual settings. You can manually configure the log collection path. For details, see Collecting Container Logs Using ICAgent.
                                                                                                                To disable the collection of the standard output logs of the current workload, add the annotation kubernetes.AOM.log.stdout: [] in Labels and Annotations in the Advanced Settings area. For details about how to use this annotation, see Table 1.
                                                                                                                
 
                                                                                                              
+
                                                                                                            • Image Access Credential: Select the credential used for accessing the image repository. The default value is default-secret. You can use default-secret to access images in SWR Shared Edition. For details about default-secret, see default-secret.
                                                                                                            • (Optional) GPU: All is selected by default. The workload instance will be scheduled to the node of the specified GPU type.
                                                                                                            
+
                                                                                                          • (Optional) Configure advanced settings for the workload.
                                                                                                            
+
                                                                                                            
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                            Parameter
                                                                                                            
+
                                                                                                            Description
                                                                                                            
+
                                                                                                            Labels and Annotations
                                                                                                            
+
                                                                                                            Add labels or annotations for pods using key-value pairs. After the setting, click Confirm. For details about labels and annotations, see Configuring Labels and Annotations.
                                                                                                            
+
                                                                                                            Job Settings
                                                                                                            
+
                                                                                                            • Parallel Pods: Maximum number of pods that can run in parallel during job execution. The value cannot be greater than the total number of pods in the job.
                                                                                                            • Timeout (s): Once a job reaches this time, the job status becomes failed and all pods in this job will be deleted. If you leave this parameter blank, the job will never time out.
                                                                                                            • Completion Mode
                                                                                                              • Non-indexed: A job is considered complete when all the pods are successfully executed. Each pod completion is homologous to each other.
                                                                                                              • Indexed: Each pod gets an associated completion index from 0 to the number of pods minus 1. The job is considered complete when every pod allocated with an index is successfully executed. For an indexed job, pods are named in the format of $(job-name)-$(index).
                                                                                                              
+
                                                                                                            • Suspend Job: By default, a job is executed immediately after being created. The job's execution will be suspended if you enable this option, and resumed after you disable it.
                                                                                                            
+
                                                                                                            Network Configuration
                                                                                                            
+                                                                                                            		
+
                                                                                                            
 
                                                                                                            
-
                                                                                                          • Image Access Credential: Select the credential used for accessing the image repository. The default value is default-secret. You can use default-secret to access images in SWR Shared Edition. For details about default-secret, see default-secret.
                                                                                                          • (Optional) GPU: All is selected by default. The workload instance will be scheduled to the node of the specified GPU type.
                                                                                                          
-
                                                                                                        
-
                                                                                                        (Optional) Advanced Settings
                                                                                                        • Labels and Annotations: Add labels or annotations for pods using key-value pairs. After entering the key and value, click Confirm. For details about how to use and configure labels and annotations, see Configuring Labels and Annotations.
                                                                                                        
-
                                                                                                        • Job Settings
                                                                                                          • Parallel Pods: Maximum number of pods that can run in parallel during job execution. The value cannot be greater than the total number of pods in the job.
                                                                                                          • Timeout (s): Once a job reaches this time, the job status becomes failed and all pods in this job will be deleted. If you leave this parameter blank, the job will never time out.
                                                                                                          • Completion Mode
                                                                                                            • Non-indexed: A job is considered complete when all the pods are successfully executed. Each pod completion is homologous to each other.
                                                                                                            • Indexed: Each pod gets an associated completion index from 0 to the number of pods minus 1. The job is considered complete when every pod allocated with an index is successfully executed. For an indexed job, pods are named in the format of $(job-name)-$(index).
                                                                                                            
-
                                                                                                          • Suspend Job: By default, a job is executed immediately after being created. The job's execution will be suspended if you enable this option, and resumed after you disable it.
                                                                                                          
-
                                                                                                        • Network Configuration
                                                                                                          • Pod ingress/egress bandwidth limitation: You can set ingress/egress bandwidth limitation for pods. For details, see Configuring QoS for a Pod.
                                                                                                          • Whether to enable a specified container network configuration: available only for clusters that support this function. After you enable a specified container network configuration, the workload will be created using the container subnet and security group in the configuration. For details, see Binding a Subnet and Security Group to a Namespace or Workload Using a Container Network Configuration.
                                                                                                          • Specify the container network configuration name: Only the custom container network configuration whose associated resource type is workload can be selected.
                                                                                                          • IPv6 shared bandwidth: available only for clusters that support this function. After this function is enabled, you can configure a shared bandwidth for a pod with IPv6 dual-stack ENIs. For details, see Configuring Shared Bandwidth for a Pod with IPv6 Dual-Stack ENIs.
                                                                                                          
-
                                                                                                        
-
                                                                                                        
-
                                                                                                      • Click Create Workload in the lower right corner. After a period of time, if the workload status changes to processing, each task will be processed in sequence. After all tasks are processed, the workload status changes to Executed.
                                                                                                        
+
                                                                                                      • Click Create Workload in the lower right corner. After a period of time, when the workload enters the processing state, tasks will be processed sequentially. After all tasks are processed, the workload status changes to Executed.
                                                                                                        
 
                                                                                                        
 
                                                                                                        • 
 
@@ -101,50 +152,50 @@
 
                                                                                                        • .spec.completions: indicates the number of pods that need to run successfully to end a job. The default value is 1.
                                                                                                        • .spec.parallelism: indicates the number of pods that run concurrently. The default value is 1.
                                                                                                        • .spec.backoffLimit: indicates the maximum number of retries performed if a pod fails. When the limit is reached, the pod will not try again.
                                                                                                        • .spec.activeDeadlineSeconds: indicates the running time of pods. Once the time is reached, the job and its pods are terminated. .spec.activeDeadlineSeconds has a higher priority than .spec.backoffLimit. If a job reaches .spec.activeDeadlineSeconds, spec.backoffLimit is ignored.
                                                                                                        
 
                                                                                                        Based on the .spec.completions and .spec.parallelism settings, jobs are classified into the following types.
                                                                                                        
 
-
                                                                                                        Table 1 Job types
                                                                                                        Job Type
                                                                                                        
+
                                                                                                        
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@@ -170,15 +221,15 @@ spec:
         - name: default-secret
                                                                                                        Run the job.
                                                                                                        1. Start the job.
                                                                                                          kubectl apply -f myjob.yaml
                                                                                                          
-
                                                                                                          The command output is as follows:
                                                                                                          
+
                                                                                                          Command output:
                                                                                                          
 
                                                                                                          job.batch/myjob created
                                                                                                          
 
                                                                                                        2. View the job details.
                                                                                                          kubectl get job
                                                                                                          
-
                                                                                                          The command output is as follows:
                                                                                                          
+
                                                                                                          Command output:
                                                                                                          
 
                                                                                                          NAME    COMPLETIONS   DURATION   AGE
 myjob   50/50         23s        3m45s
                                                                                                          
 
                                                                                                          If the value of COMPLETIONS is 50/50, the job is successfully executed.
                                                                                                          
 
                                                                                                        3. View the pod status.
                                                                                                          kubectl get pod
                                                                                                          
-
                                                                                                          The command output is as follows:
                                                                                                          
+
                                                                                                          Command output:
                                                                                                          
 
                                                                                                          NAME          READY   STATUS      RESTARTS   AGE
 myjob-29qlw   0/1     Completed   0          4m5s
 ...
                                                                                                          
@@ -188,20 +239,20 @@ myjob-29qlw   0/1     Completed   0          4m5s
 
 
                                                                                                          Related Operations
                                                                                                          After a one-off job is created, you can perform operations listed in Table 2.
                                                                                                          
 
-
                                                                                                        Table 1 Job types
                                                                                                        Job Type
                                                                                                        
 
                                                                                                        Description
                                                                                                        
+
                                                                                                        Description
                                                                                                        
 
                                                                                                        .spec.completions
                                                                                                        
+
                                                                                                        .spec.completions
                                                                                                        
 
                                                                                                        .spec.parallelism
                                                                                                        
+
                                                                                                        .spec.parallelism
                                                                                                        
                                                                                                         		
 
                                                                                                        
 
                                                                                                        One-off jobs
                                                                                                        
+
                                                                                                        One-off jobs
                                                                                                        
 
                                                                                                        A job creates one pod until it successfully completes.
                                                                                                        
+
                                                                                                        A job creates one pod until it successfully completes.
                                                                                                        
 
                                                                                                        1
                                                                                                        
+
                                                                                                        1
                                                                                                        
 
                                                                                                        1
                                                                                                        
+
                                                                                                        1
                                                                                                        
                                                                                                         		
 
                                                                                                        Jobs with a fixed completion count
                                                                                                        
+
                                                                                                        Jobs with a fixed completion count
                                                                                                        
 
                                                                                                        A job creates one pod in sequence and is complete when the number of successful pods reaches the value of .spec.completions.
                                                                                                        
+
                                                                                                        A job creates one pod in sequence and is complete when the number of successful pods reaches the value of .spec.completions.
                                                                                                        
 
                                                                                                        >1
                                                                                                        
+
                                                                                                        >1
                                                                                                        
 
                                                                                                        1
                                                                                                        
+
                                                                                                        1
                                                                                                        
                                                                                                         		
 
                                                                                                        Parallel jobs with a fixed completion count
                                                                                                        
+
                                                                                                        Parallel jobs with a fixed completion count
                                                                                                        
 
                                                                                                        A job creates multiple pods in sequence and is complete when the number of successful pods reaches the value of .spec.completions.
                                                                                                        
+
                                                                                                        A job creates multiple pods in sequence and is complete when the number of successful pods reaches the value of .spec.completions.
                                                                                                        
 
                                                                                                        >1
                                                                                                        
+
                                                                                                        >1
                                                                                                        
 
                                                                                                        >1
                                                                                                        
+
                                                                                                        >1
                                                                                                        
                                                                                                         		
 
                                                                                                        Parallel jobs with a work queue
                                                                                                        
+
                                                                                                        Parallel jobs with a work queue
                                                                                                        
 
                                                                                                        A job creates one or more pods. Each pod takes one task from the message queue, processes it, and repeats until the end of the queue is reached. Then the pod deletes the task and exists. For details, see Fine Parallel Processing Using a Work Queue.
                                                                                                        
+
                                                                                                        A job creates one or more pods. Each pod takes one task from the message queue, processes it, and repeats until the end of the queue is reached. Then the pod deletes the task and exits. For details, see Fine Parallel Processing Using a Work Queue.
                                                                                                        
 
                                                                                                        Leave this parameter blank.
                                                                                                        
+
                                                                                                        Leave this parameter blank.
                                                                                                        
 
                                                                                                        >1 or =1
                                                                                                        
+
                                                                                                        >1 or =1
                                                                                                        
                                                                                                         		
 
                                                                                                        
                                                                                                         
 
 
                                                                                                        Table 2 Other operations
                                                                                                        Operation
                                                                                                        
+
                                                                                                        
-
-
-
-
-
diff --git a/docs/cce/umn/cce_10_0151.html b/docs/cce/umn/cce_10_0151.html
index ebd064ac9..a6c98d86a 100644
--- a/docs/cce/umn/cce_10_0151.html
+++ b/docs/cce/umn/cce_10_0151.html
@@ -1,78 +1,105 @@
 
                                                                                                        Creating a CronJob
                                                                                                        
-
                                                                                                        Scenario
                                                                                                        A CronJob runs on a repeating schedule. You can perform time synchronization for all active nodes at a fixed time point.
                                                                                                        
-
                                                                                                        A CronJob runs periodically at the specified time. It is similar with Linux crontab. A CronJob has the following characteristics:
                                                                                                        • Runs only once at the specified time.
                                                                                                        • Runs periodically at the specified time.
                                                                                                        
+
                                                                                                        A CronJob is a Kubernetes workload designed to run periodic tasks, similar to crontab in Linux. CronJobs follow a Cron format. They periodically execute jobs at predefined schedules.
                                                                                                        
+
                                                                                                        CronJobs help automate and manage tasks, ensuring that tasks are executed on time and reducing manual management workloads. They are ideal for various scenarios, including:
                                                                                                        
+
                                                                                                        • Periodic backups: There is a need to periodically execute backup tasks, such as database backups and file system backups.
                                                                                                        • Data synchronization: Data is periodically synchronized from the primary node to a secondary node or cloud storage.
                                                                                                        • Log clearing: There is a need to periodically clear old log files to free up storage space.
                                                                                                        • Periodic report: There is a need to periodically generate and send reports, such as system status reports and performance reports.
                                                                                                        • Maintenance tasks: There is a need to execute regular system maintenance tasks, such as cache clearing and component updates.
                                                                                                        • Scheduled tasks: There is a need to execute specific tasks at a specific time point or within a period, such as service restarts and health checks.
                                                                                                        
+
                                                                                                        Prerequisites
                                                                                                        
 
                                                                                                        
-
                                                                                                        The typical usage of a CronJob is as follows:
                                                                                                        
-
                                                                                                        • Schedules jobs at the specified time.
                                                                                                        • Creates jobs to run periodically, for example, database backup and email sending.
                                                                                                        
-
                                                                                                        
-
                                                                                                        Prerequisites
                                                                                                        Resources have been created. For details, see Creating a Node.
                                                                                                        
-
                                                                                                        
-
                                                                                                        Using the CCE Console
                                                                                                        1. Log in to the CCE console.
                                                                                                        2. Click the cluster name to go to the cluster console, choose Workloads in the navigation pane, and click the Create Workload in the upper right corner.
                                                                                                        3. Set basic information about the workload.
                                                                                                          Basic Info
                                                                                                          • Workload Type: Select Cron Job. For details about workload types, see Overview.
                                                                                                          • Workload Name: Enter the name of the workload. Enter 1 to 63 characters starting with a lowercase letter and ending with a lowercase letter or digit. Only lowercase letters, digits, and hyphens (-) are allowed.
                                                                                                          • Namespace: Select the namespace of the workload. The default value is default. You can also click Create Namespace to create one. For details, see Creating a Namespace.
                                                                                                          • Container Runtime: A CCE standard cluster uses a common runtime by default, whereas a CCE Turbo cluster supports both common and secure runtimes. For details about the differences, see Secure Runtime and Common Runtime.
                                                                                                          
-
                                                                                                          
-
                                                                                                          Container Settings
                                                                                                          • Container Information
                                                                                                            Multiple containers can be configured in a pod. You can click Add Container on the right to configure multiple containers for the pod.
                                                                                                            • Basic Info: Configure basic information about the container.
-
                                                                                                        Table 2 Other operations
                                                                                                        Operation
                                                                                                        
 
                                                                                                        Description
                                                                                                        
+
                                                                                                        Description
                                                                                                        
                                                                                                         		
 
                                                                                                        
 
                                                                                                        Viewing a YAML file
                                                                                                        
+
                                                                                                        Viewing a YAML file
                                                                                                        
 
                                                                                                        Locate the row containing the target job and choose More > View YAML to view the YAML file of the job.
                                                                                                        
+
                                                                                                        Locate the row containing the target job and choose More > View YAML to view the YAML file of the job.
                                                                                                        
                                                                                                         		
 
                                                                                                        Deleting a job
                                                                                                        
+
                                                                                                        Deleting a job
                                                                                                        
 
                                                                                                        1. Select the target job and choose More > Delete in the Operation column.
                                                                                                        2. Click Yes.
                                                                                                          Deleted jobs cannot be restored. Exercise caution when deleting a job.
                                                                                                          
+
                                                                                                        1. Select the target job and choose More > Delete in the Operation column.
                                                                                                        2. Click Yes.
                                                                                                          Deleted jobs cannot be restored. Exercise caution when deleting a job.
                                                                                                          
 
                                                                                                        
                                                                                                         		
 
                                                                                                        
 
 
                                                                                                        Parameter
                                                                                                        
+
                                                                                                        Using the CCE Console
                                                                                                        1. Log in to the CCE console.
                                                                                                        2. Click the cluster name to go to the cluster console, choose Workloads in the navigation pane, and click the Create Workload in the upper right corner.
                                                                                                        3. Configure basic information about the workload.
                                                                                                          
+
                                                                                                          
-
-
-
-
-
-
-
+
+
+
+
+
+
                                                                                                          Parameter
                                                                                                          
 
                                                                                                          Description
                                                                                                          
+
                                                                                                          Description
                                                                                                          
                                                                                                           		
 
                                                                                                          
 
                                                                                                          Container Name
                                                                                                          
+
                                                                                                          Workload Type
                                                                                                          
 
                                                                                                          Name the container.
                                                                                                          
+
                                                                                                          Select Cron Job. For details about different workload types, see Workload Overview.
                                                                                                          
                                                                                                           		
 
                                                                                                          Pull Policy
                                                                                                          
+
                                                                                                          Workload Name
                                                                                                          
 
                                                                                                          Image update or pull policy. If you select Always, the image is pulled from the image repository each time. If you do not select Always, the existing image of the node is preferentially used. If the image does not exist, the image is pulled from the image repository.
                                                                                                          
+
                                                                                                          Enter a name for the workload. Enter 1 to 52 characters starting with a lowercase letter and ending with a lowercase letter or digit. Only lowercase letters, digits, and hyphens (-) are allowed.
                                                                                                          
                                                                                                           		
 
                                                                                                          Image Name
                                                                                                          
+
                                                                                                          Namespace
                                                                                                          
 
                                                                                                          Click Select Image and select the image used by the container.
                                                                                                          
+
                                                                                                          Select a namespace for the workload. The default value is default. You can also click Create Namespace to create one. For details, see Creating a Namespace.
                                                                                                          
+
                                                                                                          Container Runtime
                                                                                                          
+
                                                                                                          A CCE standard cluster uses a common runtime by default, whereas a CCE Turbo cluster supports both common and secure runtimes. For details about their differences, see Secure Runtime and Common Runtime.
                                                                                                          
+
                                                                                                          
+
                                                                                                          
+
                                                                                                        4. Configure container settings for the workload.
                                                                                                          • Container Information: Click Add Container on the right to configure multiple containers for the pod.
                                                                                                             
                                                                                                            If you configured multiple containers for a pod, ensure that the ports used by each container do not conflict with each other, or the workload cannot be deployed.
                                                                                                            
+
                                                                                                            
+
                                                                                                            • Basic Info: Configure basic information about the container.
+
                                                                                                              
+
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@@ -80,23 +107,64 @@
 
                                                                                                              Parameter
                                                                                                              
+
                                                                                                              Description
                                                                                                              
+
                                                                                                              Container Name
                                                                                                              
+
                                                                                                              Enter a name for the container.
                                                                                                              
+
                                                                                                              Pull Policy
                                                                                                              
+
                                                                                                              Image update or pull policy. If you select Always, the image is pulled from the image repository each time. If you do not select Always, the existing image of the node is preferentially used. If the image does not exist, the image is pulled from the image repository.
                                                                                                              
+
                                                                                                              Image Name
                                                                                                              
+
                                                                                                              Click Select Image and select the image used by the container.
                                                                                                              
 
                                                                                                              To use a third-party image, directly enter image path. Ensure that the image access credential can be used to access the image repository. For details, see Using Third-Party Images.
                                                                                                              
                                                                                                               		
 
                                                                                                              Image Tag
                                                                                                              
+
                                                                                                              Image Tag
                                                                                                              
 
                                                                                                              Select the image tag to be deployed.
                                                                                                              
+
                                                                                                              Select the image tag to be deployed.
                                                                                                              
                                                                                                               		
 
                                                                                                              CPU Quota
                                                                                                              
+
                                                                                                              CPU Quota
                                                                                                              
 
                                                                                                              • Request: minimum number of CPU cores required by a container. The default value is 0.25 cores.
                                                                                                              • Limit: maximum number of CPU cores that can be used by a container. This prevents containers from using excessive resources.
                                                                                                              
+
                                                                                                              • Request: minimum number of CPU cores required by a container. The default value is 0.25 cores.
                                                                                                              • Limit: maximum number of CPU cores that can be used by a container. This prevents containers from using excessive resources.
                                                                                                              
 
                                                                                                              If Request and Limit are not specified, the quota is not limited. For more information and suggestions about Request and Limit, see Configuring Container Specifications.
                                                                                                              
                                                                                                               		
 
                                                                                                              Memory Quota
                                                                                                              
+
                                                                                                              Memory Quota
                                                                                                              
 
                                                                                                              • Request: minimum amount of memory required by a container. The default value is 512 MiB.
                                                                                                              • Limit: maximum amount of memory available for a container. When memory usage exceeds the specified memory limit, the container will be terminated.
                                                                                                              
+
                                                                                                              • Request: minimum amount of memory required by a container. The default value is 512 MiB.
                                                                                                              • Limit: maximum amount of memory available for a container. When memory usage exceeds the specified memory limit, the container will be terminated.
                                                                                                              
 
                                                                                                              If Request and Limit are not specified, the quota is not limited. For more information and suggestions about Request and Limit, see Configuring Container Specifications.
                                                                                                              
                                                                                                               		
 
                                                                                                              (Optional) GPU Quota
                                                                                                              
+
                                                                                                              (Optional) GPU Quota
                                                                                                              
 
                                                                                                              Configurable only when the cluster contains GPU nodes and the CCE AI Suite (NVIDIA GPU) add-on has been installed.
                                                                                                              
+
                                                                                                              Configurable only when the cluster contains GPU nodes and the CCE AI Suite (NVIDIA GPU) add-on has been installed.
                                                                                                              
 
                                                                                                              • Do not use: No GPU will be used.
                                                                                                              • GPU card: The GPU is dedicated for the container.
                                                                                                              • GPU Virtualization: percentage of GPU resources used by the container. For example, if this parameter is set to 10%, the container will use 10% of GPU resources.
                                                                                                              
-
                                                                                                              For details about how to use GPUs in the cluster, see Default GPU Scheduling in Kubernetes.
                                                                                                              
+
                                                                                                              For details about how to use GPUs in a cluster, see Default GPU Scheduling in Kubernetes.
                                                                                                              
                                                                                                               		
 
                                                                                                              (Optional) Privileged Container
                                                                                                              
+
                                                                                                              (Optional) Privileged Container
                                                                                                              
 
                                                                                                              Programs in a privileged container have certain privileges.
                                                                                                              
-
                                                                                                              If Privileged Container is enabled, the container is assigned privileges. For example, privileged containers can manipulate network devices on the host machine and modify kernel parameters.
                                                                                                              
+
                                                                                                              Programs in a privileged container have certain privileges. If this option is enabled, the container will be assigned privileges. For example, privileged containers can manipulate network devices on the host machine, modify kernel parameters, access all devices on the node.
                                                                                                              
+
                                                                                                              For more information, see Pod Security Standards.
                                                                                                              
                                                                                                               		
 
                                                                                                              (Optional) Init Container
                                                                                                              
+
                                                                                                              (Optional) Init Container
                                                                                                              
 
                                                                                                              Whether to use the container as an init container. An init container does not support health check.
                                                                                                              
+
                                                                                                              Whether to use the container as an init container. An init container does not support health check.
                                                                                                              
 
                                                                                                              An init container is a special container that runs before other app containers in a pod are started. Each pod can contain multiple containers. In addition, a pod can contain one or more init containers. Application containers in a pod are started and run only after the running of all init containers completes. For details, see Init Containers.
                                                                                                              
                                                                                                               		
 
                                                                                                              (Optional) Run Option
                                                                                                              
+
                                                                                                              (Optional) Run Option
                                                                                                              
 
                                                                                                              Add run options for the container. For details, see Pod. CCE supports the following run options:
                                                                                                              
+
                                                                                                              Add run options for the container. For details, see Pod. CCE supports the following run options:
                                                                                                              
 
                                                                                                              • stdin: allows containers to receive input from external sources, such as terminals or other input streams.
                                                                                                              • tty: allocates a pseudo terminal to containers, allowing you to send commands to them as if you were using a local terminal.
                                                                                                                In most cases, tty is enabled along with stdin, indicating that the terminal (tty) is associated with the standard input (stdin) of the container. This allows for interactive operations, similar to the kubectl exec -i -t command. The difference is that this parameter has been configured when the pod is launched.
                                                                                                                
 
                                                                                                              
 
                                                                                                              
 
                                                                                                              
 
                                                                                                              
-
                                                                                                            
-
                                                                                                            • (Optional) Lifecycle: Configure operations to be performed in a specific phase of the container lifecycle, such as Startup Command, Post-Start, and Pre-Stop. For details, see Configuring Container Lifecycle Parameters.
                                                                                                            • (Optional) Environment Variables: Configure variables for the container running environment using key-value pairs. These variables transfer external information to containers running in pods and can be flexibly modified after application deployment. For details, see Configuring Environment Variables.
                                                                                                            
+
                                                                                                          • (Optional) Lifecycle: Configure operations to be performed in a specific phase of the container lifecycle, such as Startup Command, Post-Start, and Pre-Stop. For details, see Configuring the Container Lifecycle.
                                                                                                          • (Optional) Environment Variables: Configure variables for the container running environment using key-value pairs. These variables transfer external information to containers running in pods and can be flexibly modified after application deployment. For details, see Configuring Environment Variables.
                                                                                                          
+
                                                                                                        5. Image Access Credential: Select the credential used for accessing the image repository. The default value is default-secret. You can use default-secret to access images in SWR Shared Edition. For details about default-secret, see default-secret.
                                                                                                        6. (Optional) GPU: All is selected by default. The workload instance will be scheduled to the node of the specified GPU type.
                                                                                                          7. 
+
                                                                                                        7. Configure execution settings.
                                                                                                          
+
                                                                                                          
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                          Parameter
                                                                                                          
+
                                                                                                          Description
                                                                                                          
+
                                                                                                          Concurrency Policy
                                                                                                          
+
                                                                                                          The following modes are supported:
                                                                                                          • Forbid: A new job can be created only after the previous one is complete.
                                                                                                          • Allow: The CronJob allows concurrently running jobs, which preempt cluster resources.
                                                                                                          • Replace: If it is time for a new job to run but the previous job has not completed yet, the CronJob replaces the currently running job with a new one.
                                                                                                          
 
                                                                                                          
-
                                                                                                        8. Image Access Credential: Select the credential used for accessing the image repository. The default value is default-secret. You can use default-secret to access images in SWR Shared Edition. For details about default-secret, see default-secret.
                                                                                                        9. (Optional) GPU: All is selected by default. The workload instance will be scheduled to the node of the specified GPU type.
                                                                                                          10. 
-
-
                                                                                                          Schedule
                                                                                                          
-
                                                                                                          • Concurrency Policy: The following three modes are supported:
                                                                                                            • Forbid: A new job cannot be created before the previous job is completed.
                                                                                                            • Allow: The CronJob allows concurrently running jobs, which preempt cluster resources.
                                                                                                            • Replace: A new job replaces the previous job when it is time to create a job but the previous job is not completed.
                                                                                                            
-
                                                                                                          • Policy Settings: specifies when a new CronJob is executed. Policy settings in YAML are implemented using cron expressions.
                                                                                                            • A CronJob is executed at a fixed interval. The unit can be minute, hour, day, or month. For example, if a CronJob is executed every 30 minutes, its cron expression is */30 * * * *. The job will be executed at 30-minute intervals, starting from the top of the hour, for example, 00:00:00, 00:30:00, 01:00:00, and ....
                                                                                                            • The CronJob is executed at a fixed time (by month). For example, if a CronJob is executed at 00:00 on the first day of each month, its cron expression is 0 0 1 */1 *. The job will be executed at ****-01-01 00:00:00, ****-02-01 00:00:00, and ....
                                                                                                            • The CronJob is executed by week. For example, if a CronJob is executed at 00:00 every Monday, its cron expression is 0 0 * * 1. The job will be executed at ****-**-01 00:00:00 on Monday, ****-**-08 00:00:00 on Monday, and ....
                                                                                                            • Custom Cron Expression: For details about how to use cron expressions, see CronJob.
                                                                                                            
-
                                                                                                             
                                                                                                            • If a CronJob is executed at a fixed time (by month) and the number of days in a month does not exist, the CronJob will not be executed in this month. For example, the execution will skip February if the date is set to 30.
                                                                                                            • Due to the definition of cron, the fixed period is not a strict period. The time unit range is divided from 0 by period. For example, if the unit is minute, the value ranges from 0 to 59. If the value cannot be exactly divided, the last period is reset. Therefore, an accurate period can be represented only when the period can be evenly divided.
                                                                                                              Take a CronJob that runs hourly as an example. If an interval that can divide 24 hours exactly, such as /2, /3, /4, /6, /8, and /12, the period can be accurately represented. However, if a different period is used, the last period will reset at the beginning of each new day. For example, if the cron expression is * */12 * * *, the task will run at 00:00:00 and 12:00:00 every day. Similarly, if the cron expression is * */13 * * *, the task will run at 00:00:00 and 13:00:00 every day. Note that the last period will reset at 00:00:00 on the following day, even if it has not reached 13 hours.
                                                                                                              
+
                                                                                                          Policy Settings
                                                                                                          
+
                                                                                                          Specify when a new CronJob is executed. Policy settings in YAML are implemented using cron expressions.
                                                                                                          
+
                                                                                                          • The CronJob is executed at a fixed interval. The unit can be minute, hour, day, or month. For example, if a CronJob is executed every 30 minutes, its cron expression is */30 * * * *. The job will be executed at 30-minute intervals, starting from the top of the hour, for example, 00:00:00, 00:30:00, 01:00:00, and ....
                                                                                                          • The CronJob is executed at a fixed time (by month). For example, if a CronJob is executed at 00:00 on the first day of each month, its cron expression is 0 0 1 */1 *. The job will be executed at ****-01-01 00:00:00, ****-02-01 00:00:00, and ....
                                                                                                          • The CronJob is executed by week. For example, if a CronJob is executed at 00:00 every Monday, its cron expression is 0 0 * * 1. The job will be executed at ****-**-01 00:00:00 on Monday, ****-**-08 00:00:00 on Monday, and ....
                                                                                                          • Custom Cron Expression: For details about how to use cron expressions, see CronJob.
                                                                                                          
+
                                                                                                           NOTE: 
                                                                                                          • If a CronJob is executed at a fixed time (by month) and the number of days in a month does not exist, the CronJob will not be executed in this month. For example, the execution will skip February if the date is set to 30.
                                                                                                          • Due to the definition of cron, the fixed period is not a strict period. The time unit range is divided from 0 by period. For example, if the unit is minute, the value ranges from 0 to 59. If the value cannot be exactly divided, the last period is reset. Therefore, an accurate period can be represented only when the period can be evenly divided.
                                                                                                            Take a CronJob that runs hourly as an example. If an interval that can divide 24 hours exactly, such as /2, /3, /4, /6, /8, and /12, the period can be accurately represented. However, if a different period is used, the last period will reset at the beginning of each new day. For example, if the cron expression is * */12 * * *, the task will run at 00:00:00 and 12:00:00 every day. Similarly, if the cron expression is * */13 * * *, the task will run at 00:00:00 and 13:00:00 every day. Note that the last period will reset at 00:00:00 on the following day, even if it has not reached 13 hours.
                                                                                                            
 
                                                                                                          
 
                                                                                                          
-
                                                                                                        10. Time Zone: You can specify a time zone. If this parameter is not specified, the time zone of the master node will be used by default.
                                                                                                        11. Job Records: You can set the number of jobs that are successfully executed or fail to be executed. Setting a limit to 0 corresponds to keeping none of the jobs after they finish.
                                                                                                          12. 
-
                                                                                                          (Optional) Advanced Settings
                                                                                                          • Labels and Annotations: Add labels or annotations for pods using key-value pairs. After entering the key and value, click Confirm. For details about how to use and configure labels and annotations, see Configuring Labels and Annotations.
                                                                                                          
-
                                                                                                          • Network Configuration
                                                                                                            • Pod ingress/egress bandwidth limitation: You can set ingress/egress bandwidth limitation for pods. For details, see Configuring QoS for a Pod.
                                                                                                            • Whether to enable a specified container network configuration: available only for clusters that support this function. After you enable a specified container network configuration, the workload will be created using the container subnet and security group in the configuration. For details, see Binding a Subnet and Security Group to a Namespace or Workload Using a Container Network Configuration.
                                                                                                            • Specify the container network configuration name: Only the custom container network configuration whose associated resource type is workload can be selected.
                                                                                                            • IPv6 shared bandwidth: available only for clusters that support this function. After this function is enabled, you can configure a shared bandwidth for a pod with IPv6 dual-stack ENIs. For details, see Configuring Shared Bandwidth for a Pod with IPv6 Dual-Stack ENIs.
                                                                                                            
-
                                                                                                          
+
                                                                                                          Time Zone
                                                                                                          
+
                                                                                                          Specify the time zone where the policy settings are applied. If this parameter is not specified, the time zone of the master node will be used by default.
                                                                                                          
+
                                                                                                          Job Records
                                                                                                          
+
                                                                                                          Configure the number of successful or failed jobs that are reserved. If the value is set to 0, no jobs will be reserved once they finish or fail.
                                                                                                          
+
                                                                                                          
 
                                                                                                          
-
                                                                                                        12. Click Create Workload in the lower right corner and check whether the workload status changes to Started.
                                                                                                          
+
                                                                                                        13. (Optional) Configure advanced settings for the workload.
                                                                                                          
+
                                                                                                          
+
+
+
+
+
+
+
+
+
+
+
                                                                                                          Parameter
                                                                                                          
+
                                                                                                          Description
                                                                                                          
+
                                                                                                          Labels and Annotations
                                                                                                          
+
                                                                                                          Add labels or annotations for pods using key-value pairs. After the setting, click Confirm. For details about labels and annotations, see Configuring Labels and Annotations.
                                                                                                          
+
                                                                                                          Network Configuration
                                                                                                          
+                                                                                                          		
+
                                                                                                          
+
                                                                                                          
+
                                                                                                        14. Click Create Workload in the lower right corner and check whether the workload status changes to Started.
                                                                                                          
 
                                                                                                          
 
                                                                                                        
 
                                                                                                        
@@ -112,7 +180,7 @@ kind: CronJob
 metadata:
   name: hello
 spec:
-  schedule: "*/1 * * * *"  # The task is executed every minute.
+  schedule: "*/1 * * * *"  # The job is executed every minute.
   jobTemplate:
     spec:
       template:
@@ -132,47 +200,47 @@ spec:
 
                                                                                                        Information similar to the following is displayed:
                                                                                                        
 
                                                                                                        cronjob.batch/hello created
                                                                                                        
 
                                                                                                      • Check the running status of the CronJob:
                                                                                                        kubectl get cronjob
                                                                                                        
-
                                                                                                        The command output is as follows:
                                                                                                        
+
                                                                                                        Command output:
                                                                                                        
 
                                                                                                        NAME    SCHEDULE      TIMEZONE   SUSPEND   ACTIVE   LAST SCHEDULE   AGE
 hello   */1 * * * *   <none>     False     0        59s             2m36s
                                                                                                        
 
                                                                                                      • Check the job that is started at a scheduled time.
                                                                                                        kubectl get jobs
                                                                                                        
-
                                                                                                        The command output is as follows:
                                                                                                        
+
                                                                                                        Command output:
                                                                                                        
 
                                                                                                        NAME               COMPLETIONS   DURATION   AGE
 hello-1597387980   1/1           27s        45s
                                                                                                        
 
                                                                                                      • Check the pods started by the job.
                                                                                                        kubectl get pod
                                                                                                        
-
                                                                                                        The command output is as follows:
                                                                                                        
+
                                                                                                        Command output:
                                                                                                        
 
                                                                                                        NAME                           READY     STATUS      RESTARTS   AGE
 hello-1597387980-tjv8f         0/1       Completed   0          114s
                                                                                                        
-
                                                                                                      • Check the pod logs. It is expected that "Hello from the Kubernetes cluster" is displayed in the logs.
                                                                                                        kubectl logs hello-1597387980-tjv8f
                                                                                                        
-
                                                                                                        The command output is as follows:
                                                                                                        
+
                                                                                                      • Check pod logs. It is expected that "Hello from the Kubernetes cluster" is displayed in the logs.
                                                                                                        kubectl logs hello-1597387980-tjv8f
                                                                                                        
+
                                                                                                        Command output:
                                                                                                        
 
                                                                                                        Fri Aug 14 06:56:31 UTC 2020
 Hello from the Kubernetes cluster
                                                                                                        
-
                                                                                                      • Delete the cron job. If a cron job is deleted, the related jobs and pods are deleted accordingly.
                                                                                                        kubectl delete cronjob hello
                                                                                                        
-
                                                                                                        The command output is as follows:
                                                                                                        
+
                                                                                                      • Delete the CronJob. When a CronJob is deleted, its associated tasks and pods are deleted accordingly.
                                                                                                        kubectl delete cronjob hello
                                                                                                        
+
                                                                                                        Command output:
                                                                                                        
 
                                                                                                        cronjob.batch "hello" deleted
                                                                                                        
 
                                                                                                        • 
 
 
                                                                                                        Related Operations
                                                                                                        After a CronJob is created, you can perform operations listed in Table 1.
                                                                                                        
 
-
                                                                                                        Table 1 Other operations
                                                                                                        Operation
                                                                                                        
+
                                                                                                        
-
-
-
-
-
-
-
diff --git a/docs/cce/umn/cce_10_0152.html b/docs/cce/umn/cce_10_0152.html
index 14f973889..c58cc6c45 100644
--- a/docs/cce/umn/cce_10_0152.html
+++ b/docs/cce/umn/cce_10_0152.html
@@ -8,7 +8,7 @@
 
                                                                                                        Notes and Constraints
                                                                                                        • The size of a ConfigMap resource file cannot exceed 1 MB.
                                                                                                        • ConfigMaps cannot be used in static pods.
                                                                                                        
 
                                                                                                        
-
                                                                                                        Procedure
                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                        2. Choose ConfigMaps and Secrets in the navigation pane and click Create ConfigMap in the upper right corner.
                                                                                                        3. Configure parameters.
                                                                                                          
+
                                                                                                          Creating a ConfigMap Using the Console
                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                          2. Choose ConfigMaps and Secrets in the navigation pane and click Create ConfigMap in the upper right corner.
                                                                                                          3. Configure parameters.
                                                                                                            
 
                                                                                                        Table 1 Other operations
                                                                                                        Operation
                                                                                                        
 
                                                                                                        Description
                                                                                                        
+
                                                                                                        Description
                                                                                                        
                                                                                                         		
 
                                                                                                        
 
                                                                                                        Editing a YAML file
                                                                                                        
+
                                                                                                        Editing a YAML file
                                                                                                        
 
                                                                                                        Click More > Edit YAML next to the CronJob name to edit the YAML file of the current job.
                                                                                                        
+
                                                                                                        Click More > Edit YAML next to the CronJob name to edit the YAML file of the current job.
                                                                                                        
                                                                                                         		
 
                                                                                                        Stopping a CronJob
                                                                                                        
+
                                                                                                        Stopping a CronJob
                                                                                                        
 
                                                                                                        1. Select the job to be stopped and click Stop in the Operation column.
                                                                                                        2. Click Yes.
                                                                                                        
+
                                                                                                        1. Select the job to be stopped and click Stop in the Operation column.
                                                                                                        2. Click Yes.
                                                                                                        
                                                                                                         		
 
                                                                                                        Deleting a CronJob
                                                                                                        
+
                                                                                                        Deleting a CronJob
                                                                                                        
 
                                                                                                        1. Select the CronJob to be deleted and click More > Delete in the Operation column.
                                                                                                        2. Click Yes.
                                                                                                          Deleted jobs cannot be restored. Exercise caution when deleting a job.
                                                                                                          
+
                                                                                                        1. Select the target CronJob and choose More > Delete in the Operation column.
                                                                                                        2. Click Yes.
                                                                                                          Deleted jobs cannot be restored. Exercise caution when deleting a job.
                                                                                                          
 
                                                                                                        
                                                                                                         		
 
                                                                                                        
 
                                                                                                        
-
-
diff --git a/docs/cce/umn/cce_10_0153.html b/docs/cce/umn/cce_10_0153.html
index c5e3edc4a..366119a39 100644
--- a/docs/cce/umn/cce_10_0153.html
+++ b/docs/cce/umn/cce_10_0153.html
@@ -5,7 +5,7 @@
 
                                                                                                        Notes and Constraints
                                                                                                        Secrets cannot be used in static pods.
                                                                                                        
 
                                                                                                        
-
                                                                                                        Procedure
                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                        2. Choose ConfigMaps and Secrets in the navigation pane, click the Secrets tab, and click Create Secret in the upper right corner.
                                                                                                        3. Configure parameters.
                                                                                                          
+
                                                                                                          Creating a Key Pair using the Console
                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                          2. Choose ConfigMaps and Secrets in the navigation pane, click the Secrets tab, and click Create Secret in the upper right corner.
                                                                                                          3. Configure parameters.
                                                                                                            
 
                                                                                                        Table 1 Parameters for creating a ConfigMap
                                                                                                        Parameter
                                                                                                        
                                                                                                         		
 
                                                                                                        Description
                                                                                                        
@@ -32,13 +32,13 @@
 
                                                                                                        
 
                                                                                                        Data
                                                                                                        
 
                                                                                                        Data of a ConfigMap, in the key-value pair format.
                                                                                                        
-
                                                                                                        Click  to add data. The value can be in string, JSON, or YAML format.
                                                                                                        
+
                                                                                                        Data of the ConfigMap. Click Add and enter key-value pairs.
                                                                                                        
+
                                                                                                        • Key: Enter 1 to 63 characters. Only digits, letters, periods (.), hyphens (-), and underscores (_) are allowed. The key cannot start with two periods (..).
                                                                                                        • Value: The value can be in string, JSON, or YAML format.
                                                                                                        
                                                                                                         		
 
                                                                                                        
 
                                                                                                        Label
                                                                                                        
 
                                                                                                        Label of the ConfigMap. Enter a key-value pair and click Confirm.
                                                                                                        
+
                                                                                                        Label of the ConfigMap. Click Add Label and enter key-value pairs. The key and value must contain 1 to 63 characters that start and end with a letter or digit. Only letters, digits, hyphens (-), underscores (_), and periods (.) are allowed.
                                                                                                        
                                                                                                         		
 
                                                                                                        
 
 
                                                                                                        
-
-
-
@@ -52,8 +53,24 @@
 
                                                                                                      • Click OK.
                                                                                                        The new secret is displayed in the key list.
                                                                                                        
 
                                                                                                        • 
+
                                                                                                        Creating a Secret Using kubectl
                                                                                                        1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                        2. Encode the secret value using Base64.
                                                                                                          # echo -n "content-to-be-encoded" | base64
+******
                                                                                                          
+
                                                                                                        3. Create a file named cce-secret.yaml and edit it.
                                                                                                          vi cce-secret.yaml
                                                                                                          
+
                                                                                                          The following YAML file uses the Opaque type as an example. For details about other types, see Secret Resource File Configuration Example.
                                                                                                          
+
                                                                                                          apiVersion: v1
+kind: Secret
+metadata:
+  name: mysecret
+type: Opaque
+data:
+  <your_key>: <your_value>  # Enter a key-value pair. The value must be encoded using Base64.
                                                                                                          
+
                                                                                                        4. Create a secret.
                                                                                                          kubectl create -f cce-secret.yaml
                                                                                                          
+
                                                                                                          You can query the secret after creation.
                                                                                                          
+
                                                                                                          kubectl get secret -n default
                                                                                                          
+
                                                                                                        
+
                                                                                                        Secret Resource File Configuration Example
                                                                                                        This section describes configuration examples of secret resource description files.
                                                                                                        
-
                                                                                                        • Opaque type
                                                                                                          The secret.yaml file is defined as shown below. The data field is filled in as a key-value pair, and the value field must be encoded using Base64. For details about the Base64 encoding method, see Base64 Encoding.
                                                                                                          
+
                                                                                                          • Opaque type
                                                                                                            The secret.yaml file is defined as shown below. The data field is filled in as a key-value pair, and the value field must be encoded using Base64. For details, see Base64 Encoding.
                                                                                                            
 
                                                                                                            apiVersion: v1
 kind: Secret
 metadata:
@@ -62,12 +79,12 @@ metadata:
 data:
   <your_key>: <your_value>  # Enter a key-value pair. The value must be encoded using Base64.
 type: Opaque
                                                                                                            
-
                                                                                                          • kubernetes.io/dockerconfigjson type
                                                                                                            The secret.yaml file is defined as shown below. The value of .dockerconfigjson must be encoded using Base64. For details, see Base64 Encoding.
                                                                                                            
+
                                                                                                          • kubernetes.io/dockerconfigjson type
                                                                                                            The secret.yaml file is defined as shown below. The value of .dockerconfigjson must be encoded using Base64. For details, see Base64 Encoding.
                                                                                                            
 
                                                                                                            apiVersion: v1
 kind: Secret
 metadata:
   name: mysecret           #Secret name
-  namespace: default       #Namespace. The default value is default.
+  namespace: default       #Namespace. The default value is default.
 data:
   .dockerconfigjson: eyJh*****    # Content encoded using Base64.
 type: kubernetes.io/dockerconfigjson
                                                                                                            
@@ -82,21 +99,21 @@ data:
 
                                                                                                            The encoded content is the .dockerconfigjson content.
                                                                                                            
 
                                                                                                            • 
 
                                                                                                          
-
                                                                                                          • kubernetes.io/tls type
                                                                                                            The value of tls.crt and tls.key must be encoded using Base64. For details, see Base64 Encoding.
                                                                                                            kind: Secret
+
                                                                                                            • kubernetes.io/tls type
                                                                                                              The value of tls.crt and tls.key must be encoded using Base64. For details, see Base64 Encoding.
                                                                                                              kind: Secret
 apiVersion: v1
 metadata:
   name: mysecret           #Secret name
-  namespace: default       #Namespace. The default value is default.
+  namespace: default       #Namespace. The default value is default.
 data:
   tls.crt: LS0tLS1CRU*****FURS0tLS0t  # Certificate content, which must be encoded using Base64.
   tls.key: LS0tLS1CRU*****VZLS0tLS0=  # Private key content, which must be encoded using Base64.
 type: kubernetes.io/tls
                                                                                                              
 
                                                                                                              
-
                                                                                                            • IngressTLS type
                                                                                                              The value of tls.crt and tls.key must be encoded using Base64. For details, see Base64 Encoding.
                                                                                                              kind: Secret
+
                                                                                                            • IngressTLS type
                                                                                                              The value of tls.crt and tls.key must be encoded using Base64. For details, see Base64 Encoding.
                                                                                                              kind: Secret
 apiVersion: v1
 metadata:
   name: mysecret           #Secret name
-  namespace: default       #Namespace. The default value is default.
+  namespace: default       #Namespace. The default value is default.
 data:
   tls.crt: LS0tLS1CRU*****FURS0tLS0t  # Certificate content, which must be encoded using Base64.
   tls.key: LS0tLS1CRU*****VZLS0tLS0=  # Private key content, which must be encoded using Base64.
@@ -104,50 +121,37 @@ data:
 
                                                                                                              
 
                                                                                                            
 
                                                                                                            
-
                                                                                                            Creating a Secret Using kubectl
                                                                                                            1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                            2. Encode the secret value using Base64.
                                                                                                              # echo -n "content-to-be-encoded" | base64
-******
                                                                                                              
-
                                                                                                            3. Create a file named cce-secret.yaml and edit it.
                                                                                                              vi cce-secret.yaml
                                                                                                              
-
                                                                                                              The following YAML file uses the Opaque type as an example. For details about other types, see Secret Resource File Configuration Example.
                                                                                                              
-
                                                                                                              apiVersion: v1
-kind: Secret
-metadata:
-  name: mysecret
-type: Opaque
-data:
-  <your_key>: <your_value>  # Enter a key-value pair. The value must be encoded using Base64.
                                                                                                              
-
                                                                                                            4. Create a secret.
                                                                                                              kubectl create -f cce-secret.yaml
                                                                                                              
-
                                                                                                              You can query the secret after creation.
                                                                                                              
-
                                                                                                              kubectl get secret -n default
                                                                                                              
-
                                                                                                            
+
                                                                                                            Base64 Encoding
                                                                                                            To perform Base64 encoding on a string, run the following command:
                                                                                                            
+
                                                                                                            echo -n "Content to be encoded" | base64
                                                                                                            
 
                                                                                                            
 
                                                                                                            Related Operations
                                                                                                            After creating a secret, you can update or delete it as described in Table 2.
                                                                                                             
                                                                                                            The secret list contains system secret resources that can be queried only. The system secret resources cannot be updated or deleted.
                                                                                                            
 
                                                                                                            
 
-
                                                                                                        Table 1 Parameters for creating a secret
                                                                                                        Parameter
                                                                                                        
                                                                                                         		
 
                                                                                                        Description
                                                                                                        
@@ -27,23 +27,24 @@
 
                                                                                                        Description of a secret.
                                                                                                        
                                                                                                         		
 
                                                                                                        Type
                                                                                                        
+
                                                                                                        Secret Type
                                                                                                        
                                                                                                         		
 
                                                                                                        Type of the secret you create.
                                                                                                        
 
                                                                                                        • Opaque: common secret.
                                                                                                        • kubernetes.io/dockerconfigjson: a secret that stores the authentication information required for pulling images from a private repository.
                                                                                                        • kubernetes.io/tls: Kubernetes TLS secret, which is used to store the certificate required by layer-7 load balancing Services. For details about examples of the kubernetes.io/tls secret and its description, see TLS secrets.
                                                                                                        • IngressTLS: TLS secret provided by CCE to store the certificate required by layer-7 load balancing Services.
                                                                                                        • Other: another type of secret, which is specified manually.
                                                                                                        
                                                                                                         		
 
                                                                                                        Secret Data
                                                                                                        
+
                                                                                                        Data
                                                                                                        
                                                                                                         		
 
                                                                                                        Workload secret data can be used in containers.
                                                                                                        
-
                                                                                                        • If Secret Type is Opaque, click . In the dialog box displayed, enter a key-value pair and select Auto Base64 Encoding.
                                                                                                        • If Secret Type is kubernetes.io/dockerconfigjson, enter the account and password for logging in to the private image repository.
                                                                                                        • If Secret Type is kubernetes.io/tls or IngressTLS, upload the certificate file and private key file.
                                                                                                           NOTE: 
                                                                                                          • A certificate is a self-signed or CA-signed credential used for identity authentication.
                                                                                                          • A certificate request is a request for a signature with a private key.
                                                                                                          
+
                                                                                                          • If Secret Type is set to Opaque, click Add. In the window that slides out from the right, enter a key-value pair and select Auto Base64 Encoding.
                                                                                                            Key: Enter 1 to 63 characters. Only digits, letters, periods (.), hyphens (-), and underscores (_) are allowed. The key cannot start with two periods (..).
                                                                                                            
+
                                                                                                          • If Secret Type is set to kubernetes.io/dockerconfigjson, click Add and enter the account and password for logging in to the private image repository.
                                                                                                          • If Secret Type is kubernetes.io/tls or IngressTLS, upload the certificate file and private key file.
                                                                                                             NOTE: 
                                                                                                            • A certificate is a self-signed or CA-signed credential used for identity authentication.
                                                                                                            • A certificate request is a request for a signature with a private key.
                                                                                                            
 
                                                                                                            
 
                                                                                                          
 
                                                                                                        		
 
                                                                                                        
 
                                                                                                        Secret Label
                                                                                                        
 
                                                                                                        Label of the secret. Enter a key-value pair and click Confirm.
                                                                                                        
+
                                                                                                        Label of the secret. Click Add Label and enter key-value pairs. The key and value must contain 1 to 63 characters that start and end with a letter or digit. Only letters, digits, hyphens (-), underscores (_), and periods (.) are allowed.
                                                                                                        
                                                                                                         		
 
                                                                                                        
 
 
 
                                                                                                        Table 2 Related operations
                                                                                                        Operation
                                                                                                        
+
                                                                                                        
-
-
-
-
-
-
-
-
-
@@ -155,10 +159,6 @@ data:
 
-
                                                                                                        Base64 Encoding
                                                                                                        To Base64-encode a string, run the echo -n content to be encoded | base64 command. The following is an example:
                                                                                                        
-
                                                                                                        root@ubuntu:~# echo -n "content to be encoded" | base64
-******
                                                                                                        
-
                                                                                                        
 
                                                                                                        
diff --git a/docs/cce/umn/cce_10_0154.html b/docs/cce/umn/cce_10_0154.html
index 6d6245f07..d2f10ef0f 100644
--- a/docs/cce/umn/cce_10_0154.html
+++ b/docs/cce/umn/cce_10_0154.html
@@ -1,18 +1,18 @@
 
 
 
                                                                                                        CCE Cluster Autoscaler
                                                                                                        
-
                                                                                                        Introduction
                                                                                                        The CCE Cluster Autoscaler add-on is built on the Autoscaler component of the community. It can automatically adjust the number of cluster nodes based on the resource needs of applications, optimizing resource utilization and performance. Autoscaler is the main controller in Kubernetes. It can automatically scale nodes in or out based on resource requirements. When there are not enough node resources to schedule pods in a cluster, Autoscaler adds more nodes with additional resources for those pods. Furthermore, if the resource utilization of the added nodes is low, Autoscaler will automatically remove them. For details about how to implement node auto scaling, see Creating a Node Scaling Policy.
                                                                                                        
+
                                                                                                        Introduction
                                                                                                        The CCE Cluster Autoscaler add-on is built on the Autoscaler component of the community. It can automatically adjust the number of cluster nodes based on the resource needs of applications, optimizing resource utilization and performance. Autoscaler is the main controller in Kubernetes. It can automatically scale nodes in or out based on resource requirements. When there are not enough node resources to schedule pods in a cluster, Autoscaler adds more nodes with additional resources for those pods. Furthermore, if the resource utilization of the added nodes is low, Autoscaler will automatically remove them. For details about how to implement node auto scaling, see Creating a Node Auto Scaling Policy.
                                                                                                        
 
                                                                                                        Open-source community: https://github.com/kubernetes/autoscaler
                                                                                                        
 
                                                                                                        
 
                                                                                                        How the Add-on Works
                                                                                                        Autoscaler controls auto scale-out and scale-in.
                                                                                                        
 
                                                                                                        • Auto scale-out
                                                                                                          You can choose either of the following methods:
                                                                                                          • If a pod cannot be scheduled due to insufficient resources of worker nodes, CCE will add more nodes to the cluster. The new nodes have the same resource quotas as those configured for the node pools that the new nodes are in.
                                                                                                            Auto scale-out will be performed when:
                                                                                                            • Node resources are insufficient.
                                                                                                            • No node affinity policy is set in the scheduling configurations of the pod. If the pod is configured affinity for a node, the system will not automatically add more nodes in the cluster. For details about how to configure node affinity policies, see Configuring Node Affinity Scheduling (nodeAffinity).
                                                                                                            
 
                                                                                                            
-
                                                                                                          • When the cluster meets the node scaling policy, cluster scale-out is also triggered. For details, see Creating a Node Scaling Policy.
                                                                                                          
+
                                                                                                        • When the cluster meets the node scaling policy, cluster scale-out is also triggered. For details, see Creating a Node Auto Scaling Policy.
                                                                                                        
 
                                                                                                         
                                                                                                        The add-on follows the "No Less, No More" policy. For example, if three cores are required for creating a pod and the system supports four-core and eight-core nodes, Autoscaler will preferentially create a four-core node.
                                                                                                        
 
                                                                                                        
 
                                                                                                        
 
                                                                                                      • Auto scale-in
                                                                                                        When a cluster node is idle for a period of time (10 minutes by default), cluster scale-in is triggered, and the node is automatically deleted. However, a node cannot be deleted from a cluster if the following pods exist:
                                                                                                        • Pods that do not meet specific requirements set in Pod Disruption Budgets (PodDisruptionBudget)
                                                                                                        • Pods that cannot be scheduled to other nodes due to constraints such as affinity and anti-affinity policies
                                                                                                        • Pods that have the cluster-autoscaler.kubernetes.io/safe-to-evict: 'false' annotation
                                                                                                        • Pods (except those created by DaemonSets in the kube-system namespace) that exist in the kube-system namespace on the node
                                                                                                        • Pods that are not created by the controller (Deployment/ReplicaSet/job/StatefulSet)
                                                                                                        
-
                                                                                                         
                                                                                                        When a node meets the scale-in conditions, Autoscaler adds the DeletionCandidateOfClusterAutoscaler taint to the node in advance to prevent pods from being scheduled to the node. After the Autoscaler add-on is uninstalled, if the taint still exists on the node, manually delete it.
                                                                                                        
+
                                                                                                         
                                                                                                        • When a node meets the scale-in conditions, Autoscaler adds the DeletionCandidateOfClusterAutoscaler taint to the node in advance to prevent pods from being scheduled to the node. After the CCE Cluster Autoscaler add-on is uninstalled, if the taint still exists on the node, manually delete it.
                                                                                                        • To ensure system stability and efficient resource utilization, CCE Cluster Autoscaler uses a conservative policy. Nodes that are not entirely idle are drained one at a time. When these nodes host pods configured with graceful termination, the draining process can be prolonged. As a result, the overall scale-in process may take more time to complete.
                                                                                                        
 
                                                                                                        
 
                                                                                                        
 
                                                                                                        • 
@@ -20,30 +20,80 @@
 
                                                                                                        Notes and Constraints
                                                                                                        • There must be enough resources in the cluster during the add-on installation.
                                                                                                        • The default node pool does not support auto scaling. For details, see Description of DefaultPool.
                                                                                                        • Node scale-in will cause PVC/PV data loss for the local PVs associated with the node. These PVCs and PVs cannot be restored or used again. In a node scale-in, a pod that uses the local PV will be evicted from the node. A new pod will be created, but it remains in a pending state because the label of the PVC bound to it conflicts with the node label.
                                                                                                        • When CCE Cluster Autoscaler is used, some taints or annotations may affect auto scaling. Therefore, do not use the following taints or annotations in clusters:
                                                                                                          • ignore-taint.cluster-autoscaler.kubernetes.io: The taint works on nodes. Kubernetes-native Autoscaler supports protection against abnormal scale-outs and periodically evaluates the proportion of available nodes in the cluster. When the proportion of non-ready nodes exceeds 45%, protection will be triggered. In this case, all nodes with the ignore-taint.cluster-autoscaler.kubernetes.io taint in the cluster are filtered out from the Autoscaler template and recorded as non-ready nodes, which affect cluster scaling.
                                                                                                          • cluster-autoscaler.kubernetes.io/enable-ds-eviction: The annotation works on pods, which determines whether DaemonSet pods can be evicted by Autoscaler. For details, see Well-Known Labels, Annotations and Taints.
                                                                                                          
 
                                                                                                        
 
                                                                                                        
-
                                                                                                        Installing the Add-on
                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Add-ons, locate CCE Cluster Autoscaler on the right, and click Install.
                                                                                                        2. On the Install Add-on page, configure the specifications as needed.
                                                                                                          There are three types of preset specifications based on the cluster scale. You can select one as required. The system will configure the number of pods and resource quotas for the add-on based on the selected preset specifications. You can see the configurations on the console.
                                                                                                          
-
                                                                                                        3. Configure deployment policies for the add-on pods.
                                                                                                           
                                                                                                          • Scheduling policies do not take effect on add-on pods of the DaemonSet type.
                                                                                                          • When configuring multi-AZ deployment or node affinity, ensure that there are nodes meeting the scheduling policy and that resources are sufficient in the cluster. Otherwise, the add-on cannot run.
                                                                                                          
-
                                                                                                          
+
                                                                                                          Installing the Add-on
                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                          2. In the navigation pane, choose Add-ons. Locate CCE Cluster Autoscaler on the right and click Install.
                                                                                                          3. On the Install Add-on page, configure the specifications as needed.
                                                                                                            There are three types of preset specifications based on the cluster scale. You can select one as required. The system will configure the number of pods and resource quotas for the add-on based on the selected preset specifications. You can see the configurations on the console.
                                                                                                            
+
                                                                                                            If your cluster is large and the preset specifications do not meet your needs, you can customize the resource specifications and estimate the number of pods in the cluster to better determine the memory usage of the add-on. The recommended memory request and limit in typical large clusters can be calculated as follows:
                                                                                                            
+
                                                                                                            • Memory request = Number of pods × Size of the pod YAML files (KB)/10000 × 0.28 GiB + 1 GiB
                                                                                                            • Memory limit =Memory request + 2 GiB
                                                                                                            
+
                                                                                                            For example, if there are 20,000 pods and the YAML file size of each pod is 10 KB, the memory request would be 6.6 GiB (2 × 10 × 0.28 GiB + 1 GiB) and the memory limit would be 8.6 GiB (6.6 GiB + 2 GiB). (The calculated values may differ from the recommendations listed in Table 1. You can refer to that table or use these formulas.)
                                                                                                            
 
-
                                                                                                        Table 2 Related operations
                                                                                                        Operation
                                                                                                        
 
                                                                                                        Description
                                                                                                        
+
                                                                                                        Description
                                                                                                        
                                                                                                         		
 
                                                                                                        
 
                                                                                                        Editing a YAML file
                                                                                                        
+
                                                                                                        Editing a YAML file
                                                                                                        
 
                                                                                                        Click Edit YAML in the row where the target secret resides to edit its YAML file.
                                                                                                        
+
                                                                                                        Click Edit YAML in the row where the target secret resides to edit its YAML file.
                                                                                                        
                                                                                                         		
 
                                                                                                        Updating a secret
                                                                                                        
+
                                                                                                        Updating a secret
                                                                                                        
 
                                                                                                        1. Select the name of the secret to be updated and click Update.
                                                                                                        2. Modify the secret data. For more information, see Table 1.
                                                                                                        3. Click OK.
                                                                                                        
+
                                                                                                        1. Select the name of the secret to be updated and click Update.
                                                                                                        2. Modify the secret data. For more information, see Table 1.
                                                                                                        3. Click OK.
                                                                                                        
                                                                                                         		
 
                                                                                                        Deleting a secret
                                                                                                        
+
                                                                                                        Deleting a secret
                                                                                                        
 
                                                                                                        Select the secret you want to delete and click Delete.
                                                                                                        
+
                                                                                                        Select the secret you want to delete and click Delete.
                                                                                                        
 
                                                                                                        Follow the prompts to delete the secret.
                                                                                                        
                                                                                                         		
 
                                                                                                        Deleting secrets in batches
                                                                                                        
+
                                                                                                        Deleting secrets in batches
                                                                                                        
 
                                                                                                        1. Select the secrets to be deleted.
                                                                                                        2. Click Delete above the secret list.
                                                                                                        3. Follow the prompts to delete the secrets.
                                                                                                        
+
                                                                                                        1. Select the secrets to be deleted.
                                                                                                        2. Click Delete above the secret list.
                                                                                                        3. Follow the prompts to delete the secrets.
                                                                                                        
                                                                                                         		
 
                                                                                                        
                                                                                                         
 
 
 
 
                                                                                                        Table 1 Configurations for add-on scheduling
                                                                                                        Parameter
                                                                                                        
+
                                                                                                        
-
+
-
-
+
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                        Table 1 Recommended add-on memory size in large-scale scenarios
                                                                                                        Number of Pods (10 KB for Each Pod YAML)
                                                                                                        
 
                                                                                                        Description
                                                                                                        
+
                                                                                                        Recommended Memory Request
                                                                                                        
+
                                                                                                        Recommended Memory Limit
                                                                                                        
                                                                                                         		
 
                                                                                                        
 
                                                                                                        Multi-AZ Deployment
                                                                                                        
+
                                                                                                        10000
                                                                                                        
 
                                                                                                        • Preferred: Deployment pods of the add-on will be preferentially scheduled to nodes in different AZs. If all the nodes in the cluster are deployed in the same AZ, the pods will be scheduled to different nodes in that AZ.
                                                                                                        • Equivalent mode: Deployment pods of the add-on are evenly scheduled to the nodes in the cluster in each AZ. If a new AZ is added, you are advised to increase add-on pods for cross-AZ HA deployment. With the Equivalent multi-AZ deployment, the difference between the number of add-on pods in different AZs will be less than or equal to 1. If resources in one of the AZs are insufficient, pods cannot be scheduled to that AZ.
                                                                                                        • Forcible: Deployment pods of the add-on are forcibly scheduled to nodes in different AZs. There can be at most one pod in each AZ. If nodes in a cluster are not in different AZs, some add-on pods cannot run properly. If a node is faulty, add-on pods on it may fail to be migrated.
                                                                                                        
+
                                                                                                        4 GiB
                                                                                                        
+
                                                                                                        6 GiB
                                                                                                        
                                                                                                         		
 
                                                                                                        Node Affinity
                                                                                                        
+
                                                                                                        30000
                                                                                                        
 
                                                                                                        • Not configured: Node affinity is disabled for the add-on.
                                                                                                        • Specify node: Specify the nodes where the add-on is deployed. If you do not specify the nodes, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                                        • Specify node pool: Specify the node pool where the add-on is deployed. If you do not specify the node pools, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                                        • Customize affinity: Enter the labels of the nodes where the add-on is to be deployed for more flexible scheduling policies. If you do not specify node labels, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                                          If multiple custom affinity policies are configured, ensure that there are nodes that meet all the affinity policies in the cluster. Otherwise, the add-on cannot run.
                                                                                                          
+
                                                                                                        8 GiB
                                                                                                        
+
                                                                                                        10 GiB
                                                                                                        
+
                                                                                                        50000
                                                                                                        
+
                                                                                                        16 GiB
                                                                                                        
+
                                                                                                        18 GiB
                                                                                                        
+
                                                                                                        80000
                                                                                                        
+
                                                                                                        24 GiB
                                                                                                        
+
                                                                                                        26 GiB
                                                                                                        
+
                                                                                                        100000
                                                                                                        
+
                                                                                                        28 GiB
                                                                                                        
+
                                                                                                        30 GiB
                                                                                                        
+
                                                                                                        
+
                                                                                                        
+
                                                                                                      • Configure deployment policies for the add-on pods.
                                                                                                         
                                                                                                        • Scheduling policies do not take effect on add-on pods of the DaemonSet type.
                                                                                                        • When configuring multi-AZ deployment or node affinity, ensure that there are nodes meeting the scheduling policy and that resources are sufficient in the cluster. Otherwise, the add-on cannot run.
                                                                                                        
+
                                                                                                        
+
+
                                                                                                        
+
+
+
+
+
+
+
+
-
-
@@ -54,7 +104,7 @@
 
                                                                                                      • After the configuration is complete, click Install.
                                                                                                        • Components
                                                                                                        
-
                                                                                                        Table 2 Configurations for add-on scheduling
                                                                                                        Parameter
                                                                                                        
+
                                                                                                        Description
                                                                                                        
+
                                                                                                        Multi-AZ Deployment
                                                                                                        
+
                                                                                                        • Preferred: Deployment pods of the add-on will be preferentially scheduled to nodes in different AZs. If all the nodes in the cluster are deployed in the same AZ, the pods will be scheduled to different nodes in that AZ.
                                                                                                        • Equivalent mode: Deployment pods of the add-on are evenly scheduled to the nodes in the cluster in each AZ. If a new AZ is added, you are advised to increase add-on pods for cross-AZ HA deployment. With the Equivalent multi-AZ deployment, the difference between the number of add-on pods in different AZs will be less than or equal to 1. If resources in one of the AZs are insufficient, pods cannot be scheduled to that AZ.
                                                                                                        • Forcible: Deployment pods of the add-on are forcibly scheduled to nodes in different AZs. There can be at most one pod in each AZ. If nodes in a cluster are not in different AZs, some add-on pods cannot run properly. If a node is faulty, add-on pods on it may fail to be migrated.
                                                                                                        
+
                                                                                                        Node Affinity
                                                                                                        
+
                                                                                                        • Not configured: Node affinity is disabled for the add-on.
                                                                                                        • Specify node: Specify the nodes where the add-on is deployed. If you do not specify the nodes, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                                        • Specify node pool: Specify the node pool where the add-on is deployed. If you do not specify the node pools, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                                        • Customize affinity: Enter the labels of the nodes where the add-on is to be deployed for more flexible scheduling policies. If you do not specify node labels, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                                          If multiple custom affinity policies are configured, ensure that there are nodes that meet all the affinity policies in the cluster. Otherwise, the add-on cannot run.
                                                                                                          
 
                                                                                                        
                                                                                                         		
 
                                                                                                        Toleration
                                                                                                        
+
                                                                                                        Toleration
                                                                                                        
 
                                                                                                        Using both taints and tolerations allows (not forcibly) the add-on Deployment to be scheduled to a node with the matching taints, and controls the Deployment eviction policies after the node where the Deployment is located is tainted.
                                                                                                        
+
                                                                                                        Using both taints and tolerations allows (not forcibly) the add-on Deployment to be scheduled to a node with the matching taints, and controls the Deployment eviction policies after the node where the Deployment is located is tainted.
                                                                                                        
 
                                                                                                        The add-on adds the default tolerance policy for the node.kubernetes.io/not-ready and node.kubernetes.io/unreachable taints, respectively. The tolerance time window is 60s.
                                                                                                        
 
                                                                                                        For details, see Configuring Tolerance Policies.
                                                                                                        
                                                                                                         		
 
 
                                                                                                        Table 2 Add-on components
                                                                                                        Component
                                                                                                        
+
                                                                                                        
@@ -74,752 +124,775 @@
 
                                                                                                        Change History
                                                                                                        
-
                                                                                                        Table 3 Add-on components
                                                                                                        Component
                                                                                                        
                                                                                                         		
 
                                                                                                        Description
                                                                                                        
                                                                                                         		
 
 
                                                                                                        Table 3 Release history for the add-on adapted to clusters v1.31
                                                                                                        Add-on Version
                                                                                                        
+
                                                                                                        
-
-
-
-
-
-
-
-
-
-
-
-
                                                                                                        Table 4 CCE Cluster Autoscaler add-on adapted to clusters v1.32
                                                                                                        Add-on Version
                                                                                                        
 
                                                                                                        Supported Cluster Version
                                                                                                        
+
                                                                                                        Supported Cluster Version
                                                                                                        
 
                                                                                                        New Feature
                                                                                                        
+
                                                                                                        New Feature
                                                                                                        
 
                                                                                                        Community Version
                                                                                                        
+
                                                                                                        Community Version
                                                                                                        
                                                                                                         		
 
                                                                                                        
 
                                                                                                        1.31.13
                                                                                                        
+
                                                                                                        1.32.5
                                                                                                        
 
                                                                                                        v1.31
                                                                                                        
+
                                                                                                        v1.32
                                                                                                        
 
                                                                                                        The scale-down delay and scale-down utilization thresholds can be configured for node pools.
                                                                                                        
+
                                                                                                        CCE clusters v1.32 are supported.
                                                                                                        
 
                                                                                                        1.31.1
                                                                                                        
-
                                                                                                        1.31.8
                                                                                                        
-
                                                                                                        v1.31
                                                                                                        
-
                                                                                                        CCE clusters v1.31 are supported.
                                                                                                        
-
                                                                                                        1.31.1
                                                                                                        
+
                                                                                                        1.32.1
                                                                                                        
                                                                                                         		
 
                                                                                                        
                                                                                                         
 
                                                                                                        
 
                                                                                                        
 
-
                                                                                                        Table 4 Release history for the add-on adapted to clusters v1.30
                                                                                                        Add-on Version
                                                                                                        
+
                                                                                                        
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                                                                        Table 5 CCE Cluster Autoscaler add-on adapted to clusters v1.31
                                                                                                        Add-on Version
                                                                                                        
 
                                                                                                        Supported Cluster Version
                                                                                                        
+
                                                                                                        Supported Cluster Version
                                                                                                        
 
                                                                                                        New Feature
                                                                                                        
+
                                                                                                        New Feature
                                                                                                        
 
                                                                                                        Community Version
                                                                                                        
+
                                                                                                        Community Version
                                                                                                        
                                                                                                         		
 
                                                                                                        
 
                                                                                                        1.30.51
                                                                                                        
+
                                                                                                        1.31.13
                                                                                                        
 
                                                                                                        v1.30
                                                                                                        
+
                                                                                                        v1.31
                                                                                                        
 
                                                                                                        The scale-down delay and scale-down utilization thresholds can be configured for node pools.
                                                                                                        
+
                                                                                                        The scale-down delay and scale-down utilization thresholds can be configured for node pools.
                                                                                                        
 
                                                                                                        1.30.1
                                                                                                        
+
                                                                                                        1.31.1
                                                                                                        
                                                                                                         		
 
                                                                                                        1.30.18
                                                                                                        
+
                                                                                                        1.31.8
                                                                                                        
 
                                                                                                        v1.30
                                                                                                        
+
                                                                                                        v1.31
                                                                                                        
 
                                                                                                        Fixed some issues.
                                                                                                        
+
                                                                                                        CCE clusters v1.31 are supported.
                                                                                                        
 
                                                                                                        1.30.1
                                                                                                        
-
                                                                                                        1.30.15
                                                                                                        
-
                                                                                                        v1.30
                                                                                                        
-
                                                                                                        • Clusters v1.30 are supported.
                                                                                                        • Added the name of the target node pool to the events.
                                                                                                        
-
                                                                                                        1.30.1
                                                                                                        
+
                                                                                                        1.31.1
                                                                                                        
                                                                                                         		
 
                                                                                                        
                                                                                                         
 
                                                                                                        
 
                                                                                                        
 
-
                                                                                                        Table 5 Release history for the add-on adapted to clusters v1.29
                                                                                                        Add-on Version
                                                                                                        
+
                                                                                                        
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                                                                        Table 6 CCE Cluster Autoscaler add-on adapted to clusters v1.30
                                                                                                        Add-on Version
                                                                                                        
 
                                                                                                        Supported Cluster Version
                                                                                                        
+
                                                                                                        Supported Cluster Version
                                                                                                        
 
                                                                                                        New Feature
                                                                                                        
+
                                                                                                        New Feature
                                                                                                        
 
                                                                                                        Community Version
                                                                                                        
+
                                                                                                        Community Version
                                                                                                        
                                                                                                         		
 
                                                                                                        
 
                                                                                                        1.29.84
                                                                                                        
+
                                                                                                        1.30.51
                                                                                                        
 
                                                                                                        v1.29
                                                                                                        
+
                                                                                                        v1.30
                                                                                                        
 
                                                                                                        The scale-down delay and scale-down utilization thresholds can be configured for node pools.
                                                                                                        
+
                                                                                                        The scale-down delay and scale-down utilization thresholds can be configured for node pools.
                                                                                                        
 
                                                                                                        1.29.1
                                                                                                        
+
                                                                                                        1.30.1
                                                                                                        
                                                                                                         		
 
                                                                                                        1.29.53
                                                                                                        
+
                                                                                                        1.30.18
                                                                                                        
 
                                                                                                        v1.29
                                                                                                        
+
                                                                                                        v1.30
                                                                                                        
 
                                                                                                        Fixed some issues.
                                                                                                        
+
                                                                                                        Fixed some issues.
                                                                                                        
 
                                                                                                        1.29.1
                                                                                                        
+
                                                                                                        1.30.1
                                                                                                        
                                                                                                         		
 
                                                                                                        1.29.17
                                                                                                        
+
                                                                                                        1.30.15
                                                                                                        
 
                                                                                                        v1.29
                                                                                                        
+
                                                                                                        v1.30
                                                                                                        
 
                                                                                                        Optimized events.
                                                                                                        
+
                                                                                                        • Clusters v1.30 are supported.
                                                                                                        • Added the name of the target node pool to the events.
                                                                                                        
 
                                                                                                        1.29.1
                                                                                                        
-
                                                                                                        1.29.13
                                                                                                        
-
                                                                                                        v1.29
                                                                                                        
-
                                                                                                        Clusters v1.29 are supported.
                                                                                                        
-
                                                                                                        1.29.1
                                                                                                        
+
                                                                                                        1.30.1
                                                                                                        
                                                                                                         		
 
                                                                                                        
                                                                                                         
 
                                                                                                        
 
                                                                                                        
 
-
                                                                                                        Table 6 Release history for the add-on adapted to clusters v1.28
                                                                                                        Add-on Version
                                                                                                        
+
                                                                                                        
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                                                                        Table 7 CCE Cluster Autoscaler add-on adapted to clusters v1.29
                                                                                                        Add-on Version
                                                                                                        
 
                                                                                                        Supported Cluster Version
                                                                                                        
+
                                                                                                        Supported Cluster Version
                                                                                                        
 
                                                                                                        New Feature
                                                                                                        
+
                                                                                                        New Feature
                                                                                                        
 
                                                                                                        Community Version
                                                                                                        
+
                                                                                                        Community Version
                                                                                                        
                                                                                                         		
 
                                                                                                        
 
                                                                                                        1.28.123
                                                                                                        
+
                                                                                                        1.29.84
                                                                                                        
 
                                                                                                        v1.28
                                                                                                        
+
                                                                                                        v1.29
                                                                                                        
 
                                                                                                        The scale-down delay and scale-down utilization thresholds can be configured for node pools.
                                                                                                        
+
                                                                                                        The scale-down delay and scale-down utilization thresholds can be configured for node pools.
                                                                                                        
 
                                                                                                        1.28.1
                                                                                                        
+
                                                                                                        1.29.1
                                                                                                        
                                                                                                         		
 
                                                                                                        1.28.92
                                                                                                        
+
                                                                                                        1.29.53
                                                                                                        
 
                                                                                                        v1.28
                                                                                                        
+
                                                                                                        v1.29
                                                                                                        
 
                                                                                                        Fixed some issues.
                                                                                                        
+
                                                                                                        Fixed some issues.
                                                                                                        
 
                                                                                                        1.28.1
                                                                                                        
+
                                                                                                        1.29.1
                                                                                                        
                                                                                                         		
 
                                                                                                        1.28.91
                                                                                                        
+
                                                                                                        1.29.17
                                                                                                        
 
                                                                                                        v1.28
                                                                                                        
+
                                                                                                        v1.29
                                                                                                        
 
                                                                                                        Fixed some issues.
                                                                                                        
+
                                                                                                        Optimized events.
                                                                                                        
 
                                                                                                        1.28.1
                                                                                                        
+
                                                                                                        1.29.1
                                                                                                        
                                                                                                         		
 
                                                                                                        1.28.88
                                                                                                        
+
                                                                                                        1.29.13
                                                                                                        
 
                                                                                                        v1.28
                                                                                                        
+
                                                                                                        v1.29
                                                                                                        
 
                                                                                                        Added the name of the target node pool to the events.
                                                                                                        
+
                                                                                                        Clusters v1.29 are supported.
                                                                                                        
 
                                                                                                        1.28.1
                                                                                                        
-
                                                                                                        1.28.55
                                                                                                        
-
                                                                                                        v1.28
                                                                                                        
-
                                                                                                        Optimized events.
                                                                                                        
-
                                                                                                        1.28.1
                                                                                                        
-
                                                                                                        1.28.22
                                                                                                        
-
                                                                                                        v1.28
                                                                                                        
-
                                                                                                        Fixed some issues.
                                                                                                        
-
                                                                                                        1.28.1
                                                                                                        
-
                                                                                                        1.28.20
                                                                                                        
-
                                                                                                        v1.28
                                                                                                        
-
                                                                                                        Fixed some issues.
                                                                                                        
-
                                                                                                        1.28.1
                                                                                                        
-
                                                                                                        1.28.17
                                                                                                        
-
                                                                                                        v1.28
                                                                                                        
-
                                                                                                        Fixed the issue that scale-in cannot be performed when there are custom pod controllers in a cluster.
                                                                                                        
-
                                                                                                        1.28.1
                                                                                                        
+
                                                                                                        1.29.1
                                                                                                        
                                                                                                         		
 
                                                                                                        
                                                                                                         
 
                                                                                                        
 
                                                                                                        
 
-
                                                                                                        Table 7 Release history for the add-on adapted to clusters v1.27
                                                                                                        Add-on Version
                                                                                                        
+
                                                                                                        
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                                                                        Table 8 CCE Cluster Autoscaler add-on adapted to clusters v1.28
                                                                                                        Add-on Version
                                                                                                        
 
                                                                                                        Supported Cluster Version
                                                                                                        
+
                                                                                                        Supported Cluster Version
                                                                                                        
 
                                                                                                        New Feature
                                                                                                        
+
                                                                                                        New Feature
                                                                                                        
 
                                                                                                        Community Version
                                                                                                        
+
                                                                                                        Community Version
                                                                                                        
                                                                                                         		
 
                                                                                                        
 
                                                                                                        1.27.155
                                                                                                        
+
                                                                                                        1.28.123
                                                                                                        
 
                                                                                                        v1.27
                                                                                                        
+
                                                                                                        v1.28
                                                                                                        
 
                                                                                                        The scale-down delay and scale-down utilization thresholds can be configured for node pools.
                                                                                                        
+
                                                                                                        The scale-down delay and scale-down utilization thresholds can be configured for node pools.
                                                                                                        
 
                                                                                                        1.27.1
                                                                                                        
+
                                                                                                        1.28.1
                                                                                                        
                                                                                                         		
 
                                                                                                        1.27.123
                                                                                                        
+
                                                                                                        1.28.92
                                                                                                        
 
                                                                                                        v1.27
                                                                                                        
+
                                                                                                        v1.28
                                                                                                        
 
                                                                                                        Fixed some issues.
                                                                                                        
+
                                                                                                        Fixed some issues.
                                                                                                        
 
                                                                                                        1.27.1
                                                                                                        
+
                                                                                                        1.28.1
                                                                                                        
                                                                                                         		
 
                                                                                                        1.27.122
                                                                                                        
+
                                                                                                        1.28.91
                                                                                                        
 
                                                                                                        v1.27
                                                                                                        
+
                                                                                                        v1.28
                                                                                                        
 
                                                                                                        Fixed some issues.
                                                                                                        
+
                                                                                                        Fixed some issues.
                                                                                                        
 
                                                                                                        1.27.1
                                                                                                        
+
                                                                                                        1.28.1
                                                                                                        
                                                                                                         		
 
                                                                                                        1.27.119
                                                                                                        
+
                                                                                                        1.28.88
                                                                                                        
 
                                                                                                        v1.27
                                                                                                        
+
                                                                                                        v1.28
                                                                                                        
 
                                                                                                        Added the name of the target node pool to the events.
                                                                                                        
+
                                                                                                        Added the name of the target node pool to the events.
                                                                                                        
 
                                                                                                        1.27.1
                                                                                                        
+
                                                                                                        1.28.1
                                                                                                        
                                                                                                         		
 
                                                                                                        1.27.88
                                                                                                        
+
                                                                                                        1.28.55
                                                                                                        
 
                                                                                                        v1.27
                                                                                                        
+
                                                                                                        v1.28
                                                                                                        
 
                                                                                                        Optimized events.
                                                                                                        
+
                                                                                                        Optimized events.
                                                                                                        
 
                                                                                                        1.27.1
                                                                                                        
+
                                                                                                        1.28.1
                                                                                                        
                                                                                                         		
 
                                                                                                        1.27.55
                                                                                                        
+
                                                                                                        1.28.22
                                                                                                        
 
                                                                                                        v1.27
                                                                                                        
+
                                                                                                        v1.28
                                                                                                        
 
                                                                                                        Fixed some issues.
                                                                                                        
+
                                                                                                        Fixed some issues.
                                                                                                        
 
                                                                                                        1.27.1
                                                                                                        
+
                                                                                                        1.28.1
                                                                                                        
                                                                                                         		
 
                                                                                                        1.27.53
                                                                                                        
+
                                                                                                        1.28.20
                                                                                                        
 
                                                                                                        v1.27
                                                                                                        
+
                                                                                                        v1.28
                                                                                                        
 
                                                                                                        Fixed some issues.
                                                                                                        
+
                                                                                                        Fixed some issues.
                                                                                                        
 
                                                                                                        1.27.1
                                                                                                        
+
                                                                                                        1.28.1
                                                                                                        
                                                                                                         		
 
                                                                                                        1.27.51
                                                                                                        
+
                                                                                                        1.28.17
                                                                                                        
 
                                                                                                        v1.27
                                                                                                        
+
                                                                                                        v1.28
                                                                                                        
 
                                                                                                        Fixed some issues.
                                                                                                        
+
                                                                                                        Fixed the issue that scale-in cannot be performed when there are custom pod controllers in a cluster.
                                                                                                        
 
                                                                                                        1.27.1
                                                                                                        
-
                                                                                                        1.27.14
                                                                                                        
-
                                                                                                        v1.27
                                                                                                        
-
                                                                                                        Fixed the scale-in failure of nodes of different specifications in the same node pool and unexpected PreferNoSchedule taint issues.
                                                                                                        
-
                                                                                                        1.27.1
                                                                                                        
+
                                                                                                        1.28.1
                                                                                                        
                                                                                                         		
 
                                                                                                        
                                                                                                         
 
                                                                                                        
 
                                                                                                        
 
-
                                                                                                        Table 8 Release history for the add-on adapted to clusters v1.25
                                                                                                        Add-on Version
                                                                                                        
+
                                                                                                        
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                                                                        Table 9 CCE Cluster Autoscaler add-on adapted to clusters v1.27
                                                                                                        Add-on Version
                                                                                                        
 
                                                                                                        Supported Cluster Version
                                                                                                        
+
                                                                                                        Supported Cluster Version
                                                                                                        
 
                                                                                                        New Feature
                                                                                                        
+
                                                                                                        New Feature
                                                                                                        
 
                                                                                                        Community Version
                                                                                                        
+
                                                                                                        Community Version
                                                                                                        
                                                                                                         		
 
                                                                                                        
 
                                                                                                        1.25.184
                                                                                                        
+
                                                                                                        1.27.155
                                                                                                        
 
                                                                                                        v1.25
                                                                                                        
+
                                                                                                        v1.27
                                                                                                        
 
                                                                                                        The scale-down delay and scale-down utilization thresholds can be configured for node pools.
                                                                                                        
+
                                                                                                        The scale-down delay and scale-down utilization thresholds can be configured for node pools.
                                                                                                        
 
                                                                                                        1.25.0
                                                                                                        
+
                                                                                                        1.27.1
                                                                                                        
                                                                                                         		
 
                                                                                                        1.25.153
                                                                                                        
+
                                                                                                        1.27.123
                                                                                                        
 
                                                                                                        v1.25
                                                                                                        
+
                                                                                                        v1.27
                                                                                                        
 
                                                                                                        Fixed some issues.
                                                                                                        
+
                                                                                                        Fixed some issues.
                                                                                                        
 
                                                                                                        1.25.0
                                                                                                        
+
                                                                                                        1.27.1
                                                                                                        
                                                                                                         		
 
                                                                                                        1.25.152
                                                                                                        
+
                                                                                                        1.27.122
                                                                                                        
 
                                                                                                        v1.25
                                                                                                        
+
                                                                                                        v1.27
                                                                                                        
 
                                                                                                        Added the name of the target node pool to the events.
                                                                                                        
+
                                                                                                        Fixed some issues.
                                                                                                        
 
                                                                                                        1.25.0
                                                                                                        
+
                                                                                                        1.27.1
                                                                                                        
                                                                                                         		
 
                                                                                                        1.25.120
                                                                                                        
+
                                                                                                        1.27.119
                                                                                                        
 
                                                                                                        v1.25
                                                                                                        
+
                                                                                                        v1.27
                                                                                                        
 
                                                                                                        Optimized events.
                                                                                                        
+
                                                                                                        Added the name of the target node pool to the events.
                                                                                                        
 
                                                                                                        1.25.0
                                                                                                        
+
                                                                                                        1.27.1
                                                                                                        
                                                                                                         		
 
                                                                                                        1.25.88
                                                                                                        
+
                                                                                                        1.27.88
                                                                                                        
 
                                                                                                        v1.25
                                                                                                        
+
                                                                                                        v1.27
                                                                                                        
 
                                                                                                        Fixed some issues.
                                                                                                        
+
                                                                                                        Optimized events.
                                                                                                        
 
                                                                                                        1.25.0
                                                                                                        
+
                                                                                                        1.27.1
                                                                                                        
                                                                                                         		
 
                                                                                                        1.25.86
                                                                                                        
+
                                                                                                        1.27.55
                                                                                                        
 
                                                                                                        v1.25
                                                                                                        
+
                                                                                                        v1.27
                                                                                                        
 
                                                                                                        Fixed some issues.
                                                                                                        
+
                                                                                                        Fixed some issues.
                                                                                                        
 
                                                                                                        1.25.0
                                                                                                        
+
                                                                                                        1.27.1
                                                                                                        
                                                                                                         		
 
                                                                                                        1.25.84
                                                                                                        
+
                                                                                                        1.27.53
                                                                                                        
 
                                                                                                        v1.25
                                                                                                        
+
                                                                                                        v1.27
                                                                                                        
 
                                                                                                        Fixed some issues.
                                                                                                        
+
                                                                                                        Fixed some issues.
                                                                                                        
 
                                                                                                        1.25.0
                                                                                                        
+
                                                                                                        1.27.1
                                                                                                        
                                                                                                         		
 
                                                                                                        1.25.46
                                                                                                        
+
                                                                                                        1.27.51
                                                                                                        
 
                                                                                                        v1.25
                                                                                                        
+
                                                                                                        v1.27
                                                                                                        
 
                                                                                                        Fixed the scale-in failure of nodes of different specifications in the same node pool and unexpected PreferNoSchedule taint issues.
                                                                                                        
+
                                                                                                        Fixed some issues.
                                                                                                        
 
                                                                                                        1.25.0
                                                                                                        
+
                                                                                                        1.27.1
                                                                                                        
                                                                                                         		
 
                                                                                                        1.25.21
                                                                                                        
+
                                                                                                        1.27.14
                                                                                                        
 
                                                                                                        v1.25
                                                                                                        
+
                                                                                                        v1.27
                                                                                                        
 
                                                                                                        • Fixed the issue that the autoscaler's least-waste is disabled by default.
                                                                                                        • Fixed the issue that the node pool cannot be switched to another pool for scaling out after a scale-out failure and the add-on has to restart.
                                                                                                        • The default taint tolerance duration is changed to 60s.
                                                                                                        • Fixed the issue that scale-out is still triggered after the scale-out rule is disabled.
                                                                                                        
+
                                                                                                        Fixed the scale-in failure of nodes of different specifications in the same node pool and unexpected PreferNoSchedule taint issues.
                                                                                                        
 
                                                                                                        1.25.0
                                                                                                        
-
                                                                                                        1.25.7
                                                                                                        
-
                                                                                                        v1.25
                                                                                                        
-
                                                                                                        • CCE clusters v1.25 are supported.
                                                                                                        • Modified the memory request and limit of a customized flavor.
                                                                                                        • Enabled to report an event indicating that scaling cannot be performed in a node pool with auto scaling disabled.
                                                                                                        
-
                                                                                                        1.25.0
                                                                                                        
+
                                                                                                        1.27.1
                                                                                                        
                                                                                                         		
 
                                                                                                        
                                                                                                         
 
                                                                                                        
 
                                                                                                        
 
-
                                                                                                        Table 9 Release history for the add-on adapted to clusters v1.23
                                                                                                        Add-on Version
                                                                                                        
+
                                                                                                        
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                                                                        Table 10 CCE Cluster Autoscaler add-on adapted to clusters v1.25
                                                                                                        Add-on Version
                                                                                                        
 
                                                                                                        Supported Cluster Version
                                                                                                        
+
                                                                                                        Supported Cluster Version
                                                                                                        
 
                                                                                                        New Feature
                                                                                                        
+
                                                                                                        New Feature
                                                                                                        
 
                                                                                                        Community Version
                                                                                                        
+
                                                                                                        Community Version
                                                                                                        
                                                                                                         		
 
                                                                                                        
 
                                                                                                        1.23.157
                                                                                                        
+
                                                                                                        1.25.184
                                                                                                        
 
                                                                                                        v1.23
                                                                                                        
+
                                                                                                        v1.25
                                                                                                        
 
                                                                                                        Fixed some issues.
                                                                                                        
+
                                                                                                        The scale-down delay and scale-down utilization thresholds can be configured for node pools.
                                                                                                        
 
                                                                                                        1.23.0
                                                                                                        
+
                                                                                                        1.25.0
                                                                                                        
                                                                                                         		
 
                                                                                                        1.23.156
                                                                                                        
+
                                                                                                        1.25.153
                                                                                                        
 
                                                                                                        v1.23
                                                                                                        
+
                                                                                                        v1.25
                                                                                                        
 
                                                                                                        Added the name of the target node pool to the events.
                                                                                                        
+
                                                                                                        Fixed some issues.
                                                                                                        
 
                                                                                                        1.23.0
                                                                                                        
+
                                                                                                        1.25.0
                                                                                                        
                                                                                                         		
 
                                                                                                        1.23.125
                                                                                                        
+
                                                                                                        1.25.152
                                                                                                        
 
                                                                                                        v1.23
                                                                                                        
+
                                                                                                        v1.25
                                                                                                        
 
                                                                                                        Optimized events.
                                                                                                        
+
                                                                                                        Added the name of the target node pool to the events.
                                                                                                        
 
                                                                                                        1.23.0
                                                                                                        
+
                                                                                                        1.25.0
                                                                                                        
                                                                                                         		
 
                                                                                                        1.23.95
                                                                                                        
+
                                                                                                        1.25.120
                                                                                                        
 
                                                                                                        v1.23
                                                                                                        
+
                                                                                                        v1.25
                                                                                                        
 
                                                                                                        Fixed some issues.
                                                                                                        
+
                                                                                                        Optimized events.
                                                                                                        
 
                                                                                                        1.23.0
                                                                                                        
+
                                                                                                        1.25.0
                                                                                                        
                                                                                                         		
 
                                                                                                        1.23.93
                                                                                                        
+
                                                                                                        1.25.88
                                                                                                        
 
                                                                                                        v1.23
                                                                                                        
+
                                                                                                        v1.25
                                                                                                        
 
                                                                                                        Fixed some issues.
                                                                                                        
+
                                                                                                        Fixed some issues.
                                                                                                        
 
                                                                                                        1.23.0
                                                                                                        
+
                                                                                                        1.25.0
                                                                                                        
                                                                                                         		
 
                                                                                                        1.23.91
                                                                                                        
+
                                                                                                        1.25.86
                                                                                                        
 
                                                                                                        v1.23
                                                                                                        
+
                                                                                                        v1.25
                                                                                                        
 
                                                                                                        Fixed some issues.
                                                                                                        
+
                                                                                                        Fixed some issues.
                                                                                                        
 
                                                                                                        1.23.0
                                                                                                        
+
                                                                                                        1.25.0
                                                                                                        
                                                                                                         		
 
                                                                                                        1.23.54
                                                                                                        
+
                                                                                                        1.25.84
                                                                                                        
 
                                                                                                        v1.23
                                                                                                        
+
                                                                                                        v1.25
                                                                                                        
 
                                                                                                        Fixed the scale-in failure of nodes of different specifications in the same node pool and unexpected PreferNoSchedule taint issues.
                                                                                                        
+
                                                                                                        Fixed some issues.
                                                                                                        
 
                                                                                                        1.23.0
                                                                                                        
+
                                                                                                        1.25.0
                                                                                                        
                                                                                                         		
 
                                                                                                        1.23.31
                                                                                                        
+
                                                                                                        1.25.46
                                                                                                        
 
                                                                                                        v1.23
                                                                                                        
+
                                                                                                        v1.25
                                                                                                        
 
                                                                                                        • Fixed the issue that the autoscaler's least-waste is disabled by default.
                                                                                                        • Fixed the issue that the node pool cannot be switched to another pool for scaling out after a scale-out failure and the add-on has to restart.
                                                                                                        • The default taint tolerance duration is changed to 60s.
                                                                                                        • Fixed the issue that scale-out is still triggered after the scale-out rule is disabled.
                                                                                                        
+
                                                                                                        Fixed the scale-in failure of nodes of different specifications in the same node pool and unexpected PreferNoSchedule taint issues.
                                                                                                        
 
                                                                                                        1.23.0
                                                                                                        
+
                                                                                                        1.25.0
                                                                                                        
                                                                                                         		
 
                                                                                                        1.23.17
                                                                                                        
+
                                                                                                        1.25.21
                                                                                                        
 
                                                                                                        v1.23
                                                                                                        
+
                                                                                                        v1.25
                                                                                                        
 
                                                                                                        • Supported node scaling policies without a step.
                                                                                                        • Fixed a bug so that deleted node pools are automatically removed.
                                                                                                        • Supported scheduling by priority.
                                                                                                        • Supported the emptyDir scheduling policy.
                                                                                                        • Fixed a bug so that scale-in can be triggered on the nodes whose capacity is lower than the scale-in threshold when the node scaling policy is disabled.
                                                                                                        • Modified the memory request and limit of a customized flavor.
                                                                                                        • Enabled to report an event indicating that scaling cannot be performed in a node pool with auto scaling disabled.
                                                                                                        
+
                                                                                                        • Fixed the issue that the autoscaler's least-waste is disabled by default.
                                                                                                        • Fixed the issue that if a node scale-out failed in a node pool, the same operation cannot be performed in another node pool and the add-on has to restart.
                                                                                                        • The default taint tolerance duration is changed to 60s.
                                                                                                        • Fixed the issue that scale-out is still triggered after the scale-out rule is disabled.
                                                                                                        
 
                                                                                                        1.23.0
                                                                                                        
+
                                                                                                        1.25.0
                                                                                                        
                                                                                                         		
 
                                                                                                        1.23.10
                                                                                                        
+
                                                                                                        1.25.7
                                                                                                        
 
                                                                                                        v1.23
                                                                                                        
+
                                                                                                        v1.25
                                                                                                        
 
                                                                                                        • Optimized logging.
                                                                                                        • Supported scale-in waiting so that operations such as data dump can be performed before a node is deleted.
                                                                                                        
+
                                                                                                        • CCE clusters v1.25 are supported.
                                                                                                        • Modified the memory request and limit of a customized flavor.
                                                                                                        • Allowed a node pool with auto scaling disabled to report a scaling failure event.
                                                                                                        
 
                                                                                                        1.23.0
                                                                                                        
+
                                                                                                        1.25.0
                                                                                                        
                                                                                                         		
 
                                                                                                        
                                                                                                         
 
                                                                                                        
 
                                                                                                        
 
-
                                                                                                        Table 10 Release history for the add-on adapted to clusters v1.21
                                                                                                        Add-on Version
                                                                                                        
+
                                                                                                        
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
                                                                                                        Table 11 CCE Cluster Autoscaler add-on adapted to clusters v1.23
                                                                                                        Add-on Version
                                                                                                        
 
                                                                                                        Supported Cluster Version
                                                                                                        
+
                                                                                                        Supported Cluster Version
                                                                                                        
 
                                                                                                        New Feature
                                                                                                        
+
                                                                                                        New Feature
                                                                                                        
 
                                                                                                        Community Version
                                                                                                        
+
                                                                                                        Community Version
                                                                                                        
                                                                                                         		
 
                                                                                                        
 
                                                                                                        1.21.89
                                                                                                        
+
                                                                                                        1.23.157
                                                                                                        
 
                                                                                                        v1.21
                                                                                                        
+
                                                                                                        v1.23
                                                                                                        
 
                                                                                                        Fixed some issues.
                                                                                                        
+
                                                                                                        Fixed some issues.
                                                                                                        
 
                                                                                                        1.21.0
                                                                                                        
+
                                                                                                        1.23.0
                                                                                                        
                                                                                                         		
 
                                                                                                        1.21.87
                                                                                                        
+
                                                                                                        1.23.156
                                                                                                        
 
                                                                                                        v1.21
                                                                                                        
+
                                                                                                        v1.23
                                                                                                        
 
                                                                                                        Fixed some issues.
                                                                                                        
+
                                                                                                        Added the name of the target node pool to the events.
                                                                                                        
 
                                                                                                        1.21.0
                                                                                                        
+
                                                                                                        1.23.0
                                                                                                        
                                                                                                         		
 
                                                                                                        1.21.86
                                                                                                        
+
                                                                                                        1.23.125
                                                                                                        
 
                                                                                                        v1.21
                                                                                                        
+
                                                                                                        v1.23
                                                                                                        
 
                                                                                                        Fixed the issue that the node pool auto scaling cannot meet expectations after AZ topology constraints are configured for nodes.
                                                                                                        
+
                                                                                                        Optimized events.
                                                                                                        
 
                                                                                                        1.21.0
                                                                                                        
+
                                                                                                        1.23.0
                                                                                                        
                                                                                                         		
 
                                                                                                        1.21.51
                                                                                                        
+
                                                                                                        1.23.95
                                                                                                        
 
                                                                                                        v1.21
                                                                                                        
+
                                                                                                        v1.23
                                                                                                        
 
                                                                                                        Fixed the scale-in failure of nodes of different specifications in the same node pool and unexpected PreferNoSchedule taint issues.
                                                                                                        
+
                                                                                                        Fixed some issues.
                                                                                                        
 
                                                                                                        1.21.0
                                                                                                        
+
                                                                                                        1.23.0
                                                                                                        
                                                                                                         		
 
                                                                                                        1.21.29
                                                                                                        
+
                                                                                                        1.23.93
                                                                                                        
 
                                                                                                        v1.21
                                                                                                        
+
                                                                                                        v1.23
                                                                                                        
 
                                                                                                        • Supported anti-affinity scheduling of add-on pods on nodes in different AZs.
                                                                                                        • Added the tolerance time during which the pods with temporary storage volumes cannot be scheduled.
                                                                                                        • Fixed the issue that the number of node pools cannot be restored when scaling group resources are insufficient.
                                                                                                        • Fixed the issue that the node pool cannot be switched to another pool for scaling out after a scale-out failure and the add-on has to restart.
                                                                                                        • The default taint tolerance duration is changed to 60s.
                                                                                                        • Fixed the issue that scale-out is still triggered after the scale-out rule is disabled.
                                                                                                        
+
                                                                                                        Fixed some issues.
                                                                                                        
 
                                                                                                        1.21.0
                                                                                                        
+
                                                                                                        1.23.0
                                                                                                        
                                                                                                         		
 
                                                                                                        1.21.16
                                                                                                        
+
                                                                                                        1.23.91
                                                                                                        
 
                                                                                                        v1.21
                                                                                                        
+
                                                                                                        v1.23
                                                                                                        
 
                                                                                                        • Supported node scaling policies without a step.
                                                                                                        • Fixed a bug so that deleted node pools are automatically removed.
                                                                                                        • Supported scheduling by priority.
                                                                                                        • Supported the emptyDir scheduling policy.
                                                                                                        • Fixed a bug so that scale-in can be triggered on the nodes whose capacity is lower than the scale-in threshold when the node scaling policy is disabled.
                                                                                                        • Modified the memory request and limit of a customized flavor.
                                                                                                        • Enabled to report an event indicating that scaling cannot be performed in a node pool with auto scaling disabled.
                                                                                                        
+
                                                                                                        Fixed some issues.
                                                                                                        
 
                                                                                                        1.21.0
                                                                                                        
+
                                                                                                        1.23.0
                                                                                                        
                                                                                                         		
 
                                                                                                        1.21.9
                                                                                                        
+
                                                                                                        1.23.54
                                                                                                        
 
                                                                                                        v1.21
                                                                                                        
+
                                                                                                        v1.23
                                                                                                        
 
                                                                                                        • Optimized logging.
                                                                                                        • Supported scale-in waiting so that operations such as data dump can be performed before a node is deleted.
                                                                                                        
+
                                                                                                        Fixed the scale-in failure of nodes of different specifications in the same node pool and unexpected PreferNoSchedule taint issues.
                                                                                                        
 
                                                                                                        1.21.0
                                                                                                        
+
                                                                                                        1.23.0
                                                                                                        
                                                                                                         		
 
                                                                                                        1.21.1
                                                                                                        
+
                                                                                                        1.23.31
                                                                                                        
 
                                                                                                        v1.21
                                                                                                        
+
                                                                                                        v1.23
                                                                                                        
 
                                                                                                        Fixed the issue that the node pool modification in the existing periodic auto scaling rule does not take effect.
                                                                                                        
+
                                                                                                        • Fixed the issue that the autoscaler's least-waste is disabled by default.
                                                                                                        • Fixed the issue that if a node scale-out failed in a node pool, the same operation cannot be performed in another node pool and the add-on has to restart.
                                                                                                        • The default taint tolerance duration is changed to 60s.
                                                                                                        • Fixed the issue that scale-out is still triggered after the scale-out rule is disabled.
                                                                                                        
 
                                                                                                        1.21.0
                                                                                                        
+
                                                                                                        1.23.0
                                                                                                        
+
                                                                                                        1.23.17
                                                                                                        
+
                                                                                                        v1.23
                                                                                                        
+
                                                                                                        • Supported node scaling policies without a step.
                                                                                                        • Fixed a bug so that deleted node pools are automatically removed.
                                                                                                        • Supported priority-based scheduling.
                                                                                                        • Supported the emptyDir scheduling policy.
                                                                                                        • Fixed a bug so that scale-in can be triggered on the nodes whose capacity is lower than the scale-in threshold when the node scaling policy is disabled.
                                                                                                        • Modified the memory request and limit of a customized flavor.
                                                                                                        • Allowed a node pool with auto scaling disabled to report a scaling failure event.
                                                                                                        
+
                                                                                                        1.23.0
                                                                                                        
+
                                                                                                        1.23.10
                                                                                                        
+
                                                                                                        v1.23
                                                                                                        
+
                                                                                                        • Optimized logging.
                                                                                                        • Supported scale-in waiting so that operations such as data dump can be performed before a node is deleted.
                                                                                                        
+
                                                                                                        1.23.0
                                                                                                        
                                                                                                         		
 
                                                                                                        
                                                                                                         
 
                                                                                                        
 
                                                                                                        
 
-
                                                                                                        Table 11 Release history for the add-on adapted to clusters v1.19
                                                                                                        Add-on Version
                                                                                                        
+
                                                                                                        
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                                                                        Table 12 CCE Cluster Autoscaler add-on adapted to clusters v1.21
                                                                                                        Add-on Version
                                                                                                        
 
                                                                                                        Supported Cluster Version
                                                                                                        
+
                                                                                                        Supported Cluster Version
                                                                                                        
 
                                                                                                        New Feature
                                                                                                        
+
                                                                                                        New Feature
                                                                                                        
 
                                                                                                        Community Version
                                                                                                        
+
                                                                                                        Community Version
                                                                                                        
                                                                                                         		
 
                                                                                                        
 
                                                                                                        1.19.76
                                                                                                        
+
                                                                                                        1.21.89
                                                                                                        
 
                                                                                                        v1.19
                                                                                                        
+
                                                                                                        v1.21
                                                                                                        
 
                                                                                                        • Optimized the method of identifying GPUs and NPUs.
                                                                                                        • Used the remaining node quota of a cluster for the extra nodes that are beyond the cluster scale.
                                                                                                        
+
                                                                                                        Fixed some issues.
                                                                                                        
 
                                                                                                        1.19.0
                                                                                                        
+
                                                                                                        1.21.0
                                                                                                        
                                                                                                         		
 
                                                                                                        1.19.56
                                                                                                        
+
                                                                                                        1.21.87
                                                                                                        
 
                                                                                                        v1.19
                                                                                                        
+
                                                                                                        v1.21
                                                                                                        
 
                                                                                                        Fixed the scale-in failure of nodes of different specifications in the same node pool and unexpected PreferNoSchedule taint issues.
                                                                                                        
+
                                                                                                        Fixed some issues.
                                                                                                        
 
                                                                                                        1.19.0
                                                                                                        
+
                                                                                                        1.21.0
                                                                                                        
                                                                                                         		
 
                                                                                                        1.19.35
                                                                                                        
+
                                                                                                        1.21.86
                                                                                                        
 
                                                                                                        v1.19
                                                                                                        
+
                                                                                                        v1.21
                                                                                                        
 
                                                                                                        • Supported anti-affinity scheduling of add-on pods on nodes in different AZs.
                                                                                                        • Added the tolerance time during which the pods with temporary storage volumes cannot be scheduled.
                                                                                                        • Fixed the issue that the number of node pools cannot be restored when scaling group resources are insufficient.
                                                                                                        • Fixed the issue that the node pool cannot be switched to another pool for scaling out after a scale-out failure and the add-on has to restart.
                                                                                                        • The default taint tolerance duration is changed to 60s.
                                                                                                        • Fixed the issue that scale-out is still triggered after the scale-out rule is disabled.
                                                                                                        
+
                                                                                                        Fixed the issue that the node pool auto scaling cannot meet expectations after AZ topology constraints are configured for nodes.
                                                                                                        
 
                                                                                                        1.19.0
                                                                                                        
+
                                                                                                        1.21.0
                                                                                                        
                                                                                                         		
 
                                                                                                        1.19.22
                                                                                                        
+
                                                                                                        1.21.51
                                                                                                        
 
                                                                                                        v1.19
                                                                                                        
+
                                                                                                        v1.21
                                                                                                        
 
                                                                                                        • Supported node scaling policies without a step.
                                                                                                        • Fixed a bug so that deleted node pools are automatically removed.
                                                                                                        • Supported scheduling by priority.
                                                                                                        • Supported the emptyDir scheduling policy.
                                                                                                        • Fixed a bug so that scale-in can be triggered on the nodes whose capacity is lower than the scale-in threshold when the node scaling policy is disabled.
                                                                                                        • Modified the memory request and limit of a customized flavor.
                                                                                                        • Enabled to report an event indicating that scaling cannot be performed in a node pool with auto scaling disabled.
                                                                                                        
+
                                                                                                        Fixed the scale-in failure of nodes of different specifications in the same node pool and unexpected PreferNoSchedule taint issues.
                                                                                                        
 
                                                                                                        1.19.0
                                                                                                        
+
                                                                                                        1.21.0
                                                                                                        
                                                                                                         		
 
                                                                                                        1.19.14
                                                                                                        
+
                                                                                                        1.21.29
                                                                                                        
 
                                                                                                        v1.19
                                                                                                        
+
                                                                                                        v1.21
                                                                                                        
 
                                                                                                        • Optimized logging.
                                                                                                        • Supported scale-in waiting so that operations such as data dump can be performed before a node is deleted.
                                                                                                        
+
                                                                                                        • Supported anti-affinity scheduling of add-on pods on nodes in different AZs.
                                                                                                        • Added the tolerance time during which the pods with temporary storage volumes can be unscheduled.
                                                                                                        • Fixed the issue that the number of node pools cannot be restored when scaling group resources are insufficient.
                                                                                                        • Fixed the issue that if a node scale-out failed in a node pool, the same operation cannot be performed in another node pool and the add-on has to restart.
                                                                                                        • The default taint tolerance duration is changed to 60s.
                                                                                                        • Fixed the issue that scale-out is still triggered after the scale-out rule is disabled.
                                                                                                        
 
                                                                                                        1.19.0
                                                                                                        
+
                                                                                                        1.21.0
                                                                                                        
                                                                                                         		
 
                                                                                                        1.19.11
                                                                                                        
+
                                                                                                        1.21.16
                                                                                                        
 
                                                                                                        v1.19
                                                                                                        
+
                                                                                                        v1.21
                                                                                                        
 
                                                                                                        Fixed the issue that authentication fails due to incorrect signature in the add-on request retries.
                                                                                                        
+
                                                                                                        • Supported node scaling policies without a step.
                                                                                                        • Fixed a bug so that deleted node pools are automatically removed.
                                                                                                        • Supported priority-based scheduling.
                                                                                                        • Supported the emptyDir scheduling policy.
                                                                                                        • Fixed a bug so that scale-in can be triggered on the nodes whose capacity is lower than the scale-in threshold when the node scaling policy is disabled.
                                                                                                        • Modified the memory request and limit of a customized flavor.
                                                                                                        • Allowed a node pool with auto scaling disabled to report a scaling failure event.
                                                                                                        
 
                                                                                                        1.19.0
                                                                                                        
+
                                                                                                        1.21.0
                                                                                                        
                                                                                                         		
 
                                                                                                        1.19.8
                                                                                                        
+
                                                                                                        1.21.9
                                                                                                        
 
                                                                                                        v1.19
                                                                                                        
+
                                                                                                        v1.21
                                                                                                        
 
                                                                                                        Fixed the issue that the node pool modification in the existing periodic auto scaling rule does not take effect.
                                                                                                        
+
                                                                                                        • Optimized logging.
                                                                                                        • Supported scale-in waiting so that operations such as data dump can be performed before a node is deleted.
                                                                                                        
 
                                                                                                        1.19.0
                                                                                                        
+
                                                                                                        1.21.0
                                                                                                        
                                                                                                         		
 
                                                                                                        1.19.7
                                                                                                        
+
                                                                                                        1.21.1
                                                                                                        
 
                                                                                                        v1.19
                                                                                                        
+
                                                                                                        v1.21
                                                                                                        
 
                                                                                                        Regular upgrade of add-on dependencies
                                                                                                        
+
                                                                                                        Fixed the issue that the node pool modification in the existing periodic auto scaling rule does not take effect.
                                                                                                        
 
                                                                                                        1.19.0
                                                                                                        
+
                                                                                                        1.21.0
                                                                                                        
                                                                                                         		
 
                                                                                                        
                                                                                                         
 
                                                                                                        
 
                                                                                                        
 
-
                                                                                                        Table 12 Release history for the add-on adapted to clusters v1.17
                                                                                                        Add-on Version
                                                                                                        
+
                                                                                                        
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                        Table 13 CCE Cluster Autoscaler add-on adapted to clusters v1.19
                                                                                                        Add-on Version
                                                                                                        
 
                                                                                                        Supported Cluster Version
                                                                                                        
+
                                                                                                        Supported Cluster Version
                                                                                                        
 
                                                                                                        New Feature
                                                                                                        
+
                                                                                                        New Feature
                                                                                                        
 
                                                                                                        Community Version
                                                                                                        
+
                                                                                                        Community Version
                                                                                                        
                                                                                                         		
 
                                                                                                        
 
                                                                                                        1.17.27
                                                                                                        
+
                                                                                                        1.19.76
                                                                                                        
 
                                                                                                        v1.17
                                                                                                        
+
                                                                                                        v1.19
                                                                                                        
 
                                                                                                        • Optimized logging.
                                                                                                        • Fixed a bug so that deleted node pools are automatically removed.
                                                                                                        • Supported scheduling by priority.
                                                                                                        • Fixed the issue that taints on newly added nodes are overwritten.
                                                                                                        • Fixed a bug so that scale-in can be triggered on the nodes whose capacity is lower than the scale-in threshold when the node scaling policy is disabled.
                                                                                                        • Modified the memory request and limit of a customized flavor.
                                                                                                        • Enabled to report an event indicating that scaling cannot be performed in a node pool with auto scaling disabled.
                                                                                                        
+
                                                                                                        • Optimized the method of identifying GPUs.
                                                                                                        • Used the remaining node quota of a cluster for the extra nodes that are beyond the cluster scale.
                                                                                                        
 
                                                                                                        1.17.0
                                                                                                        
+
                                                                                                        1.19.0
                                                                                                        
                                                                                                         		
 
                                                                                                        1.17.22
                                                                                                        
+
                                                                                                        1.19.56
                                                                                                        
 
                                                                                                        v1.17
                                                                                                        
+
                                                                                                        v1.19
                                                                                                        
 
                                                                                                        Optimized logging.
                                                                                                        
+
                                                                                                        Fixed the scale-in failure of nodes of different specifications in the same node pool and unexpected PreferNoSchedule taint issues.
                                                                                                        
 
                                                                                                        1.17.0
                                                                                                        
+
                                                                                                        1.19.0
                                                                                                        
                                                                                                         		
 
                                                                                                        1.17.19
                                                                                                        
+
                                                                                                        1.19.35
                                                                                                        
 
                                                                                                        v1.17
                                                                                                        
+
                                                                                                        v1.19
                                                                                                        
 
                                                                                                        Fixed the issue that authentication fails due to incorrect signature in the add-on request retries.
                                                                                                        
+
                                                                                                        • Supported anti-affinity scheduling of add-on pods on nodes in different AZs.
                                                                                                        • Added the tolerance time during which the pods with temporary storage volumes can be unscheduled.
                                                                                                        • Fixed the issue that the number of node pools cannot be restored when scaling group resources are insufficient.
                                                                                                        • Fixed the issue that if a node scale-out failed in a node pool, the same operation cannot be performed in another node pool and the add-on has to restart.
                                                                                                        • The default taint tolerance duration is changed to 60s.
                                                                                                        • Fixed the issue that scale-out is still triggered after the scale-out rule is disabled.
                                                                                                        
 
                                                                                                        1.17.0
                                                                                                        
+
                                                                                                        1.19.0
                                                                                                        
                                                                                                         		
 
                                                                                                        1.17.16
                                                                                                        
+
                                                                                                        1.19.22
                                                                                                        
 
                                                                                                        v1.17
                                                                                                        
+
                                                                                                        v1.19
                                                                                                        
 
                                                                                                        Fixed the issue that the node pool modification in the existing periodic auto scaling rule does not take effect.
                                                                                                        
+
                                                                                                        • Supported node scaling policies without a step.
                                                                                                        • Fixed a bug so that deleted node pools are automatically removed.
                                                                                                        • Supported priority-based scheduling.
                                                                                                        • Supported the emptyDir scheduling policy.
                                                                                                        • Fixed a bug so that scale-in can be triggered on the nodes whose capacity is lower than the scale-in threshold when the node scaling policy is disabled.
                                                                                                        • Modified the memory request and limit of a customized flavor.
                                                                                                        • Allowed a node pool with auto scaling disabled to report a scaling failure event.
                                                                                                        
 
                                                                                                        1.17.0
                                                                                                        
+
                                                                                                        1.19.0
                                                                                                        
                                                                                                         		
 
                                                                                                        1.17.15
                                                                                                        
+
                                                                                                        1.19.14
                                                                                                        
 
                                                                                                        v1.17
                                                                                                        
+
                                                                                                        v1.19
                                                                                                        
 
                                                                                                        Unified resource specification configuration unit.
                                                                                                        
+
                                                                                                        • Optimized logging.
                                                                                                        • Supported scale-in waiting so that operations such as data dump can be performed before a node is deleted.
                                                                                                        
 
                                                                                                        1.17.0
                                                                                                        
+
                                                                                                        1.19.0
                                                                                                        
                                                                                                         		
 
                                                                                                        1.17.2
                                                                                                        
+
                                                                                                        1.19.11
                                                                                                        
 
                                                                                                        v1.17
                                                                                                        
+
                                                                                                        v1.19
                                                                                                        
 
                                                                                                        Clusters v1.17 are supported.
                                                                                                        
+
                                                                                                        Fixed the issue that authentication fails due to incorrect signature in the add-on request retries.
                                                                                                        
 
                                                                                                        1.17.0
                                                                                                        
+
                                                                                                        1.19.0
                                                                                                        
+
                                                                                                        1.19.8
                                                                                                        
+
                                                                                                        v1.19
                                                                                                        
+
                                                                                                        Fixed the issue that the node pool modification in the existing periodic auto scaling rule does not take effect.
                                                                                                        
+
                                                                                                        1.19.0
                                                                                                        
+
                                                                                                        1.19.7
                                                                                                        
+
                                                                                                        v1.19
                                                                                                        
+
                                                                                                        Regular upgrade of add-on dependencies
                                                                                                        
+
                                                                                                        1.19.0
                                                                                                        
+
                                                                                                        
+
                                                                                                        
+
+
                                                                                                        
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/docs/cce/umn/cce_10_0160.html b/docs/cce/umn/cce_10_0160.html
index dbefc6c02..c8d01024a 100644
--- a/docs/cce/umn/cce_10_0160.html
+++ b/docs/cce/umn/cce_10_0160.html
@@ -1,11 +1,11 @@
 
 
-
                                                                                                        Object Storage Service
                                                                                                        
+
                                                                                                        OBS
                                                                                                        
 
                                                                                                        
 
 
 
                                                                                                        
diff --git a/docs/cce/umn/cce_10_0163.html b/docs/cce/umn/cce_10_0163.html
index 17adbb721..7b0c1bf0d 100644
--- a/docs/cce/umn/cce_10_0163.html
+++ b/docs/cce/umn/cce_10_0163.html
@@ -55,13 +55,13 @@
 
                                                                                                        Table 14 CCE Cluster Autoscaler add-on adapted to clusters v1.17
                                                                                                        Add-on Version
                                                                                                        
+
                                                                                                        Supported Cluster Version
                                                                                                        
+
                                                                                                        New Feature
                                                                                                        
+
                                                                                                        Community Version
                                                                                                        
+
                                                                                                        1.17.27
                                                                                                        
+
                                                                                                        v1.17
                                                                                                        
+
                                                                                                        • Optimized logging.
                                                                                                        • Fixed a bug so that deleted node pools are automatically removed.
                                                                                                        • Supported priority-based scheduling.
                                                                                                        • Fixed the issue that taints on newly added nodes are overwritten.
                                                                                                        • Fixed a bug so that scale-in can be triggered on the nodes whose capacity is lower than the scale-in threshold when the node scaling policy is disabled.
                                                                                                        • Modified the memory request and limit of a customized flavor.
                                                                                                        • Allowed a node pool with auto scaling disabled to report a scaling failure event.
                                                                                                        
+
                                                                                                        1.17.0
                                                                                                        
+
                                                                                                        1.17.22
                                                                                                        
+
                                                                                                        v1.17
                                                                                                        
+
                                                                                                        Optimized logging.
                                                                                                        
+
                                                                                                        1.17.0
                                                                                                        
+
                                                                                                        1.17.19
                                                                                                        
+
                                                                                                        v1.17
                                                                                                        
+
                                                                                                        Fixed the issue that authentication fails due to incorrect signature in the add-on request retries.
                                                                                                        
+
                                                                                                        1.17.0
                                                                                                        
+
                                                                                                        1.17.16
                                                                                                        
+
                                                                                                        v1.17
                                                                                                        
+
                                                                                                        Fixed the issue that the node pool modification in the existing periodic auto scaling rule does not take effect.
                                                                                                        
+
                                                                                                        1.17.0
                                                                                                        
+
                                                                                                        1.17.15
                                                                                                        
+
                                                                                                        v1.17
                                                                                                        
+
                                                                                                        Unified resource specification configuration unit.
                                                                                                        
+
                                                                                                        1.17.0
                                                                                                        
+
                                                                                                        1.17.2
                                                                                                        
+
                                                                                                        v1.17
                                                                                                        
+
                                                                                                        Clusters v1.17 are supported.
                                                                                                        
+
                                                                                                        1.17.0
                                                                                                        
                                                                                                         		
 
                                                                                                        
                                                                                                         
 
 
                                                                                                        
 
                                                                                                        
 
                                                                                                        Recommended configuration
                                                                                                        
-
                                                                                                        Actual available memory of a node ≥ Sum of memory limits of all containers on the current node ≥ Sum of memory requests of all containers on the current node. You can view the actual available memory of a node on the CCE console (Resource Management > Nodes > Allocatable).
                                                                                                        
+
                                                                                                        Actual available memory of a node ≥ Sum of memory limits of all containers on the current node ≥ Sum of memory requests of all containers on the current node. You can view the actual available memory of a node on the CCE console (Resource Management > Nodes > Allocatable).
                                                                                                        
 
 
                                                                                                         
                                                                                                        The allocatable resources are calculated based on the resource request value (Request), which indicates the upper limit of resources that can be requested by pods on this node, but does not indicate the actual available resources of the node (for details, see Example of CPU and Memory Quota Usage). The calculation formula is as follows:
                                                                                                        
 
                                                                                                        • Allocatable CPU = Total CPU – Requested CPU of all pods – Reserved CPU for other resources
                                                                                                        • Allocatable memory = Total memory – Requested memory of all pods – Reserved memory for other resources
                                                                                                        
 
                                                                                                        
 
-
                                                                                                        Example of CPU and Memory Quota Usage
                                                                                                        Assume that a cluster contains a node with 4 CPU cores and 8 GiB memory. Two pods (pod 1 and pod 2) have been deployed on the cluster. Pod 1 oversubscribes resources (that is Limit > Request). The specifications of the two pods are as follows.
                                                                                                        
+
                                                                                                        Example of CPU and Memory Quota Usage
                                                                                                        Assume that a cluster contains a node with 4 CPU cores and 8 GiB of memory. Two pods (pod 1 and pod 2) have been deployed on the cluster. Pod 1 oversubscribes resources (that is Limit > Request). The specifications of the two pods are as follows.
                                                                                                        
 
 
                                                                                                        
@@ -102,8 +102,8 @@
 
                                                                                                        The CPU and memory usage of the node is as follows:
                                                                                                        • Allocatable CPUs = 4 cores – (1 core requested by pod 1 + 2 cores requested by pod 2) = 1 core
                                                                                                        • Allocatable memory = 8 GiB – (1 GiB requested by pod 1 + 2 GiB requested by pod 2) = 5 GiB
                                                                                                        
-
                                                                                                        In this case, the remaining 1 core 5 GiB can be used by the next new pod.
                                                                                                        
-
                                                                                                        If pod 1 is under heavy load during peak hours, it will use more CPUs and memory within the limit. Therefore, the actual allocatable resources are fewer than 1 core 5 GiB.
                                                                                                        
+
                                                                                                        In this case, the remaining 1 core and 5 GiB can be used by the next new pod.
                                                                                                        
+
                                                                                                        If pod 1 is under heavy load during peak hours, it will use more CPUs and memory within the limit. Therefore, the actual allocatable resources are fewer than 1 core and 5 GiB.
                                                                                                        Quotas of Other Resources
                                                                                                        Typically, nodes support local ephemeral storage, which is provided by locally mounted writable devices or RAM. EV does not ensure long-term data availability. Pods can use local EVs to buffer data and store logs, or mount emptyDir volumes to containers. For details, see Local ephemeral storage.
                                                                                                        
 
                                                                                                        Kubernetes allows you to specify the requested value and limit value of ephemeral storage in container configurations to manage the local ephemeral storage. The following attributes can be configured for each container in a pod:
                                                                                                        
diff --git a/docs/cce/umn/cce_10_0164.html b/docs/cce/umn/cce_10_0164.html
index 07de0fd6c..693f07a01 100644
--- a/docs/cce/umn/cce_10_0164.html
+++ b/docs/cce/umn/cce_10_0164.html
@@ -10,6 +10,8 @@
 
 
                                                                                                      • Namespace Permissions (Kubernetes RBAC-based)
                                                                                                        
 
                                                                                                        • 
+
                                                                                                      • Using Dex for OIDC Authentication on CCE
                                                                                                        
+
                                                                                                        • 
 
                                                                                                      • Example: Designing and Configuring Permissions for Users in a Department
                                                                                                        
 
                                                                                                        • 
 
                                                                                                      • Permission Dependency of the CCE Console
                                                                                                        
diff --git a/docs/cce/umn/cce_10_0175.html b/docs/cce/umn/cce_10_0175.html
index c3f2614ce..8f1cab2d2 100644
--- a/docs/cce/umn/cce_10_0175.html
+++ b/docs/cce/umn/cce_10_0175.html
@@ -2,8 +2,8 @@
 
 
                                                                                                        Accessing a Cluster Using an X.509 Certificate
                                                                                                        
 
                                                                                                        X.509 certificates are essential for verifying identities and encrypting communication within CCE clusters. These certificates enable authorized clients to access target clusters while encrypting data transmission between them. This prevents threats like eavesdropping and tampering, ensuring secure communication, authenticated identities, and valid access. To initiate a connection using X.509 certificates, obtain the cluster certificate from the CCE console and use it to configure the client accordingly.
                                                                                                        
-
                                                                                                        Procedure
                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                        2. On the Overview page, locate the Connection Information area, and click Download next to X.509 certificate.
                                                                                                        3. In the Obtain Certificate dialog box displayed, select the certificate expiration time and download the X.509 certificate of the cluster as prompted.
                                                                                                          Figure 1 Downloading a certificate
                                                                                                          
-
                                                                                                           
                                                                                                          • The downloaded certificate contains three files: client.key, client.crt, and ca.crt. Keep these files secure.
                                                                                                          • Certificates are not required for mutual access between containers in a cluster.
                                                                                                          
+
                                                                                                          Procedure
                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                          2. On the Overview page, locate the Connection Information area, and click Download next to X.509 certificate.
                                                                                                          3. In the Obtain Certificate dialog box displayed, select the certificate expiration time and download the X.509 certificate of the cluster as prompted.
                                                                                                            Figure 1 Downloading a certificate
                                                                                                            
+
                                                                                                             
                                                                                                            • The downloaded certificate contains three files: client.key, client.crt, and ca.crt. Keep these files secure.
                                                                                                            • Certificates are not required for mutual access between containers in a cluster.
                                                                                                            • An issued X.509 certificate remains valid even if the user who requested it is deleted. To ensure cluster security, manually revoke the user's cluster access credentials. For details, see Revoking a Cluster Access Credential.
                                                                                                            
 
                                                                                                            
 
                                                                                                          4. Import the X.509 certificate to the client and use the certificate to call Kubernetes native APIs.
                                                                                                            For example, run the curl command to call an API to obtain the pod information. The following is an example:
                                                                                                            
 
                                                                                                            curl --cacert ./ca.crt --cert ./client.crt --key ./client.key  https://192.168.0.18:5443/api/v1/namespaces/default/pods/
                                                                                                            
@@ -20,7 +20,7 @@
 
                                                                                                          
 
                                                                                                          
 
                                                                                                          
-
                                                                                                          Parent topic: Connecting to a Cluster
                                                                                                          
+
                                                                                                          Parent topic: Accessing a Cluster
                                                                                                          
 
                                                                                                          
 
                                                                                                          
 
diff --git a/docs/cce/umn/cce_10_0178.html b/docs/cce/umn/cce_10_0178.html
index a538e3088..9326558bd 100644
--- a/docs/cce/umn/cce_10_0178.html
+++ b/docs/cce/umn/cce_10_0178.html
@@ -1,91 +1,186 @@
 
 
-
                                                                                                          Node Resource Reservation Policy
                                                                                                          
+
                                                                                                          Node Resource Reservation Rules
                                                                                                          
 
                                                                                                          Some node resources are used to run mandatory Kubernetes system components and resources to make the node as part of your cluster. Therefore, the total number of node resources and the number of allocatable node resources for your cluster are different. The larger the node specifications, the more the containers deployed on the node. Therefore, more node resources need to be reserved to run Kubernetes components.
                                                                                                          
-
                                                                                                          To ensure node stability, a certain number of CCE node resources will be reserved for Kubernetes components (such as kubelet, kube-proxy, and docker) based on the node specifications.
                                                                                                          
+
                                                                                                          To maintain node stability, a specific number of CCE node resources will be reserved for Kubernetes components like kubelet, kube-proxy, and docker, based on the node specifications.
                                                                                                          
 
                                                                                                          CCE calculates the resources that can be allocated to user nodes as follows:
                                                                                                          
 
                                                                                                          Allocatable resources = Total amount - Reserved amount - Eviction threshold
                                                                                                          
 
                                                                                                          The memory eviction threshold is fixed at 100 MiB.
                                                                                                          
-
                                                                                                           
                                                                                                          Total amount indicates the available memory of the ECS, excluding the memory used by system components. Therefore, the total amount is slightly less than the memory of the node flavor. 
                                                                                                          
+
                                                                                                           
                                                                                                          Total amount indicates the available memory of the ECS, excluding the memory used by system components. Therefore, it is slightly less than the total memory of the node flavor. 
                                                                                                          
 
                                                                                                          
 
                                                                                                          When the memory consumed by all pods on a node increases, the following behaviors may occur:
                                                                                                          
-
                                                                                                          1. When the available memory of the node is lower than the eviction threshold, kubelet is triggered to evict the pod. For details about the eviction threshold in Kubernetes, see Node-pressure Eviction.
                                                                                                          2. If a node triggers an OS memory insufficiency event (OOM) before kubelet reclaims memory, the system terminates the container. However, different from pod eviction, kubelet restarts the container based on the RestartPolicy of the pod.
                                                                                                          
-
                                                                                                          Rules v1 for Reserving Node Memory
                                                                                                           
                                                                                                          For clusters of versions earlier than v1.21.4-r0 and v1.23.3-r0, the v1 model is used for node memory reservation. For clusters of v1.21.4-r0, v1.23.3-r0, or later, the node memory reservation model is optimized to v2. For details, see Rules for Reserving Node Memory v2.
                                                                                                          
-
                                                                                                          Upgrading the cluster to v1.21.4-r0, v1.23.3-r0, or a later version may result in the eviction of the workload on a node that is already fully utilized. This is because system components will need more reserved resources.
                                                                                                          
-
                                                                                                          
-
                                                                                                          You can use the following formula calculate how much memory you should reserve for running containers on a node:
                                                                                                          
-
                                                                                                          Total reserved amount = Reserved memory for system components + Reserved memory for kubelet to manage pods
                                                                                                          
-
-
                                                                                                        • Pod
                                                                                                        
                                                                                                         		
 
 
 
 
                                                                                                        Table 1 Reservation rules for system components
                                                                                                        Total Memory (TM)
                                                                                                        
+
                                                                                                        1. When the available memory of the node is lower than the eviction threshold, kubelet is triggered to evict pods. For details about the eviction threshold in Kubernetes, see Node-pressure Eviction.
                                                                                                        2. If a node triggers an OS memory insufficiency event (OOM) before kubelet reclaims memory, the system terminates the container. Unlike pod eviction, kubelet restarts the container based on the pod's RestartPolicy.
                                                                                                        
+
                                                                                                        Relationship Between Node Resource Reservation and Cluster Versions
                                                                                                        
+
                                                                                                        
-
+
+
+
-
-
+
+
+
-
-
+
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                        Cluster Version
                                                                                                        
 
                                                                                                        Reserved Memory for System Components
                                                                                                        
+
                                                                                                        Specific Version
                                                                                                        
+
                                                                                                        Node Memory Reservation
                                                                                                        
+
                                                                                                        Node CPU Reservation
                                                                                                        
+
                                                                                                        Node Data Disk Reservation
                                                                                                        
                                                                                                         		
 
                                                                                                        
 
                                                                                                        TM ≤ 8 GiB
                                                                                                        
+
                                                                                                        v1.29 or later
                                                                                                        
 
                                                                                                        0 MiB
                                                                                                        
+
                                                                                                        None
                                                                                                        
+
                                                                                                        Node Memory Reservation Rule v2
                                                                                                        
+
                                                                                                        Node CPU Reservation Rules
                                                                                                        
+
                                                                                                        Node Data Disk Reservation Rules
                                                                                                        
                                                                                                         		
 
                                                                                                        8 GiB < TM ≤ 16 GiB
                                                                                                        
+
                                                                                                        v1.28
                                                                                                        
 
                                                                                                        [(TM – 8 GiB) x 1024 x 10%] MiB
                                                                                                        
+
                                                                                                        v1.28.2-r0 or later
                                                                                                        
+
                                                                                                        Node Memory Reservation Rule v2
                                                                                                        
                                                                                                         		
 
                                                                                                        16 GiB < TM ≤ 128 GiB
                                                                                                        
+
                                                                                                        Earlier than v1.28.2-r0
                                                                                                        
 
                                                                                                        [8 GiB x 1024 x 10% + (TM – 16 GiB) x 1024 x 6%] MiB
                                                                                                        
+                                                                                                        		
 
 
                                                                                                        TM > 128 GiB
                                                                                                        
+
                                                                                                        v1.27
                                                                                                        
 
                                                                                                        (8 GiB x 1024 x 10% + 112 GiB x 1024 x 6% + (TM – 128 GiB) x 1024 x 2%) MiB
                                                                                                        
+
                                                                                                        v1.27.4-r0 or later
                                                                                                        
+
                                                                                                        Node Memory Reservation Rule v2
                                                                                                        
+
                                                                                                        Earlier than v1.27.4-r0
                                                                                                        
+                                                                                                        		
+
                                                                                                        v1.25
                                                                                                        
+
                                                                                                        v1.25.7-r0 or later
                                                                                                        
+
                                                                                                        Node Memory Reservation Rule v2
                                                                                                        
+
                                                                                                        Earlier than v1.25.7-r0
                                                                                                        
+                                                                                                        		
+
                                                                                                        v1.23
                                                                                                        
+
                                                                                                        v1.23.12-r0 or later
                                                                                                        
+
                                                                                                        Node Memory Reservation Rule v2
                                                                                                        
+
                                                                                                        v1.23.3-r0 or later, or versions earlier than v1.23.12-r0
                                                                                                        
+                                                                                                        		
+
                                                                                                        Earlier than v1.23.3-r0
                                                                                                        
+
                                                                                                        Node Memory Reservation Rule v1
                                                                                                        
+
                                                                                                        v1.21
                                                                                                        
+
                                                                                                        v1.21.13-r0 or later
                                                                                                        
+
                                                                                                        Node Memory Reservation Rule v2
                                                                                                        
+
                                                                                                        v1.21.4-r0 or later, or versions earlier than v1.21.13-r0
                                                                                                        
+                                                                                                        		
+
                                                                                                        Earlier than v1.21.4-r0
                                                                                                        
+
                                                                                                        Node Memory Reservation Rule v1
                                                                                                        
+
                                                                                                        
+
                                                                                                        
+
                                                                                                        
+
                                                                                                        Node Memory Reservation Rule v1
                                                                                                        You can use the following formula calculate how much memory you should reserve for running containers on a node:
                                                                                                        
+
                                                                                                        Total reserved amount = Reserved memory for system components + Reserved memory for kubelet to manage pods
                                                                                                        
+
+
                                                                                                        
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                        Table 1 Reservation rules for system components
                                                                                                        Total Memory (TM)
                                                                                                        
+
                                                                                                        Reserved Memory for System Components
                                                                                                        
+
                                                                                                        TM ≤ 8 GiB
                                                                                                        
+
                                                                                                        0 MiB
                                                                                                        
+
                                                                                                        8 GiB < TM ≤ 16 GiB
                                                                                                        
+
                                                                                                        [(TM – 8 GiB) x 1024 x 10%] MiB
                                                                                                        
+
                                                                                                        16 GiB < TM ≤ 128 GiB
                                                                                                        
+
                                                                                                        [8 GiB x 1024 x 10% + (TM – 16 GiB) x 1024 x 6%] MiB
                                                                                                        
+
                                                                                                        TM > 128 GiB
                                                                                                        
+
                                                                                                        (8 GiB x 1024 x 10% + 112 GiB x 1024 x 6% + (TM – 128 GiB) x 1024 x 2%) MiB
                                                                                                        
                                                                                                         		
 
                                                                                                        
                                                                                                         
 
                                                                                                        
 
                                                                                                        
 
-
                                                                                                        Table 2 Reservation rules for kubelet
                                                                                                        Total Memory (TM)
                                                                                                        
+
                                                                                                        
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@@ -94,51 +189,51 @@
 
                                                                                                         
                                                                                                        For a small-capacity node, adjust the maximum number of instances based on the site requirements. Alternatively, when creating a node on the CCE console, you can adjust the maximum number of instances for the node based on the node specifications.
                                                                                                        
 
                                                                                                        
-
                                                                                                        Rules for Reserving Node Memory v2
                                                                                                        For clusters of v1.21.4-r0, v1.23.3-r0, or later, the node memory reservation model is optimized to v2 and can be dynamically adjusted using the node pool parameters kube-reserved-mem and system-reserved-mem. For details, see Modifying Node Pool Configurations.
                                                                                                        
-
                                                                                                        The total reserved node memory of the v2 model is equal to the sum of that reserved for the OS and that reserved for CCE to manage pods.
                                                                                                        
-
                                                                                                        Reserved memory includes basic and floating parts. For the OS, the floating memory depends on the node specifications. For CCE, the floating memory depends on the number of pods on a node.
                                                                                                        
+
                                                                                                        Node Memory Reservation Rule v2
                                                                                                        The total reserved memory of a CCE node using memory reservation rule v2 includes memory allocated for system components and Kubernetes.
                                                                                                        
+
                                                                                                        Reserved memory includes basic and floating parts. For system components, the floating memory depends on the node specifications. For Kubernetes, the floating memory depends on the number of pods on a node.
                                                                                                        
+
                                                                                                        By default, CCE automatically calculates the reserved memory based on the rules listed in Table 3. You can customize the reserved memory by configuring parameters system-reserved-mem and kube-reserved-mem in the node pool settings. For details, see Modifying Node Pool Configurations.
                                                                                                        
 
-
                                                                                                        Table 2 Reservation rules for kubelet
                                                                                                        Total Memory (TM)
                                                                                                        
 
                                                                                                        Number of Pods
                                                                                                        
+
                                                                                                        Number of Pods
                                                                                                        
 
                                                                                                        Reserved Memory for kubelet
                                                                                                        
+
                                                                                                        Reserved Memory for kubelet
                                                                                                        
                                                                                                         		
 
                                                                                                        
 
                                                                                                        TM ≤ 2 GiB
                                                                                                        
+
                                                                                                        TM ≤ 2 GiB
                                                                                                        
 
                                                                                                        None
                                                                                                        
+
                                                                                                        None
                                                                                                        
 
                                                                                                        TM x 25%
                                                                                                        
+
                                                                                                        TM x 25%
                                                                                                        
                                                                                                         		
 
                                                                                                        TM > 2 GiB
                                                                                                        
+
                                                                                                        TM > 2 GiB
                                                                                                        
 
                                                                                                        0 < Max. pods on a node ≤ 16
                                                                                                        
+
                                                                                                        0 < Max. pods on a node ≤ 16
                                                                                                        
 
                                                                                                        700 MiB
                                                                                                        
+
                                                                                                        700 MiB
                                                                                                        
                                                                                                         		
 
                                                                                                        16 < Max. pods on a node ≤ 32
                                                                                                        
+
                                                                                                        16 < Max. pods on a node ≤ 32
                                                                                                        
 
                                                                                                        [700 + (Max. pods on a node – 16) x 18.75] MiB
                                                                                                        
+
                                                                                                        [700 + (Max. pods on a node – 16) x 18.75] MiB
                                                                                                        
                                                                                                         		
 
                                                                                                        32 < Max. pods on a node ≤ 64
                                                                                                        
+
                                                                                                        32 < Max. pods on a node ≤ 64
                                                                                                        
 
                                                                                                        [1024 + (Max. pods on a node – 32) x 6.25] MiB
                                                                                                        
+
                                                                                                        [1024 + (Max. pods on a node – 32) x 6.25] MiB
                                                                                                        
                                                                                                         		
 
                                                                                                        64 < Max. pods on a node ≤ 128
                                                                                                        
+
                                                                                                        64 < Max. pods on a node ≤ 128
                                                                                                        
 
                                                                                                        [1230 + (Max. pods on a node – 64) x 7.80] MiB
                                                                                                        
+
                                                                                                        [1230 + (Max. pods on a node – 64) x 7.80] MiB
                                                                                                        
                                                                                                         		
 
                                                                                                        Max. pods on a node > 128
                                                                                                        
+
                                                                                                        Max. pods on a node > 128
                                                                                                        
 
                                                                                                        [1740 + (Max. pods on a node – 128) x 11.20] MiB
                                                                                                        
+
                                                                                                        [1740 + (Max. pods on a node – 128) x 11.20] MiB
                                                                                                        
                                                                                                         		
 
                                                                                                        
                                                                                                         
 
                                                                                                        Table 3 Rules for reserving node memory v2
                                                                                                        Reserved for
                                                                                                        
+
                                                                                                        
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@@ -147,38 +242,38 @@
 
                                                                                                        Table 3 Node memory reservation rule v2
                                                                                                        Memory Reserved for
                                                                                                        
 
                                                                                                        Basic/Floating
                                                                                                        
+
                                                                                                        Basic/Floating
                                                                                                        
 
                                                                                                        Reservation
                                                                                                        
+
                                                                                                        Reservation
                                                                                                        
 
                                                                                                        Used by
                                                                                                        
+
                                                                                                        Used by
                                                                                                        
                                                                                                         		
 
                                                                                                        
 
                                                                                                        OS
                                                                                                        
+
                                                                                                        System components
                                                                                                        
 
                                                                                                        Basic
                                                                                                        
+
                                                                                                        Basic
                                                                                                        
 
                                                                                                        Fixed at 400 MiB
                                                                                                        
+
                                                                                                        Fixed at 400 MiB
                                                                                                        
 
                                                                                                        OS service components such as sshd and systemd-journald.
                                                                                                        
+
                                                                                                        OS service components such as sshd and systemd-journald.
                                                                                                        
                                                                                                         		
 
                                                                                                        Floating (depending on the node memory)
                                                                                                        
+
                                                                                                        Floating (depending on the node memory)
                                                                                                        
 
                                                                                                        25MiB/GiB
                                                                                                        
+
                                                                                                        25 MiB/GiB
                                                                                                        
 
                                                                                                        Kernel
                                                                                                        
+
                                                                                                        Kernel
                                                                                                        
                                                                                                         		
 
                                                                                                        CCE
                                                                                                        
+
                                                                                                        Kubernetes
                                                                                                        
 
                                                                                                        Basic
                                                                                                        
+
                                                                                                        Basic
                                                                                                        
 
                                                                                                        Fixed at 500 MiB
                                                                                                        
+
                                                                                                        Fixed at 500 MiB
                                                                                                        
 
                                                                                                        Container engine components, such as kubelet and kube-proxy, when the node is unloaded
                                                                                                        
+
                                                                                                        Container engine components, such as kubelet and kube-proxy, when the node is unloaded
                                                                                                        
                                                                                                         		
 
                                                                                                        Floating (depending on the number of pods on the node)
                                                                                                        
+
                                                                                                        Floating (depending on the number of pods on the node)
                                                                                                        
 
                                                                                                        Docker: 20 MiB/Pod
                                                                                                        
+
                                                                                                        Docker: 20 MiB/Pod
                                                                                                        
 
                                                                                                        containerd: 5 MiB/Pod
                                                                                                        
 
                                                                                                        Container engine components when the number of pods increases
                                                                                                        
+
                                                                                                        Container engine components when the number of pods increases
                                                                                                        
 
                                                                                                         NOTE: 
                                                                                                        When the v2 model reserves memory for a node by default, the default maximum number of pods is estimated based on the memory. For details, see Table 1.
                                                                                                        
 
                                                                                                        
 
                                                                                                        
 
                                                                                                        
 
-
                                                                                                        Rules for Reserving Node CPU
                                                                                                        
-
                                                                                                        
-
diff --git a/docs/cce/umn/cce_10_0186.html b/docs/cce/umn/cce_10_0186.html
index ef13b06c7..d178570d3 100644
--- a/docs/cce/umn/cce_10_0186.html
+++ b/docs/cce/umn/cce_10_0186.html
@@ -1,13 +1,13 @@
 
                                                                                                        Deleting a Node
                                                                                                        
-
                                                                                                        Scenario
                                                                                                        If a node is no longer needed, delete it from the node list on the CCE console if the node is billed on a pay-per-use basis. Do not manually remove nodes using kubectl delete node, as this may lead to unexpected results.
                                                                                                        
+
                                                                                                        Scenario
                                                                                                        If a node is no longer needed, delete it on the CCE console if the node is billed on a pay-per-use basis. Do not manually remove nodes using kubectl delete node, as this may lead to unexpected results.
                                                                                                        
 
                                                                                                        Deleting or unsubscribing from a node in a CCE cluster will release the node and services running on the node. Drain the node and back up data before the deletion or unsubscription to prevent services running on the node from being affected.
                                                                                                        
 
                                                                                                        
-
                                                                                                        Precautions
                                                                                                        • Deleting a node will lead to pod migration, which may affect services. Perform this operation during off-peak hours. It is a good practice to drain the node before deletion. For details, see Draining a Node.
                                                                                                        • After a node is deleted, its data will be destroyed. Back up node data beforehand.
                                                                                                        
+
                                                                                                        Precautions
                                                                                                        • Deleting a node will lead to pod migration, which may affect services. Perform this operation during off-peak hours. It is a good practice to drain the node before deletion. For details, see Draining a Node. If pods remain when the node is deleted, CCE will evict them. If a Pod Disruption Budget (PDB) policy is configured for your pods, they may fail to be evicted. In this case, the node will be forcibly deleted after a period of time.
                                                                                                        • After a node is deleted, its data will be destroyed. Back up node data beforehand.
                                                                                                        
 
                                                                                                        • Deleting a node will cause PVC/PV data loss for the local PV associated with the node. These PVCs and PVs cannot be restored or used again. In this scenario, the pod that uses the local PV is evicted from the node. A new pod is created and stays in the pending state. This is because the PVC used by the pod has a node label, due to which the pod cannot be scheduled.
                                                                                                        
 
                                                                                                        
-
                                                                                                        Deleting a Node
                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                        2. In the navigation pane, choose Nodes. On the displayed page, click the Nodes tab.
                                                                                                        3. Locate the target node and choose More > Delete in the Operation column.
                                                                                                        4. In the Delete Node dialog box, enter DELETE and click Yes.
                                                                                                           
                                                                                                          • After the node is deleted, workload pods on the node are automatically migrated to other available nodes. 
                                                                                                          • If the disks and EIPs bound to the node are important resources, unbind them first. Otherwise, they will be deleted with the node.
                                                                                                          
+
                                                                                                          Deleting a Node
                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                          2. In the navigation pane, choose Nodes. On the displayed page, click the Nodes tab.
                                                                                                          3. Locate the target node and choose More > Delete in the Operation column.
                                                                                                          4. In the Delete Node dialog box, enter DELETE and click Yes.
                                                                                                             
                                                                                                            • After the node is deleted, workload pods on the node are automatically migrated to other available nodes. 
                                                                                                            • If the disks and EIPs bound to the node are important resources, unbind them first. Otherwise, they will be deleted with the node.
                                                                                                            
 
                                                                                                            
 
                                                                                                          
 
                                                                                                          
diff --git a/docs/cce/umn/cce_10_0187.html b/docs/cce/umn/cce_10_0187.html
index a493133ab..82edc9151 100644
--- a/docs/cce/umn/cce_10_0187.html
+++ b/docs/cce/umn/cce_10_0187.html
@@ -9,7 +9,7 @@
 
                                                                                                          5. 
 
                                                                                                        
 
                                                                                                        In general, you configure CCE permissions in two scenarios. The first is creating and managing clusters and related resources, such as nodes. The second is creating and using Kubernetes resources in the cluster, such as workloads and Services.
                                                                                                        
-
                                                                                                        Figure 1 Illustration on CCE permissions
                                                                                                        
+
                                                                                                        Figure 1 Illustration on CCE permissions
                                                                                                        
 
                                                                                                        These permissions allow you to manage resource users at a finer granularity.
                                                                                                        
 
                                                                                                        
 
                                                                                                        Cluster Permissions (IAM-based) and Namespace Permissions (Kubernetes RBAC-based)
                                                                                                        Users with different cluster permissions (assigned using IAM) have different namespace permissions (assigned using Kubernetes RBAC). Table 1 lists the namespace permissions of different users.
                                                                                                        
@@ -45,7 +45,7 @@
 
                                                                                                        
 
                                                                                                        
 
                                                                                                        kubectl Permissions
                                                                                                        You can use kubectl to access Kubernetes resources in a cluster.
                                                                                                        
-
                                                                                                        When you access a cluster using kubectl, CCE uses the kubeconfig.json file generated on the cluster for authentication. This file contains user information, based on which CCE determines which Kubernetes resources can be accessed by kubectl. The permissions recorded in a kubeconfig.json file vary from user to user. The permissions that a user has are listed in Table 1.
                                                                                                        
+
                                                                                                        When you access a cluster using kubectl, CCE uses the kubeconfig.json file generated on the cluster for authentication. This file contains user information, based on which CCE determines which Kubernetes resources can be accessed via kubectl. The permissions recorded in a kubeconfig.json file vary from user to user. The permissions that a user has are listed in Table 1.
                                                                                                        
 
                                                                                                        
 
                                                                                                        
 
                                                                                                        
diff --git a/docs/cce/umn/cce_10_0188.html b/docs/cce/umn/cce_10_0188.html
index 82d3aabed..0e3868b5a 100644
--- a/docs/cce/umn/cce_10_0188.html
+++ b/docs/cce/umn/cce_10_0188.html
@@ -8,7 +8,7 @@
 
                                                                                                        
 
                                                                                                        Configuration
                                                                                                        On the CCE console, when you choose Permissions > Cluster-Level Permissions to create a user group, you will be directed to the IAM console to complete the process. After the user group is created and its permissions are configured, you can view the information on the Cluster-Level Permissions tab page. This section describes the operations in IAM.
                                                                                                        
 
                                                                                                        
-
                                                                                                        Process Flow
                                                                                                        Figure 1 Process of granting CCE permissions
                                                                                                        
+
                                                                                                        Process Flow
                                                                                                        Figure 1 Process of granting CCE permissions
                                                                                                        
 
                                                                                                        1. Create a user group and assign permissions to it.
                                                                                                          On the IAM console, create a user group and grant it CCE permissions (CCE ReadOnlyAccess as an example).
                                                                                                          
 
                                                                                                           
                                                                                                          CCE is deployed by region. On the IAM console, select Region-specific projects when assigning CCE permissions.
                                                                                                          
 
                                                                                                          
@@ -16,7 +16,7 @@
 
                                                                                                           
                                                                                                          IAM users need programmatic and management console access to use CCE.
                                                                                                          
 
                                                                                                          
 
                                                                                                        2. Log in and verify permissions.
                                                                                                          Log in to the management console as the user you created, and verify that the user has the assigned permissions.
                                                                                                          
-
                                                                                                          • Choose Service List > Cloud Container Engine. Then click Create Cluster on the CCE console. If the operation failed, the CCE ReadOnlyAccess policy is in effect.
                                                                                                          • Choose another service from Service List. If a message appears indicating that you have insufficient permissions to perform the operation, the CCE ReadOnlyAccess policy is in effect.
                                                                                                          
+
                                                                                                          • Choose Service List > Cloud Container Engine. Then click Create Cluster on the CCE console. If the operation failed, the CCE ReadOnlyAccess policy is in effect.
                                                                                                          • Choose another service from Service List. If a message appears indicating that you have insufficient permissions to perform the operation, the CCE ReadOnlyAccess policy is in effect.
                                                                                                          
 
                                                                                                        
 
                                                                                                        
 
                                                                                                        System-defined Roles
                                                                                                        Roles are a type of coarse-grained authorization mechanism that defines service-level permissions based on user responsibilities. Only a limited number of service-level roles are available for authorization. Roles are not ideal for fine-grained authorization and least privilege access.
                                                                                                        
@@ -30,7 +30,7 @@
 
                                                                                                        Custom Policies
                                                                                                        Custom policies can be created as a supplement to the system-defined policies of CCE. 
                                                                                                        
 
                                                                                                        You can create custom policies in either of the following ways:
                                                                                                        
 
                                                                                                        • Visual editor: Select cloud services, actions, resources, and request conditions. This does not require knowledge of policy syntax.
                                                                                                        • JSON: Create a JSON policy or edit an existing one.
                                                                                                        
-
                                                                                                        The following lists examples of common CCE custom policies.
                                                                                                        
+
                                                                                                        This section provides examples of common custom FunctionGraph policies.
                                                                                                        
 
                                                                                                        
 
                                                                                                        Examples
                                                                                                        
 
                                                                                                        • Example 1: Creating a cluster named test
                                                                                                          {
@@ -83,7 +83,7 @@
 
                                                                                                        
 
                                                                                                        When RBAC and IAM policies co-exist, the backend authentication logic for open APIs or console operations on CCE is as follows.
                                                                                                        
-
                                                                                                        
+
                                                                                                        
diff --git a/docs/cce/umn/cce_10_0189.html b/docs/cce/umn/cce_10_0189.html
index e9d5d7e52..1e8964ab0 100644
--- a/docs/cce/umn/cce_10_0189.html
+++ b/docs/cce/umn/cce_10_0189.html
@@ -4,10 +4,12 @@
 
                                                                                                        Namespace Permissions (Kubernetes RBAC-based)
                                                                                                        You can regulate users' or user groups' access to Kubernetes resources in a single namespace based on their Kubernetes RBAC roles. The RBAC API declares four kinds of Kubernetes objects: Role, ClusterRole, RoleBinding, and ClusterRoleBinding, which are described as follows:
                                                                                                        
 
                                                                                                        • Role: defines a set of rules for accessing Kubernetes resources in a namespace.
                                                                                                        • RoleBinding: defines the relationship between users and roles.
                                                                                                        • ClusterRole: defines a set of rules for accessing Kubernetes resources in a cluster (including all namespaces).
                                                                                                        • ClusterRoleBinding: defines the relationship between users and cluster roles.
                                                                                                        
 
                                                                                                        Role and ClusterRole specify actions that can be performed on specific resources. RoleBinding and ClusterRoleBinding bind roles to specific users, user groups, or ServiceAccounts. Illustration:
                                                                                                        
-
                                                                                                        Figure 1 Role binding
                                                                                                        
+
                                                                                                        Figure 1 Role binding
                                                                                                        
 
                                                                                                        On the CCE console, you can assign permissions to a user or user group to access resources in one or multiple namespaces. By default, the CCE console provides the following ClusterRoles:
                                                                                                        • view (read-only): read-only permissions on most resources in all or selected namespaces.
                                                                                                        • edit (development): read-write permissions on most resources in all or selected namespaces. If this ClusterRole is configured for all namespaces, its capability is the same as the O&M permission.
                                                                                                        • admin (O&M): read and write permissions on most resources in all namespaces, and read-only permission on nodes, storage volumes, namespaces, and quota management.
                                                                                                        • cluster-admin (administrator): read and write permissions on all resources in all namespaces.
                                                                                                        • drainage-editor: drain a node.
                                                                                                        • drainage-viewer: view the nodal drainage status but cannot drain a node.
                                                                                                        
 
                                                                                                        
 
                                                                                                        In addition to the preceding typical ClusterRoles, you can define Role and RoleBinding to grant the permissions to add, delete, modify, and obtain global resources (such as nodes, PVs, and CustomResourceDefinitions) and different resources (such as pods, Deployments, and Services) in namespaces for refined permission control.
                                                                                                        
+
                                                                                                         
                                                                                                        Kubernetes RBAC controls access to cluster API resources. It cannot control access to underlying resources of cluster nodes and is not suitable for strict resource isolation between multiple tenants.
                                                                                                        
+
                                                                                                        
 
                                                                                                        
 
                                                                                                        Cluster Permissions (IAM-based) and Namespace Permissions (Kubernetes RBAC-based)
                                                                                                        Users with different cluster permissions (assigned using IAM) have different namespace permissions (assigned using Kubernetes RBAC). Table 1 lists the namespace permissions of different users.
                                                                                                        
 
@@ -44,7 +46,7 @@
 
                                                                                                        Precautions
                                                                                                        • After you create a cluster, CCE automatically assigns the cluster-admin permission to you, which means you have full control on all resources and all namespaces in this cluster. The ID of a federated user changes upon each login and logout. Therefore, the user with the permissions is displayed as deleted. In this case, do not delete the permissions. Otherwise, the authentication fails. You are advised to grant the cluster-admin permission to a user group on CCE and add federated users to the user group.
                                                                                                        • A user with the Security Administrator role has all IAM permissions except role switching. For example, an account in the admin user group has this role by default. Only these users can assign permissions on the Permissions page on the CCE console.
                                                                                                        
 
                                                                                                        
 
                                                                                                        Configuring Namespace Permissions (on the Console)
                                                                                                        You can regulate users' or user groups' access to Kubernetes resources in a single namespace based on their Kubernetes RBAC roles.
                                                                                                        
-
                                                                                                        1. Log in to the CCE console. In the navigation pane, choose Permissions.
                                                                                                        2. Select a cluster for which you want to add permissions from the drop-down list on the right.
                                                                                                        3. Click Add Permission in the upper right corner.
                                                                                                        4. Confirm the cluster name and select the namespace to assign permissions for. For example, select All namespaces, the target user or user group, and select the permissions.
                                                                                                           
                                                                                                          If you do not have IAM permissions, you cannot select users or user groups when configuring permissions for other users or user groups. In this case, you can enter a user ID or user group ID. 
                                                                                                          
+
                                                                                                          1. Log in to the CCE console.
                                                                                                          2. In the navigation pane, choose Permissions. Select the cluster for which you want to add permissions from the drop-down list on the right.
                                                                                                          3. Click Add Permission in the upper right corner.
                                                                                                          4. Confirm the cluster name and select the namespace to assign permissions for. For example, select All namespaces, the target user or user group, and select the permissions.
                                                                                                             
                                                                                                            If you do not have IAM permissions, you cannot select users or user groups when configuring permissions for other users or user groups. In this case, you can enter a user ID or user group ID. 
                                                                                                            
 
                                                                                                            
 
                                                                                                            Permissions can be customized as required. After selecting Custom for Permission Type, click Add Custom Role on the right of the Custom parameter. In the dialog box displayed, enter a name and select a rule. After the custom rule is created, you can select a value from the Custom drop-down list box.
                                                                                                            
 
                                                                                                            Custom permissions are classified into ClusterRole and Role. Each ClusterRole or Role contains a group of rules that represent related permissions. For details, see Using RBAC Authorization.
                                                                                                            
@@ -101,8 +103,7 @@ nginx-658dff48ff-7rkph                 1/1     Running   0          4d9h
 nginx-658dff48ff-njdhj                 1/1     Running   0          4d9h
 
                                                                                                          
 
                                                                                                        5. Check other types of resources, for example, Deployments.
                                                                                                          kubectl get deploy
                                                                                                          
-
                                                                                                          If the following information is displayed, you do not have permission to view the Deployments:
                                                                                                          # kubectl get deploy
-Error from server (Forbidden): deployments.apps is forbidden: User "0c97ac3cb280f4d91fa7c0096739e1f8" cannot list resource "deployments" in API group "apps" in the namespace "default"
                                                                                                          
+
                                                                                                          If the following information is displayed, you do not have permission to view the Deployments:
                                                                                                          Error from server (Forbidden): deployments.apps is forbidden: User "0c97ac3cb280f4d91fa7c0096739e1f8" cannot list resource "deployments" in API group "apps" in the namespace "default"
                                                                                                          
 
                                                                                                          
 
                                                                                                        6. Check the pod information in the kube-system namespace.
                                                                                                          kubectl get pod --namespace=kube-system
                                                                                                          
 
                                                                                                          If the following information is displayed, you do not have permission to view the pod information in the kube-system namespace:
                                                                                                          Error from server (Forbidden): pods is forbidden: User "0c97ac3cb280f4d91fa7c0096739e1f8" cannot list resource "pods" in API group "" in the namespace "kube-system"
                                                                                                          
diff --git a/docs/cce/umn/cce_10_0190.html b/docs/cce/umn/cce_10_0190.html
index 0c7be4f3b..d1d56a4cb 100644
--- a/docs/cce/umn/cce_10_0190.html
+++ b/docs/cce/umn/cce_10_0190.html
@@ -48,7 +48,7 @@
 
 
                                                                                                        
-
@@ -66,7 +66,7 @@
 
                                                                                                        Table 4 Node CPU reservation rules
                                                                                                        Total CPU Cores (Total)
                                                                                                        
+
                                                                                                        Node CPU Reservation Rules
                                                                                                        
+
                                                                                                        
-
-
-
-
-
-
-
-
-
                                                                                                        Table 4 Node CPU reservation rules
                                                                                                        Total CPU Cores (Total)
                                                                                                        
 
                                                                                                        Reserved CPU Cores
                                                                                                        
+
                                                                                                        Reserved CPU Cores
                                                                                                        
                                                                                                         		
 
                                                                                                        
 
                                                                                                        Total ≤ 1 core
                                                                                                        
+
                                                                                                        Total ≤ 1 core
                                                                                                        
 
                                                                                                        Total x 6%
                                                                                                        
+
                                                                                                        Total x 6%
                                                                                                        
                                                                                                         		
 
                                                                                                        1 core < Total ≤ 2 cores
                                                                                                        
+
                                                                                                        1 core < Total ≤ 2 cores
                                                                                                        
 
                                                                                                        1 core x 6% + (Total – 1 core) x 1%
                                                                                                        
+
                                                                                                        1 core x 6% + (Total – 1 core) x 1%
                                                                                                        
                                                                                                         		
 
                                                                                                        2 cores < Total ≤ 4 cores
                                                                                                        
+
                                                                                                        2 cores < Total ≤ 4 cores
                                                                                                        
 
                                                                                                        1 core x 6% + 1 core x 1% + (Total – 2 cores) x 0.5%
                                                                                                        
+
                                                                                                        1 core x 6% + 1 core x 1% + (Total – 2 cores) x 0.5%
                                                                                                        
                                                                                                         		
 
                                                                                                        Total > 4 cores
                                                                                                        
+
                                                                                                        Total > 4 cores
                                                                                                        
 
                                                                                                        1 core x 6% + 1 core x 1% + 2 cores x 0.5% + (Total – 4 cores) x 0.25%
                                                                                                        
+
                                                                                                        1 core x 6% + 1 core x 1% + 2 cores x 0.5% + (Total – 4 cores) x 0.25%
                                                                                                        
                                                                                                         		
 
                                                                                                        
                                                                                                         
 
                                                                                                        
 
                                                                                                        
 
                                                                                                        
-
                                                                                                        Rules for CCE to Reserve Data Disks on Nodes
                                                                                                        CCE uses Logical Volume Manager (LVM) to manage disks. LVM creates a metadata area on a disk to store logical and physical volumes, occupying 4 MiB space. Therefore, the actual available disk space of a node is equal to the disk size minus 4 MiB.
                                                                                                        
+
                                                                                                        Node Data Disk Reservation Rules
                                                                                                        CCE uses Logical Volume Manager (LVM) for disk management. LVM creates a metadata area on a disk to store logical and physical volume information, occupying 4 MiB of space. Therefore, the actual available disk space of a node is the disk size minus 4 MiB.
                                                                                                        
 
                                                                                                        
 
                                                                                                        
 
                                                                                                        
diff --git a/docs/cce/umn/cce_10_0180.html b/docs/cce/umn/cce_10_0180.html
index 4a94ba4f8..e6cd5b065 100644
--- a/docs/cce/umn/cce_10_0180.html
+++ b/docs/cce/umn/cce_10_0180.html
@@ -9,7 +9,7 @@
 
                                                                                                        Supported Node Specifications
                                                                                                        Different regions support different node flavors, and node flavors may be changed. Log in to the CCE console and check whether the required node flavors are supported on the page for creating nodes.
                                                                                                        
 
                                                                                                        
 
                                                                                                        Underlying File Storage System of Containers
                                                                                                        Docker
                                                                                                        
-
                                                                                                        • In clusters of v1.15.6 or earlier, the underlying Docker file storage system is in XFS format.
                                                                                                        • In clusters of v1.15.11 or later, after a node is created or reset, the underlying Docker file storage system changes to the ExtFS format.
                                                                                                        
+
                                                                                                        • In clusters of v1.15.6 or earlier, the underlying Docker file storage system is in XFS format.
                                                                                                        • In clusters of v1.15.11 or later, after a node is created or reset, the underlying Docker file storage system changes to the extFS format.
                                                                                                        
 
                                                                                                        For containerized applications that use the XFS format, pay attention to the impact of the underlying file storage format change. (The sequence of files in different file systems is different. For example, some Java applications reference a JAR package, but the directory contains multiple versions of the JAR package. If the version is not specified, the actual referenced package is determined by the system file.)
                                                                                                        
 
                                                                                                        Run the docker info | grep "Backing Filesystem" command to check the format of the underlying Docker storage file used by the current node.
                                                                                                        
 
                                                                                                        containerd
                                                                                                        
diff --git a/docs/cce/umn/cce_10_0184.html b/docs/cce/umn/cce_10_0184.html
index 3ef2eda8e..452de6b38 100644
--- a/docs/cce/umn/cce_10_0184.html
+++ b/docs/cce/umn/cce_10_0184.html
@@ -2,11 +2,11 @@
 
 
                                                                                                        Synchronizing the Data of Cloud Servers
                                                                                                        
 
                                                                                                        Scenario
                                                                                                        Each node in a cluster is a cloud server or physical machine. After a cluster node is created, you can change the cloud server name or specifications as required. Modifying node specifications will affect services. Perform the operation on nodes one by one.
                                                                                                        
-
                                                                                                        Some information of CCE nodes is maintained independently from the ECS console. After you change the name, EIP, or specifications of an ECS on the ECS console, synchronize the ECS with the target node on the CCE console. After the synchronization, information on both consoles is consistent.
                                                                                                        
+
                                                                                                        Some CCE node information is maintained independently of the ECS console. After changing an ECS's name, EIP, or specifications on the ECS console, synchronize it with the target node on the CCE console to ensure consistency.
                                                                                                        
 
                                                                                                        
 
                                                                                                        Notes and Constraints
                                                                                                        • Data, including the VM status, ECS names, number of CPUs, size of memory, ECS specifications, and public IP addresses, can be synchronized.
                                                                                                        • The following data cannot be synchronized: OS, image ID, and disk configuration.
                                                                                                        
 
                                                                                                        
-
                                                                                                        Synchronizing the Data of a Cloud Server
                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                        2. In the navigation pane, choose Nodes. On the displayed page, click the Nodes tab.
                                                                                                        3. Locate the target node and choose More > Sync Server Data in the Operation column.
                                                                                                          After the synchronization is complete, the ECS data synchronization requested message is displayed in the upper right corner.
                                                                                                          
+
                                                                                                          Synchronizing the Data of a Cloud Server
                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                          2. In the navigation pane, choose Nodes. On the displayed page, click the Nodes tab.
                                                                                                          3. Locate the target node and choose More > Sync Server Data in the Operation column.
                                                                                                            After the synchronization is complete, the ECS data synchronization requested message is displayed in the upper right corner.
                                                                                                            
 
                                                                                                          
 
                                                                                                          
 
                                                                                                        
diff --git a/docs/cce/umn/cce_10_0185.html b/docs/cce/umn/cce_10_0185.html
index db2fd8d8d..43a8f2c8b 100644
--- a/docs/cce/umn/cce_10_0185.html
+++ b/docs/cce/umn/cce_10_0185.html
@@ -1,13 +1,13 @@
 
 
 
                                                                                                        Logging In to a Node
                                                                                                        
-
                                                                                                        Prerequisites
                                                                                                        • Before you log in to a node using SSH, ensure that the SSH port (22 by default) is enabled in the security group of the node. 
                                                                                                        • Before you log in to a node (an ECS) using SSH through the Internet, ensure that the ECS already has an EIP bound.
                                                                                                        • Only login to a running ECS is allowed.
                                                                                                        • Only the user linux can log in to a Linux server.
                                                                                                        
+
                                                                                                        Prerequisites
                                                                                                        • Before you log in to a node using SSH, ensure the SSH port (22 by default) is enabled in the security group of the node. 
                                                                                                        • Before you log in to a node (an ECS) via SSH over the Internet, ensure the ECS already has an EIP bound.
                                                                                                        • Only a running ECS can be logged in to.
                                                                                                        • Only user linux can log in to a Linux server.
                                                                                                        
 
                                                                                                        
 
                                                                                                        Login Modes
                                                                                                        You can log in to an ECS in either of the following modes:
                                                                                                        
 
                                                                                                        • Management console (VNC)
                                                                                                          If an ECS has no EIP, log in to the ECS console and click Remote Login in the same row as the ECS.
                                                                                                          
 
                                                                                                          For details, see Login Using VNC.
                                                                                                          
-
                                                                                                        • SSH
                                                                                                          This mode applies only to ECSs running Linux. Usually, you can use a remote login tool, such as PuTTY, Xshell, and SecureCRT, to log in to your ECS. If none of the remote login tools can be used, log in to the ECS console and click Remote Login in the same row as the ECS to view the connection status and running status of the ECS.
                                                                                                          
-
                                                                                                           
                                                                                                          • When you use the Windows OS to log in to a Linux node, set Auto-login username to linux.
                                                                                                          • The CCE console does not support node OS upgrade. Do not upgrade the node OS using the yum update command. Otherwise, the container networking components will be unavailable. 
                                                                                                          
+
                                                                                                        • SSH
                                                                                                          This mode applies only to ECSs running Linux. You can typically use a remote login tool like PuTTY, Xshell, or SecureCRT to log in to your ECS. If none of the remote login tools can be used, log in to the ECS console and click Remote Login in the same row as the ECS to view the connection status and running status of the ECS.
                                                                                                          
+
                                                                                                           
                                                                                                          • When you log in to a Linux node from Windows, set Auto-login username to linux.
                                                                                                          • The CCE console does not support node OS upgrade. Do not upgrade the node OS using the yum update command. Otherwise, the container networking components will be unavailable. 
                                                                                                          
 
                                                                                                          
 
                                                                                                        
 
                                                                                                        
@@ -40,7 +40,7 @@
 
 
                                                                                                        Windows/Linux
                                                                                                        
 
                                                                                                        Remote login using the management console: Login Using VNC
                                                                                                        
+
                                                                                                        Remote login using the management console: Logging In to a Linux ECS Using VNC
                                                                                                        
                                                                                                         		
 
                                                                                                        
 
 
 
 
 
 
 
                                                                                                        Node management
                                                                                                        
 
                                                                                                        Elastic Cloud Server (ECS)
                                                                                                        
+
                                                                                                        ECS
                                                                                                        
                                                                                                         		
 
                                                                                                        If the permission assigned to an IAM user is CCE Administrator, creating or deleting a node requires the ECS FullAccess or ECS Administrator policy and the VPC Administrator policy.
                                                                                                        
                                                                                                         		
 
                                                                                                        Object Storage Service (OBS)
                                                                                                        
 
                                                                                                        Scalable File Service (SFS)
                                                                                                        
-
                                                                                                        SFS Turbo
                                                                                                        
+
                                                                                                        SFS Turbo
                                                                                                        
                                                                                                         		
 
                                                                                                        • To use OBS, you must have the OBS Administrator permission globally assigned.
                                                                                                           NOTE: 
                                                                                                          Because of the cache, it takes about 13 minutes for the RBAC policy to take effect after being granted to users and user groups. After an OBS-related system policy is granted, it takes about 5 minutes for the policy to take effect.
                                                                                                          
 
                                                                                                          
diff --git a/docs/cce/umn/cce_10_0191.html b/docs/cce/umn/cce_10_0191.html
index 7c447c096..954d7fcb1 100644
--- a/docs/cce/umn/cce_10_0191.html
+++ b/docs/cce/umn/cce_10_0191.html
@@ -1,19 +1,19 @@
 
 
-
                                                                                                          Overview of a Chart
                                                                                                          
-
                                                                                                          CCE provides a console for managing Helm charts, helping you easily deploy applications using the charts and manage applications on the console. 
                                                                                                          
+
                                                                                                          Chart Overview
                                                                                                          
+
                                                                                                          CCE provides a console for managing Helm charts. This helps you easily deploy applications using the charts and manage applications on the console. 
                                                                                                          
 
                                                                                                          Helm
                                                                                                          Helm is a package manager for Kubernetes and manages charts. A Helm chart is a series of YAML files used to encapsulate native Kubernetes applications. When deploying an application, you can customize some metadata of the application for easy application distribution. Application releasors can use Helm to package applications, manage application dependencies and application versions, and release applications to the software repository. After using Helm, users do not need to compile complex application deployment files. They can easily search for, install, upgrade, roll back, and uninstall applications on Kubernetes.
                                                                                                          
 
                                                                                                          The relationship between Helm and Kubernetes is as follows:
                                                                                                          
 
                                                                                                          • Helm <–> Kubernetes
                                                                                                          • Apt <–> Ubuntu
                                                                                                          • Yum <–> CentOS
                                                                                                          • Pip <–> Python
                                                                                                          
 
                                                                                                          The following figure shows the solution architecture:
                                                                                                          
-
                                                                                                          
+
                                                                                                          
 
                                                                                                          Helm can help application orchestration for Kubernetes:
                                                                                                          
 
                                                                                                          • Manages, edits, and updates a large number of Kubernetes configuration files.
                                                                                                          • Deploys a complex Kubernetes application that contains a large number of configuration files.
                                                                                                          • Shares and reuses Kubernetes configurations and applications.
                                                                                                          • Supports multiple environments with parameter-based configuration templates.
                                                                                                          • Manages the release of applications, including rolling back the application, finding differences (using the diff command), and viewing the release history.
                                                                                                          • Controls phases in a deployment cycle.
                                                                                                          • Tests and verifies the released version.
                                                                                                          
 
                                                                                                          
 
                                                                                                          
 
                                                                                                          
 
                                                                                                          
-
                                                                                                          Parent topic: Helm Chart
                                                                                                          
+
                                                                                                          Parent topic: Helm Charts
                                                                                                          
 
                                                                                                          
 
                                                                                                          
 
diff --git a/docs/cce/umn/cce_10_0193.html b/docs/cce/umn/cce_10_0193.html
index c2b9be00a..ce69ba78a 100644
--- a/docs/cce/umn/cce_10_0193.html
+++ b/docs/cce/umn/cce_10_0193.html
@@ -10,9 +10,9 @@
 
                                                                                                           
                                                                                                          When using Volcano as a scheduler, use it to schedule all workloads in the cluster. This prevents resource scheduling conflicts caused by simultaneous working of multiple schedulers.
                                                                                                          
 
                                                                                                          
 
                                                                                                          
-
                                                                                                          Notes and Constraints
                                                                                                          If the Volcano Scheduler add-on is upgraded from 1.4.7 or earlier to a version later than 1.4.7, the webhooks.admissionReviewVersions field information in the new version may be incompatible with that in the old version. As a result, VolcanoJob (vcjob) resources cannot be created. 
                                                                                                          
+
                                                                                                          Notes and Constraints
                                                                                                          If the Volcano Scheduler add-on is upgraded from 1.4.7 or earlier to a version later than 1.4.7, the webhooks.admissionReviewVersions field information in the new version may be incompatible with that in the old version. As a result, VolcanoJob (vcjob) resources cannot be created. 
                                                                                                          
 
                                                                                                          
-
                                                                                                          Installing the Add-on
                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Add-ons, locate Volcano Scheduler on the right, and click Install.
                                                                                                          2. On the Install Add-on page, configure the specifications as needed.
                                                                                                            • If you selected Preset, the system will configure the number of pods and resource quotas for the add-on based on the preset specifications. You can see the configurations on the console.
                                                                                                            • If you selected Custom, you can adjust the number of pods and resource quotas as needed. High availability is not possible with a single pod. If an error occurs on the node where the add-on instance runs, the add-on will fail.
                                                                                                              The resource quotas of the volcano-admission component are related to the cluster scale. For details, see Table 1. The resource quotas of volcano-controller and volcano-scheduler are related to the number of cluster nodes and pods. The recommended values are as follows:
                                                                                                              
+
                                                                                                              Installing the Add-on
                                                                                                              1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                              2. In the navigation pane, choose Add-ons. Locate Volcano Scheduler on the right and click Install.
                                                                                                              3. On the Install Add-on page, configure the specifications as needed.
                                                                                                                • If you selected Preset, the system will configure the number of pods and resource quotas for the add-on based on the preset specifications. You can see the configurations on the console.
                                                                                                                • If you selected Custom, you can adjust the number of pods and resource quotas as needed. High availability is not possible with a single pod. If an error occurs on the node where the add-on instance runs, the add-on will fail.
                                                                                                                  The resource quotas of the volcano-admission component are related to the cluster scale. For details, see Table 1. The resource quotas of volcano-controller and volcano-scheduler are related to the number of cluster nodes and pods. The recommended values are as follows:
                                                                                                                  
 
                                                                                                                  • If the number of nodes is less than 100, retain the default configuration. The requested vCPUs are 500m, and the limit is 2000m. The requested memory is 500 MiB, and the limit is 2000 MiB.
                                                                                                                  • If the number of nodes is greater than 100, increase the requested vCPUs by 500m and the requested memory by 1000 MiB each time 100 nodes (10,000 pods) are added. Increase the vCPU limit by 1500m and the memory limit by 1000 MiB.
                                                                                                                     
                                                                                                                    Recommended formula for calculating the requested value:
                                                                                                                    
 
                                                                                                                    • Requested vCPUs: Calculate the number of target nodes multiplied by the number of target pods, perform interpolation search based on the number of nodes in the cluster multiplied by the number of target pods in Table 2, and round up the request value and limit value that are closest to the specifications.
                                                                                                                      For example, for 2000 nodes and 20,000 pods, Number of target nodes x Number of target pods = 40 million, which is close to the specification of 700/70,000 (Number of cluster nodes x Number of pods = 49 million). According to the following table, set the requested vCPUs to 4000m and the limit value to 5500m.
                                                                                                                      
 
                                                                                                                    • Requested memory: It is recommended that 2.4 GiB memory be allocated to every 1000 nodes and 1 GiB memory be allocated to every 10,000 pods. The requested memory is the sum of these two values. (The obtained value may be different from the recommended value in Table 2. You can use either of them.)
                                                                                                                      Requested memory = Number of target nodes/1000 × 2.4 GiB + Number of target pods/10,000 × 1 GiB
                                                                                                                      
@@ -21,153 +21,153 @@
 
                                                                                                                    
 
                                                                                                                  
 
-
                                                                                                                  Table 1 Recommended requested resources and resource limits for volcano-admission
                                                                                                                  Cluster Scale
                                                                                                                  
+
                                                                                                                  
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                                                                                  Table 1 Recommended requested resources and resource limits for volcano-admission
                                                                                                                  Cluster Scale
                                                                                                                  
 
                                                                                                                  CPU Request (m)
                                                                                                                  
+
                                                                                                                  CPU Request (m)
                                                                                                                  
 
                                                                                                                  vCPU Limit (m)
                                                                                                                  
+
                                                                                                                  vCPU Limit (m)
                                                                                                                  
 
                                                                                                                  Requested Memory (MiB)
                                                                                                                  
+
                                                                                                                  Memory Request (MiB)
                                                                                                                  
 
                                                                                                                  Memory Limit (MiB)
                                                                                                                  
+
                                                                                                                  Memory Limit (MiB)
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  
 
                                                                                                                  50 nodes
                                                                                                                  
+
                                                                                                                  50 nodes
                                                                                                                  
 
                                                                                                                  200
                                                                                                                  
+
                                                                                                                  200
                                                                                                                  
 
                                                                                                                  500
                                                                                                                  
+
                                                                                                                  500
                                                                                                                  
 
                                                                                                                  500
                                                                                                                  
+
                                                                                                                  500
                                                                                                                  
 
                                                                                                                  500
                                                                                                                  
+
                                                                                                                  500
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  200 nodes
                                                                                                                  
+
                                                                                                                  200 nodes
                                                                                                                  
 
                                                                                                                  500
                                                                                                                  
+
                                                                                                                  500
                                                                                                                  
 
                                                                                                                  1000
                                                                                                                  
+
                                                                                                                  1000
                                                                                                                  
 
                                                                                                                  1000
                                                                                                                  
+
                                                                                                                  1000
                                                                                                                  
 
                                                                                                                  2000
                                                                                                                  
+
                                                                                                                  2000
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  1000 or more nodes
                                                                                                                  
+
                                                                                                                  1000 or more nodes
                                                                                                                  
 
                                                                                                                  1500
                                                                                                                  
+
                                                                                                                  1500
                                                                                                                  
 
                                                                                                                  2500
                                                                                                                  
+
                                                                                                                  2500
                                                                                                                  
 
                                                                                                                  3000
                                                                                                                  
+
                                                                                                                  3000
                                                                                                                  
 
                                                                                                                  4000
                                                                                                                  
+
                                                                                                                  4000
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  
                                                                                                                   
 
                                                                                                                  
 
                                                                                                                  
 
-
                                                                                                                  Table 2 Recommended requested resources and resource limits for volcano-controller and volcano-scheduler
                                                                                                                  Nodes/Pods in a Cluster
                                                                                                                  
+
                                                                                                                  
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@@ -178,26 +178,26 @@
 
                                                                                                                • Configure deployment policies for the add-on pods.
                                                                                                                   
                                                                                                                  • Scheduling policies do not take effect on add-on pods of the DaemonSet type.
                                                                                                                  • When configuring multi-AZ deployment or node affinity, ensure that there are nodes meeting the scheduling policy and that resources are sufficient in the cluster. Otherwise, the add-on cannot run.
                                                                                                                  
 
                                                                                                                  
 
-
                                                                                                                  • Table 2 Recommended requested resources and resource limits for volcano-controller and volcano-scheduler
                                                                                                                  Nodes/Pods in a Cluster
                                                                                                                  
 
                                                                                                                  CPU Request (m)
                                                                                                                  
+
                                                                                                                  CPU Request (m)
                                                                                                                  
 
                                                                                                                  CPU Limit (m)
                                                                                                                  
+
                                                                                                                  CPU Limit (m)
                                                                                                                  
 
                                                                                                                  Memory Request (MiB)
                                                                                                                  
+
                                                                                                                  Memory Request (MiB)
                                                                                                                  
 
                                                                                                                  Memory Limit (MiB)
                                                                                                                  
+
                                                                                                                  Memory Limit (MiB)
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  
 
                                                                                                                  50/5000
                                                                                                                  
+
                                                                                                                  50/5000
                                                                                                                  
 
                                                                                                                  500
                                                                                                                  
+
                                                                                                                  500
                                                                                                                  
 
                                                                                                                  2000
                                                                                                                  
+
                                                                                                                  2000
                                                                                                                  
 
                                                                                                                  500
                                                                                                                  
+
                                                                                                                  500
                                                                                                                  
 
                                                                                                                  2000
                                                                                                                  
+
                                                                                                                  2000
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  100/10000
                                                                                                                  
+
                                                                                                                  100/10000
                                                                                                                  
 
                                                                                                                  1000
                                                                                                                  
+
                                                                                                                  1000
                                                                                                                  
 
                                                                                                                  2500
                                                                                                                  
+
                                                                                                                  2500
                                                                                                                  
 
                                                                                                                  1500
                                                                                                                  
+
                                                                                                                  1500
                                                                                                                  
 
                                                                                                                  2500
                                                                                                                  
+
                                                                                                                  2500
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  200/20000
                                                                                                                  
+
                                                                                                                  200/20000
                                                                                                                  
 
                                                                                                                  1500
                                                                                                                  
+
                                                                                                                  1500
                                                                                                                  
 
                                                                                                                  3000
                                                                                                                  
+
                                                                                                                  3000
                                                                                                                  
 
                                                                                                                  2500
                                                                                                                  
+
                                                                                                                  2500
                                                                                                                  
 
                                                                                                                  3500
                                                                                                                  
+
                                                                                                                  3500
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  300/30000
                                                                                                                  
+
                                                                                                                  300/30000
                                                                                                                  
 
                                                                                                                  2000
                                                                                                                  
+
                                                                                                                  2000
                                                                                                                  
 
                                                                                                                  3500
                                                                                                                  
+
                                                                                                                  3500
                                                                                                                  
 
                                                                                                                  3500
                                                                                                                  
+
                                                                                                                  3500
                                                                                                                  
 
                                                                                                                  4500
                                                                                                                  
+
                                                                                                                  4500
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  400/40000
                                                                                                                  
+
                                                                                                                  400/40000
                                                                                                                  
 
                                                                                                                  2500
                                                                                                                  
+
                                                                                                                  2500
                                                                                                                  
 
                                                                                                                  4000
                                                                                                                  
+
                                                                                                                  4000
                                                                                                                  
 
                                                                                                                  4500
                                                                                                                  
+
                                                                                                                  4500
                                                                                                                  
 
                                                                                                                  5500
                                                                                                                  
+
                                                                                                                  5500
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  500/50000
                                                                                                                  
+
                                                                                                                  500/50000
                                                                                                                  
 
                                                                                                                  3000
                                                                                                                  
+
                                                                                                                  3000
                                                                                                                  
 
                                                                                                                  4500
                                                                                                                  
+
                                                                                                                  4500
                                                                                                                  
 
                                                                                                                  5500
                                                                                                                  
+
                                                                                                                  5500
                                                                                                                  
 
                                                                                                                  6500
                                                                                                                  
+
                                                                                                                  6500
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  600/60000
                                                                                                                  
+
                                                                                                                  600/60000
                                                                                                                  
 
                                                                                                                  3500
                                                                                                                  
+
                                                                                                                  3500
                                                                                                                  
 
                                                                                                                  5000
                                                                                                                  
+
                                                                                                                  5000
                                                                                                                  
 
                                                                                                                  6500
                                                                                                                  
+
                                                                                                                  6500
                                                                                                                  
 
                                                                                                                  7500
                                                                                                                  
+
                                                                                                                  7500
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  700/70000
                                                                                                                  
+
                                                                                                                  700/70000
                                                                                                                  
 
                                                                                                                  4000
                                                                                                                  
+
                                                                                                                  4000
                                                                                                                  
 
                                                                                                                  5500
                                                                                                                  
+
                                                                                                                  5500
                                                                                                                  
 
                                                                                                                  7500
                                                                                                                  
+
                                                                                                                  7500
                                                                                                                  
 
                                                                                                                  8500
                                                                                                                  
+
                                                                                                                  8500
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  
 
                                                                                                                  Table 3 Configurations for add-on scheduling
                                                                                                                  Parameter
                                                                                                                  
+
                                                                                                                  
-
-
-
-
-
-
-
@@ -205,7 +205,7 @@
 
                                                                                                                  Table 3 Configurations for add-on scheduling
                                                                                                                  Parameter
                                                                                                                  
 
                                                                                                                  Description
                                                                                                                  
+
                                                                                                                  Description
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  
 
                                                                                                                  Multi-AZ Deployment
                                                                                                                  
+
                                                                                                                  Multi-AZ Deployment
                                                                                                                  
 
                                                                                                                  • Preferred: Deployment pods of the add-on will be preferentially scheduled to nodes in different AZs. If all the nodes in the cluster are deployed in the same AZ, the pods will be scheduled to different nodes in that AZ.
                                                                                                                  • Forcible: Deployment pods of the add-on are forcibly scheduled to nodes in different AZs. There can be at most one pod in each AZ. If nodes in a cluster are not in different AZs, some add-on pods cannot run properly. If a node is faulty, add-on pods on it may fail to be migrated.
                                                                                                                  
+
                                                                                                                  • Preferred: Deployment pods of the add-on will be preferentially scheduled to nodes in different AZs. If all the nodes in the cluster are deployed in the same AZ, the pods will be scheduled to different nodes in that AZ.
                                                                                                                  • Forcible: Deployment pods of the add-on are forcibly scheduled to nodes in different AZs. There can be at most one pod in each AZ. If nodes in a cluster are not in different AZs, some add-on pods cannot run properly. If a node is faulty, add-on pods on it may fail to be migrated.
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  Node Affinity
                                                                                                                  
+
                                                                                                                  Node Affinity
                                                                                                                  
 
                                                                                                                  • Not configured: Node affinity is disabled for the add-on.
                                                                                                                  • Specify node: Specify the nodes where the add-on is deployed. If you do not specify the nodes, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                                                  • Specify node pool: Specify the node pool where the add-on is deployed. If you do not specify the node pools, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                                                  • Customize affinity: Enter the labels of the nodes where the add-on is to be deployed for more flexible scheduling policies. If you do not specify node labels, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                                                    If multiple custom affinity policies are configured, ensure that there are nodes that meet all the affinity policies in the cluster. Otherwise, the add-on cannot run.
                                                                                                                    
+
                                                                                                                  • Not configured: Node affinity is disabled for the add-on.
                                                                                                                  • Specify node: Specify the nodes where the add-on is deployed. If you do not specify the nodes, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                                                  • Specify node pool: Specify the node pool where the add-on is deployed. If you do not specify the node pools, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                                                  • Customize affinity: Enter the labels of the nodes where the add-on is to be deployed for more flexible scheduling policies. If you do not specify node labels, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                                                    If multiple custom affinity policies are configured, ensure that there are nodes that meet all the affinity policies in the cluster. Otherwise, the add-on cannot run.
                                                                                                                    
 
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  Toleration
                                                                                                                  
+
                                                                                                                  Toleration
                                                                                                                  
 
                                                                                                                  Using both taints and tolerations allows (not forcibly) the add-on Deployment to be scheduled to a node with the matching taints, and controls the Deployment eviction policies after the node where the Deployment is located is tainted.
                                                                                                                  
+
                                                                                                                  Using both taints and tolerations allows (not forcibly) the add-on Deployment to be scheduled to a node with the matching taints, and controls the Deployment eviction policies after the node where the Deployment is located is tainted.
                                                                                                                  
 
                                                                                                                  The add-on adds the default tolerance policy for the node.kubernetes.io/not-ready and node.kubernetes.io/unreachable taints, respectively. The tolerance time window is 60s.
                                                                                                                  
 
                                                                                                                  For details, see Configuring Tolerance Policies.
                                                                                                                  
 
                                                                                                                  
 
                                                                                                                  
 
                                                                                                                  
-
                                                                                                                • Click Install.
                                                                                                                  After the add-on is installed, you can choose Settings in the navigation pane, switch to the Scheduling tab, select Volcano scheduler, and find the corresponding expert mode. You can customize advanced scheduling policies based on actual service scenarios. The following is an example:
                                                                                                                  admission_kube_api_qps: 200
+
                                                                                                                • Click Install.
                                                                                                                  After the add-on is installed, you can choose Settings in the navigation pane, switch to the Scheduling tab, and find the expert mode. You can customize advanced scheduling policies based on actual service scenarios. The following is an example:
                                                                                                                  admission_kube_api_qps: 200
 admissions: /jobs/mutate,/jobs/validate,/podgroups/mutate,/pods/validate,/pods/mutate,/queues/mutate,/queues/validate,/eas/pods/mutate,/eas/pods/validate,/npu/jobs/validate,/resource/validate,/resource/mutate,/workloadbalancer/balancer/validate,/workloadbalancer/balancerpolicytemplate/validate
 annotations: {}
 colocation_enable: 'false'
@@ -280,63 +280,63 @@ update_pod_status_qps: 50
 workload_balancer_score_annotation_key: ''
 workload_balancer_third_party_types: ''
                                                                                                                  
 
-
                                                                                                                  Table 4 Advanced Volcano configuration parameters
                                                                                                                  Function
                                                                                                                  
+
                                                                                                                  
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@@ -414,24 +414,24 @@ workload_balancer_third_party_types: ''
                                                                                                                  Table 4 Advanced Volcano configuration parameters
                                                                                                                  Function
                                                                                                                  
 
                                                                                                                  Parameter
                                                                                                                  
+
                                                                                                                  Parameter
                                                                                                                  
 
                                                                                                                  Function
                                                                                                                  
+
                                                                                                                  Function
                                                                                                                  
 
                                                                                                                  Description
                                                                                                                  
+
                                                                                                                  Description
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  
 
                                                                                                                  Basic scheduling functions
                                                                                                                  
+
                                                                                                                  Basic scheduling functions
                                                                                                                  
 
                                                                                                                  
 
                                                                                                                  
 
                                                                                                                  
 
                                                                                                                  admission_kube_api_qps
                                                                                                                  
+
                                                                                                                  admission_kube_api_qps
                                                                                                                  
 
                                                                                                                  QPS of requests sent by volcano-admission to Kubernetes API server
                                                                                                                  
+
                                                                                                                  QPS of requests sent by volcano-admission to Kubernetes API server
                                                                                                                  
 
                                                                                                                  Value range: greater than 0; parameter type: float
                                                                                                                  
+
                                                                                                                  Default value: 200; parameter type: float
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  controller_kube_api_qps
                                                                                                                  
+
                                                                                                                  controller_kube_api_qps
                                                                                                                  
 
                                                                                                                  QPS of requests sent by volcano-controller to Kubernetes API server
                                                                                                                  
+
                                                                                                                  QPS of requests sent by volcano-controller to Kubernetes API server
                                                                                                                  
 
                                                                                                                  Value range: greater than 0; parameter type: float
                                                                                                                  
+
                                                                                                                  Default value: 200; parameter type: float
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  scheduler_kube_api_qps
                                                                                                                  
+
                                                                                                                  scheduler_kube_api_qps
                                                                                                                  
 
                                                                                                                  QPS of requests sent by volcano-scheduler to Kubernetes API server
                                                                                                                  
+
                                                                                                                  QPS of requests sent by volcano-scheduler to Kubernetes API server
                                                                                                                  
 
                                                                                                                  Value range: greater than 0; parameter type: float
                                                                                                                  
+
                                                                                                                  Default value: 200; parameter type: float
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  update_pod_status_qps
                                                                                                                  
+
                                                                                                                  update_pod_status_qps
                                                                                                                  
 
                                                                                                                  QPS of the requests for updating the pod status by volcano-scheduler
                                                                                                                  
+
                                                                                                                  QPS of the requests for updating the pod status by volcano-scheduler
                                                                                                                  
 
                                                                                                                  Value range: greater than 0; parameter type: int
                                                                                                                  
+
                                                                                                                  Default value: 50; parameter type: float
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  default_scheduler_conf
                                                                                                                  
+
                                                                                                                  default_scheduler_conf
                                                                                                                  
 
                                                                                                                  Used to schedule pods. It consists of a series of actions and plugins and features high scalability. You can specify and implement actions and plugins based on your requirements.
                                                                                                                  
+
                                                                                                                  Used to schedule pods. It consists of a series of actions and plugins and features high scalability. You can specify and implement actions and plugins based on your requirements.
                                                                                                                  
 
                                                                                                                  It consists of:
                                                                                                                  
+
                                                                                                                  It consists of:
                                                                                                                  
 
                                                                                                                  • actions: defines the types and sequence of actions to be executed by the scheduler.
                                                                                                                  • tiers: configures the plugin list.
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  default_scheduler_conf.actions
                                                                                                                  
+
                                                                                                                  default_scheduler_conf.actions
                                                                                                                  
 
                                                                                                                  Actions to be executed in each scheduling phase. The configured action sequence is the scheduler execution sequence. For details, see Actions.
                                                                                                                  
+
                                                                                                                  Actions to be executed in each scheduling phase. The configured action sequence is the scheduler execution sequence. For details, see Actions.
                                                                                                                  
 
                                                                                                                  The scheduler traverses all jobs to be scheduled and performs actions such as enqueue, allocate, preempt, and backfill in the configured sequence to find the most appropriate node for each job.
                                                                                                                  
 
                                                                                                                  The following options are supported:
                                                                                                                  
+
                                                                                                                  The following options are supported:
                                                                                                                  
 
                                                                                                                  • enqueue: uses a series of filtering algorithms to filter out tasks to be scheduled and sends them to the queue to wait for scheduling. After this action, the task status changes from pending to inqueue.
                                                                                                                  • allocate: selects the most suitable node based on a series of pre-selection and selection algorithms.
                                                                                                                  • preempt: performs preemption scheduling for tasks with higher priorities in the same queue based on priority rules.
                                                                                                                  • backfill: schedules tasks in the pending state as much as possible to maximize node resource utilization.
                                                                                                                  
 
                                                                                                                  Example:
                                                                                                                  
 
                                                                                                                  actions: 'allocate, backfill, preempt'
                                                                                                                  
@@ -344,69 +344,69 @@ workload_balancer_third_party_types: ''
 
                                                                                                                   		
 
                                                                                                                  default_scheduler_conf.tier.plugin
                                                                                                                  
+
                                                                                                                  default_scheduler_conf.tier.plugin
                                                                                                                  
 
                                                                                                                  Implementation details of algorithms in actions based on different scenarios. For details, see Plugins.
                                                                                                                  
+
                                                                                                                  Implementation details of algorithms in actions based on different scenarios. For details, see Plugins.
                                                                                                                  
 
                                                                                                                  For details, see Table 5.
                                                                                                                  
+
                                                                                                                  For details, see Table 5.
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  
+
                                                                                                                  
 
                                                                                                                  Descheduling
                                                                                                                  
 
                                                                                                                  descheduler_enable
                                                                                                                  
+
                                                                                                                  descheduler_enable
                                                                                                                  
 
                                                                                                                  Used to enable descheduling.
                                                                                                                  
+
                                                                                                                  Used to enable descheduling.
                                                                                                                  
 
                                                                                                                  This function is disabled by default. Options:
                                                                                                                  
+
                                                                                                                  This function is disabled by default. Options:
                                                                                                                  
 
                                                                                                                  • true: The function is enabled.
                                                                                                                  • false or empty: The function is disabled.
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  deschedulerPolicy
                                                                                                                  
+
                                                                                                                  deschedulerPolicy
                                                                                                                  
 
                                                                                                                  Descheduling policy
                                                                                                                  
+
                                                                                                                  Descheduling policy
                                                                                                                  
 
                                                                                                                  For details about the parameters, see Table 2.
                                                                                                                  
+
                                                                                                                  For details about the parameters, see Table 2.
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  deschedulingInterval
                                                                                                                  
+
                                                                                                                  deschedulingInterval
                                                                                                                  
 
                                                                                                                  Descheduling period
                                                                                                                  
+
                                                                                                                  Descheduling period
                                                                                                                  
 
                                                                                                                  Value range: > 0s; parameter type: time
                                                                                                                  
+
                                                                                                                  Value range: > 0s; parameter type: time
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  Cloud native hybrid deployment
                                                                                                                  
+
                                                                                                                  Cloud native hybrid deployment
                                                                                                                  
 
                                                                                                                  colocation_enable
                                                                                                                  
+
                                                                                                                  colocation_enable
                                                                                                                  
 
                                                                                                                  Used to enable cloud native hybrid deployment.
                                                                                                                  
+
                                                                                                                  Used to enable cloud native hybrid deployment.
                                                                                                                  
 
                                                                                                                  This function is disabled by default. Options:
                                                                                                                  
-
                                                                                                                  • true: The function is enabled.
                                                                                                                  • false or empty: The function is disabled.
                                                                                                                  
+
                                                                                                                  This function is disabled by default. Options:
                                                                                                                  
+
                                                                                                                  • true: The function is enabled.
                                                                                                                  • false or empty: The function is disabled.
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  oversubscription_method
                                                                                                                  
+
                                                                                                                  oversubscription_method
                                                                                                                  
 
                                                                                                                  Method for calculating the oversubscription
                                                                                                                  
+
                                                                                                                  Method for calculating the oversubscription
                                                                                                                  
 
                                                                                                                  nodeResource and podProfile are supported. The default value is nodeResource.
                                                                                                                  
-
                                                                                                                  • nodeResource: calculates the oversubscription based on the node resource usage.
                                                                                                                  • podProfile: calculates the oversubscription based on pod profiling.
                                                                                                                  
+
                                                                                                                  nodeResource and podProfile are supported. The default value is nodeResource.
                                                                                                                  
+
                                                                                                                  • nodeResource: calculates the oversubscription based on the node resource usage.
                                                                                                                  • podProfile: calculates the oversubscription based on pod profiling.
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  oversubscription_ratio
                                                                                                                  
+
                                                                                                                  oversubscription_ratio
                                                                                                                  
 
                                                                                                                  Percentage of idle resource oversubscription of a node
                                                                                                                  
+
                                                                                                                  Percentage of idle resource oversubscription of a node
                                                                                                                  
 
                                                                                                                  Value range: 1 to 100; parameter type: int
                                                                                                                  
+
                                                                                                                  Value range: 1 to 100; parameter type: int
                                                                                                                  
 
                                                                                                                  For example, 60 indicates that the maximum oversubscription resources on a node is calculated based on 60% × Idle resources on the node.
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  oversubscription_profile_period
                                                                                                                  
+
                                                                                                                  oversubscription_profile_period
                                                                                                                  
 
                                                                                                                  Period of pod profiling
                                                                                                                  
+
                                                                                                                  Period of pod profiling
                                                                                                                  
 
                                                                                                                  Value range: 60 to 2592000, in seconds, that is, from 1 minute to 1 month. If a pod's metrics are not collected for the entire period, the node's resources will be evaluated according to the resources requested by the pod.
                                                                                                                  
+
                                                                                                                  Value range: 60 to 2592000, in seconds, that is, from 1 minute to 1 month. If a pod's metrics are not collected for the entire period, the node's resources will be evaluated according to the resources requested by the pod.
                                                                                                                  
 
                                                                                                                  When the oversubscription algorithm based on pod profiling is enabled for the first time, the amount of collected data may not be sufficient to cover the entire period. In this case, the oversubscription on the node is temporarily 0 due to lack of initialization data. After the data of the first period is collected, the oversubscription is updated to the actual value.
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  
 
                                                                                                                  
 
                                                                                                                  
 
-
                                                                                                                  
+
+
+
                                                                                                                  Table 5 Supported plugins
                                                                                                                  Plugins
                                                                                                                  
+
                                                                                                                  
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                                                                                  Table 5 Supported plugins
                                                                                                                  Plugins
                                                                                                                  
 
                                                                                                                  Function
                                                                                                                  
+
                                                                                                                  Function
                                                                                                                  
 
                                                                                                                  Description
                                                                                                                  
+
                                                                                                                  Description
                                                                                                                  
 
                                                                                                                  Demonstration
                                                                                                                  
+
                                                                                                                  Demonstration
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  
 
                                                                                                                  binpack
                                                                                                                  
+
                                                                                                                  binpack
                                                                                                                  
 
                                                                                                                  Schedule pods to nodes with high resource usage (not allocating pods to light-loaded nodes) to reduce resource fragments.
                                                                                                                  
+
                                                                                                                  Schedule pods to nodes with high resource usage (not allocating pods to light-loaded nodes) to reduce resource fragments.
                                                                                                                  
 
                                                                                                                  arguments:
                                                                                                                  
+
                                                                                                                  arguments:
                                                                                                                  
 
                                                                                                                  • binpack.weight: weight of the binpack plugin.
                                                                                                                  • binpack.cpu: ratio of CPUs to all resources. The parameter value defaults to 1.
                                                                                                                  • binpack.memory: ratio of memory resources to all resources. The parameter value defaults to 1.
                                                                                                                  • binpack.resources: other custom resource types requested by the pod, for example, nvidia.com/gpu. Multiple types can be configured and be separated by commas (,).
                                                                                                                  • binpack.resources.<your_resource>: weight of your custom resource in all resources. Multiple types of resources can be added. <your_resource> indicates the resource type defined in binpack.resources, for example, binpack.resources.nvidia.com/gpu.
                                                                                                                  
 
                                                                                                                  - plugins:
+
                                                                                                                  - plugins:
   - name: binpack
     arguments:
       binpack.weight: 10
@@ -442,33 +442,33 @@ workload_balancer_third_party_types: ''
                                                                                                                  
       binpack.resources.example.com/foo: 3
                                                                                                                   		
 
                                                                                                                  conformance
                                                                                                                  
+
                                                                                                                  conformance
                                                                                                                  
 
                                                                                                                  Prevent key pods, such as the pods in the kube-system namespace from being preempted.
                                                                                                                  
+
                                                                                                                  Prevent key pods, such as the pods in the kube-system namespace from being preempted.
                                                                                                                  
 
                                                                                                                  None
                                                                                                                  
+
                                                                                                                  None
                                                                                                                  
 
                                                                                                                  - plugins:
+
                                                                                                                  - plugins:
   - name: 'priority'
   - name: 'gang'
     enablePreemptable: false
   - name: 'conformance'
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  lifecycle
                                                                                                                  
+
                                                                                                                  lifecycle
                                                                                                                  
 
                                                                                                                  By collecting statistics on service scaling rules, pods with similar lifecycles are preferentially scheduled to the same node. With the horizontal scaling capability of the Autoscaler, resources can be quickly scaled in and released, reducing costs and improving resource utilization.
                                                                                                                  
+
                                                                                                                  By collecting statistics on service scaling rules, pods with similar lifecycles are preferentially scheduled to the same node. With the horizontal scaling capability of the Autoscaler, resources can be quickly scaled in and released, reducing costs and improving resource utilization.
                                                                                                                  
 
                                                                                                                  1. Collects statistics on the lifecycle of pods in the service load and schedules pods with similar lifecycles to the same node.
                                                                                                                  
 
                                                                                                                  2. For a cluster configured with an automatic scaling policy, adjust the scale-in annotation of the node to preferentially scale in the node with low usage.
                                                                                                                  
 
                                                                                                                  arguments:
                                                                                                                  • lifecycle.WindowSize: The value is an integer greater than or equal to 1 and defaults to 10.
                                                                                                                    Record the number of times that the number of replicas changes. If the load changes regularly and periodically, decrease the value. If the load changes irregularly and the number of replicas changes frequently, increase the value. If the value is too large, the learning period is prolonged and too many events are recorded.
                                                                                                                    
+
                                                                                                                  arguments:
                                                                                                                  • lifecycle.WindowSize: The value is an integer greater than or equal to 1 and defaults to 10.
                                                                                                                    Record the number of times that the number of replicas changes. If the load changes regularly and periodically, decrease the value. If the load changes irregularly and the number of replicas changes frequently, increase the value. If the value is too large, the learning period is prolonged and too many events are recorded.
                                                                                                                    
 
                                                                                                                  • lifecycle.MaxGrade: The value is an integer greater than or equal to 3 and defaults to 3.
                                                                                                                    It indicates levels of replicas. For example, if the value is set to 3, the replicas are classified into three levels. If the load changes regularly and periodically, decrease the value. If the load changes irregularly, increase the value. Setting an excessively small value may result in inaccurate lifecycle forecasts.
                                                                                                                    
 
                                                                                                                  • lifecycle.MaxScore: float64 floating point number. The value must be greater than or equal to 50.0. The default value is 200.0.
                                                                                                                    Maximum score (equivalent to the weight) of the lifecycle plugin.
                                                                                                                    
 
                                                                                                                  • lifecycle.SaturatedTresh: float64 floating point number. If the value is less than 0.5, use 0.5. If the value is greater than 1, use 1. The default value is 0.8.
                                                                                                                    Threshold for determining whether the node usage is too high. If the node usage exceeds the threshold, the scheduler preferentially schedules jobs to other nodes.
                                                                                                                    
 
                                                                                                                  
 
                                                                                                                  
 
                                                                                                                  - plugins:
+
                                                                                                                  - plugins:
   - name: priority
   - name: gang
     enablePreemptable: false
@@ -483,19 +483,19 @@ workload_balancer_third_party_types: ''
                                                                                                                  
 
                                                                                                                   		
 
                                                                                                                  Gang
                                                                                                                  
+
                                                                                                                  Gang
                                                                                                                  
 
                                                                                                                  Consider a group of pods as a whole for resource allocation. This plugin checks whether the number of scheduled pods in a job meets the minimum requirements for running the job. If yes, all pods in the job will be scheduled. If no, the pods will not be scheduled.
                                                                                                                  
+
                                                                                                                  Consider a group of pods as a whole for resource allocation. This plugin checks whether the number of scheduled pods in a job meets the minimum requirements for running the job. If yes, all pods in the job will be scheduled. If no, the pods will not be scheduled.
                                                                                                                  
 
                                                                                                                   NOTE: 
                                                                                                                  If a gang scheduling policy is used, if the remaining resources in the cluster are greater than or equal to half of the minimum number of resources for running a job but less than the minimum of resources for running the job, Autoscaler scale-outs will not be triggered.
                                                                                                                  
 
                                                                                                                  
 
                                                                                                                  • enablePreemptable:
                                                                                                                    • true: Preemption enabled
                                                                                                                    • false: Preemption not enabled
                                                                                                                    
+
                                                                                                                  • enablePreemptable:
                                                                                                                    • true: Preemption enabled
                                                                                                                    • false: Preemption not enabled
                                                                                                                    
 
                                                                                                                  • enableJobStarving:
                                                                                                                    • true: Resources are preempted based on the minAvailable setting of jobs.
                                                                                                                    • false: Resources are preempted based on job replicas.
                                                                                                                    
 
                                                                                                                     NOTE: 
                                                                                                                    • The default value of minAvailable for Kubernetes-native workloads (such as Deployments) is 1. It is a good practice to set enableJobStarving to false.
                                                                                                                    • In AI and big data scenarios, you can specify the minAvailable value when creating a vcjob. It is a good practice to set enableJobStarving to true.
                                                                                                                    • In Volcano versions earlier than v1.11.5, enableJobStarving is set to true by default. In Volcano versions later than v1.11.5, enableJobStarving is set to false by default.
                                                                                                                    
 
                                                                                                                    
 
                                                                                                                  
 
                                                                                                                  - plugins:
+
                                                                                                                  - plugins:
   - name: priority
   - name: gang
     enablePreemptable: false
@@ -503,66 +503,66 @@ workload_balancer_third_party_types: ''
                                                                                                                  
   - name: conformance
                                                                                                                   		
 
                                                                                                                  priority
                                                                                                                  
+
                                                                                                                  priority
                                                                                                                  
 
                                                                                                                  Schedule based on custom load priorities.
                                                                                                                  
+
                                                                                                                  Schedule based on custom load priorities.
                                                                                                                  
 
                                                                                                                  None
                                                                                                                  
+
                                                                                                                  None
                                                                                                                  
 
                                                                                                                  - plugins:
+
                                                                                                                  - plugins:
   - name: priority
   - name: gang
     enablePreemptable: false
   - name: conformance
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  overcommit
                                                                                                                  
+
                                                                                                                  overcommit
                                                                                                                  
 
                                                                                                                  Resources in a cluster are scheduled after being accumulated in a certain multiple to improve the workload enqueuing efficiency. If all workloads are Deployments, remove this plugin or set the raising factor to 2.0.
                                                                                                                  
+
                                                                                                                  Resources in a cluster are scheduled after being accumulated in a certain multiple to improve the workload enqueuing efficiency. If all workloads are Deployments, remove this plugin or set the raising factor to 2.0.
                                                                                                                  
 
                                                                                                                   NOTE: 
                                                                                                                  This plugin is supported in Volcano 1.6.5 and later versions.
                                                                                                                  
 
                                                                                                                  
 
                                                                                                                  arguments:
                                                                                                                  
+
                                                                                                                  arguments:
                                                                                                                  
 
                                                                                                                  • overcommit-factor: inflation factor, which defaults to 1.2.
                                                                                                                  
 
                                                                                                                  - plugins:
+
                                                                                                                  - plugins:
   - name: overcommit
     arguments:
       overcommit-factor: 2.0
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  drf
                                                                                                                  
+
                                                                                                                  drf
                                                                                                                  
 
                                                                                                                  The Dominant Resource Fairness (DRF) scheduling algorithm, which schedules jobs based on their dominant resource share. Jobs with a smaller resource share will be scheduled with a higher priority.
                                                                                                                  
+
                                                                                                                  The Dominant Resource Fairness (DRF) scheduling algorithm, which schedules jobs based on their dominant resource share. Jobs with a smaller resource share will be scheduled with a higher priority.
                                                                                                                  
 
                                                                                                                  None
                                                                                                                  
+
                                                                                                                  None
                                                                                                                  
 
                                                                                                                  - plugins:
+
                                                                                                                  - plugins:
   - name: 'drf'
   - name: 'predicates'
   - name: 'nodeorder'
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  predicates
                                                                                                                  
+
                                                                                                                  predicates
                                                                                                                  
 
                                                                                                                  Determine whether a task is bound to a node by using a series of evaluation algorithms, such as node/pod affinity, taint tolerance, node repetition, volume limits, and volume zone matching.
                                                                                                                  
+
                                                                                                                  Determine whether a task is bound to a node by using a series of evaluation algorithms, such as node/pod affinity, taint tolerance, node repetition, volume limits, and volume zone matching.
                                                                                                                  
 
                                                                                                                  None
                                                                                                                  
+
                                                                                                                  None
                                                                                                                  
 
                                                                                                                  - plugins:
+
                                                                                                                  - plugins:
   - name: 'drf'
   - name: 'predicates'
   - name: 'nodeorder'
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  nodeorder
                                                                                                                  
+
                                                                                                                  nodeorder
                                                                                                                  
 
                                                                                                                  A common algorithm for selecting nodes. Nodes are scored in simulated resource allocation to find the most suitable node for the current job.
                                                                                                                  
+
                                                                                                                  A common algorithm for selecting nodes. Nodes are scored in simulated resource allocation to find the most suitable node for the current job.
                                                                                                                  
 
                                                                                                                  Scoring parameters:
                                                                                                                  
+
                                                                                                                  Scoring parameters:
                                                                                                                  
 
                                                                                                                  • nodeaffinity.weight: Pods are scheduled based on node affinity. This parameter defaults to 2.
                                                                                                                  • podaffinity.weight: Pods are scheduled based on pod affinity. This parameter defaults to 2.
                                                                                                                  • leastrequested.weight: Pods are scheduled to the node with the least requested resources. This parameter defaults to 1.
                                                                                                                  • balancedresource.weight: Pods are scheduled to the node with balanced resource allocation. This parameter defaults to 1.
                                                                                                                  • mostrequested.weight: Pods are scheduled to the node with the most requested resources. This parameter defaults to 0.
                                                                                                                  • tainttoleration.weight: Pods are scheduled to the node with a high taint tolerance. This parameter defaults to 3.
                                                                                                                  • imagelocality.weight: Pods are scheduled to the node where the required images exist. This parameter defaults to 1.
                                                                                                                  • podtopologyspread.weight: Pods are scheduled based on the pod topology. This parameter defaults to 2.
                                                                                                                  
 
                                                                                                                  - plugins:
+
                                                                                                                  - plugins:
   - name: nodeorder
     arguments:
       leastrequested.weight: 1
@@ -575,50 +575,50 @@ workload_balancer_third_party_types: ''
                                                                                                                  
       podtopologyspread.weight: 2
                                                                                                                   		
 
                                                                                                                  cce-gpu-topology-predicate
                                                                                                                  
+
                                                                                                                  cce-gpu-topology-predicate
                                                                                                                  
 
                                                                                                                  GPU-topology scheduling preselection algorithm
                                                                                                                  
+
                                                                                                                  GPU-topology scheduling preselection algorithm
                                                                                                                  
 
                                                                                                                  None
                                                                                                                  
+
                                                                                                                  None
                                                                                                                  
 
                                                                                                                  - plugins:
+
                                                                                                                  - plugins:
   - name: 'cce-gpu-topology-predicate'
   - name: 'cce-gpu-topology-priority'
   - name: 'xgpu'
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  cce-gpu-topology-priority
                                                                                                                  
+
                                                                                                                  cce-gpu-topology-priority
                                                                                                                  
 
                                                                                                                  GPU-topology scheduling priority algorithm
                                                                                                                  
+
                                                                                                                  GPU-topology scheduling priority algorithm
                                                                                                                  
 
                                                                                                                  None
                                                                                                                  
+
                                                                                                                  None
                                                                                                                  
 
                                                                                                                  - plugins:
+
                                                                                                                  - plugins:
   - name: 'cce-gpu-topology-predicate'
   - name: 'cce-gpu-topology-priority'
   - name: 'xgpu'
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  cce-gpu
                                                                                                                  
+
                                                                                                                  cce-gpu
                                                                                                                  
 
                                                                                                                  GPU resource allocation that supports decimal GPU configurations by working with the CCE AI Suite (NVIDIA GPU) add-on.
                                                                                                                  
+
                                                                                                                  GPU resource allocation that supports decimal GPU configurations by working with the CCE AI Suite (NVIDIA GPU) add-on.
                                                                                                                  
 
                                                                                                                  None
                                                                                                                  
+
                                                                                                                  None
                                                                                                                  
 
                                                                                                                  - plugins:
+
                                                                                                                  - plugins:
   - name: 'cce-gpu-topology-predicate'
   - name: 'cce-gpu-topology-priority'
   - name: 'cce-gpu'
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  numa-aware
                                                                                                                  
+
                                                                                                                  numa-aware
                                                                                                                  
 
                                                                                                                  NUMA affinity scheduling. For details, see NUMA Affinity Scheduling.
                                                                                                                  
+
                                                                                                                  NUMA affinity scheduling. For details, see NUMA Affinity Scheduling.
                                                                                                                  
 
                                                                                                                  arguments:
                                                                                                                  
+
                                                                                                                  arguments:
                                                                                                                  
 
                                                                                                                  • weight: weight of the numa-aware plugin
                                                                                                                  
 
                                                                                                                  - plugins:
+
                                                                                                                  - plugins:
   - name: 'nodelocalvolume'
   - name: 'nodeemptydirvolume'
   - name: 'nodeCSIscheduling'
@@ -630,14 +630,14 @@ workload_balancer_third_party_types: ''
                                                                                                                  
       weight: 10
                                                                                                                   		
 
                                                                                                                  networkresource
                                                                                                                  
+
                                                                                                                  networkresource
                                                                                                                  
 
                                                                                                                  The ENI requirement node can be preselected and filtered. The parameters are transferred by CCE and do not need to be manually configured.
                                                                                                                  
+
                                                                                                                  Filter out nodes that require elastic network interfaces. The parameters are transferred by CCE and do not need to be manually configured.
                                                                                                                  
 
                                                                                                                  arguments:
                                                                                                                  
+
                                                                                                                  arguments:
                                                                                                                  
 
                                                                                                                  • NetworkType: network type (eni or vpc-router)
                                                                                                                  
 
                                                                                                                  - plugins:
+
                                                                                                                  - plugins:
   - name: 'nodelocalvolume'
   - name: 'nodeemptydirvolume'
   - name: 'nodeCSIscheduling'
@@ -646,39 +646,39 @@ workload_balancer_third_party_types: ''
                                                                                                                  
       NetworkType: vpc-router
                                                                                                                   		
 
                                                                                                                  nodelocalvolume
                                                                                                                  
+
                                                                                                                  nodelocalvolume
                                                                                                                  
 
                                                                                                                  Filter out nodes that do not meet local volume requirements.
                                                                                                                  
+
                                                                                                                  Filter out nodes that do not meet local volume requirements.
                                                                                                                  
 
                                                                                                                  None
                                                                                                                  
+
                                                                                                                  None
                                                                                                                  
 
                                                                                                                  - plugins:
+
                                                                                                                  - plugins:
   - name: 'nodelocalvolume'
   - name: 'nodeemptydirvolume'
   - name: 'nodeCSIscheduling'
   - name: 'networkresource'
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  nodeemptydirvolume
                                                                                                                  
+
                                                                                                                  nodeemptydirvolume
                                                                                                                  
 
                                                                                                                  Filter out nodes that do not meet the emptyDir requirements.
                                                                                                                  
+
                                                                                                                  Filter out nodes that do not meet the emptyDir requirements.
                                                                                                                  
 
                                                                                                                  None
                                                                                                                  
+
                                                                                                                  None
                                                                                                                  
 
                                                                                                                  - plugins:
+
                                                                                                                  - plugins:
   - name: 'nodelocalvolume'
   - name: 'nodeemptydirvolume'
   - name: 'nodeCSIscheduling'
   - name: 'networkresource'
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  nodeCSIscheduling
                                                                                                                  
+
                                                                                                                  nodeCSIscheduling
                                                                                                                  
 
                                                                                                                  Filter out nodes with malfunctional Everest.
                                                                                                                  
+
                                                                                                                  Filter out nodes with malfunctional Everest.
                                                                                                                  
 
                                                                                                                  None
                                                                                                                  
+
                                                                                                                  None
                                                                                                                  
 
                                                                                                                  - plugins:
+
                                                                                                                  - plugins:
   - name: 'nodelocalvolume'
   - name: 'nodeemptydirvolume'
   - name: 'nodeCSIscheduling'
@@ -765,7 +765,7 @@ workload_balancer_third_party_types: ''
                                                                                                                  
 
                                                                                                                  This section describes how to configure volcano-scheduler.
                                                                                                                  
 
                                                                                                                   
                                                                                                                  Only Volcano of v1.7.1 and later support this function. 
                                                                                                                  
 
                                                                                                                  
-
                                                                                                                  Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Settings and click the Scheduling tab. In the Select Cluster Scheduler area, select Volcano scheduler, find the expert mode, and click Try Now.
                                                                                                                  
+
                                                                                                                  Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Settings and click the Scheduling tab. In the Select Cluster Scheduler area, find the expert mode and click Try Now.
                                                                                                                  
 
                                                                                                                  
 
                                                                                                                  
 
                                                                                                                  • Using resource_exporter:
                                                                                                                    ...
@@ -1023,10 +1023,10 @@ workload_balancer_third_party_types: ''
                                                                                                                    
 
                                                                                                                  
 
                                                                                                                  
 
-
                                                                                                                  Change History
                                                                                                                   
                                                                                                                  It is a good practice to upgrade Volcano to the latest version that is supported by the cluster.
                                                                                                                  
+
                                                                                                                  Release History
                                                                                                                   
                                                                                                                  It is a good practice to upgrade Volcano to the latest version that is supported by the cluster.
                                                                                                                  
 
                                                                                                                  
 
-
                                                                                                                  
-
-
-
-
-
                                                                                                                  Table 9 Release history
                                                                                                                  Add-on Version
                                                                                                                  
+
                                                                                                                  
@@ -1034,7 +1034,19 @@ workload_balancer_third_party_types: ''
-
+
+
+
+
-
-
-
-
@@ -255,19 +255,19 @@ spec:
 
                                                                                                                  Table 9 Volcano Scheduler add-on
                                                                                                                  Add-on Version
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  Supported Cluster Version
                                                                                                                  
                                                                                                                   		
 
 
                                                                                                                  
 
                                                                                                                  1.16.17
                                                                                                                  
+
                                                                                                                  1.18.3
                                                                                                                  
+
                                                                                                                  v1.27
                                                                                                                  
+
                                                                                                                  v1.28
                                                                                                                  
+
                                                                                                                  v1.29
                                                                                                                  
+
                                                                                                                  v1.30
                                                                                                                  
+
                                                                                                                  v1.31
                                                                                                                  
+
                                                                                                                  v1.32
                                                                                                                  
+
                                                                                                                  • Supported multi-xGPU preemption.
                                                                                                                  
+
                                                                                                                  1.16.17
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  v1.25
                                                                                                                  
 
                                                                                                                  v1.27
                                                                                                                  
@@ -1067,7 +1079,7 @@ workload_balancer_third_party_types: ''
 
                                                                                                                  v1.28
                                                                                                                  
 
                                                                                                                  v1.29
                                                                                                                  
 
                                                                                                                  • Supported scale-in of customized resources based on node priorities.
                                                                                                                  • Optimized the association between preemption and node scale-out.
                                                                                                                  
+
                                                                                                                  • Supported scale-in of custom resources based on node priorities.
                                                                                                                  • Optimized the association between preemption and node scale-out.
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  
 
                                                                                                                  1.12.1
                                                                                                                  
@@ -1091,7 +1103,7 @@ workload_balancer_third_party_types: ''
 
                                                                                                                  v1.27
                                                                                                                  
 
                                                                                                                  v1.28
                                                                                                                  
 
                                                                                                                  • Supported Kubernetes v1.28.
                                                                                                                  • Supported load-aware scheduling.
                                                                                                                  • The image OS is updated to HCE OS 2.0.
                                                                                                                  • Optimized CSI resource preemption.
                                                                                                                  • Optimized load-aware rescheduling.
                                                                                                                  • Optimized preemption in hybrid deployment scenarios.
                                                                                                                  
+
                                                                                                                  • Supported Kubernetes v1.28.
                                                                                                                  • Supported load-aware scheduling.
                                                                                                                  • Changed the image OS to HCE OS 2.0.
                                                                                                                  • Optimized CSI resource preemption.
                                                                                                                  • Optimized load-aware rescheduling.
                                                                                                                  • Optimized preemption in hybrid deployment scenarios.
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  
 
                                                                                                                  1.11.6
                                                                                                                  
@@ -1102,7 +1114,7 @@ workload_balancer_third_party_types: ''
 
                                                                                                                  v1.25
                                                                                                                  
 
                                                                                                                  v1.27
                                                                                                                  
 
                                                                                                                  • Supported Kubernetes v1.27.
                                                                                                                  • Supported rescheduling.
                                                                                                                  • Supported affinity scheduling of nodes in the node pool.
                                                                                                                  • Optimized the scheduling performance.
                                                                                                                  
+
                                                                                                                  • Supported Kubernetes v1.27.
                                                                                                                  • Supported rescheduling.
                                                                                                                  • Supported affinity scheduling of nodes in node pools.
                                                                                                                  • Optimized the scheduling performance.
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  
 
                                                                                                                  1.9.1
                                                                                                                  
@@ -1112,7 +1124,7 @@ workload_balancer_third_party_types: ''
 
                                                                                                                  v1.23
                                                                                                                  
 
                                                                                                                  v1.25
                                                                                                                  
 
                                                                                                                  • Fixed the issue that the counting pipeline pod of the networkresource add-on occupies supplementary network interfaces.
                                                                                                                  • Fixed the issue where the binpack add-on scores nodes with insufficient resources.
                                                                                                                  • Fixed the issue of processing resources in the pod with unknown end status.
                                                                                                                  • Optimized event output.
                                                                                                                  • Supported HA deployment by default.
                                                                                                                  
+
                                                                                                                  • Fixed the issue that the counting pipeline pod of the networkresource plugin occupies supplementary network interfaces.
                                                                                                                  • Fixed the issue where the binpack plugin scores nodes with insufficient resources.
                                                                                                                  • Fixed the issue of processing resources in the pod with unknown end status.
                                                                                                                  • Optimized event output.
                                                                                                                  • Supported HA deployment by default.
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  
 
                                                                                                                  1.7.1
                                                                                                                  
diff --git a/docs/cce/umn/cce_10_0196.html b/docs/cce/umn/cce_10_0196.html
index af99bdbfc..343afaa4a 100644
--- a/docs/cce/umn/cce_10_0196.html
+++ b/docs/cce/umn/cce_10_0196.html
@@ -2,7 +2,7 @@
 
 
                                                                                                                  Binding a Subnet and Security Group to a Namespace or Workload Using a Container Network Configuration
                                                                                                                  
 
                                                                                                                  Scenario
                                                                                                                  In a CCE Turbo cluster, you can configure subnets and security groups for containers by namespace or workload using NetworkAttachmentDefinition CRDs. To configure a particular container subnet and security group for a specified namespace or workload, create a container network configuration (NetworkAttachmentDefinition) and associate it with the target namespace or workload. In this way, service subnets can be planned or services can be securely isolated.
                                                                                                                  
-
                                                                                                                  Figure 1 Custom container network settings
                                                                                                                  
+
                                                                                                                  Figure 1 Custom container network settings
                                                                                                                  
 
                                                                                                                  The following table lists the resources that a container network configuration can be associated with.
 
                                                                                                                  
@@ -39,20 +39,20 @@
 
                                                                                                                  Table 1 Associated resources
                                                                                                                  Category
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  
 
                                                                                                                  
-
                                                                                                                   
                                                                                                                  • The priorities (in descending order) of the container network configurations used by a pod are as follows: Container network configuration directly associated with the pod > Container network configuration associated with the pod namespace > Default container network configuration of the cluster (default-network)
                                                                                                                  • If default-network is available in a cluster, it takes effect on all pods where no custom container network configuration has been configured. The default container subnet in the network settings on the Overview page is the container subnet in default-network. default-network cannot be deleted.
                                                                                                                  • If there is only one container network configuration in a cluster, it is the default container network configuration. If there are multiple container network configurations in a cluster, the one with annotation yangtse.io/default-network: true is the default container network configuration. If there is no default container network configuration in a cluster, the pod that is not associated with any container network configuration fails to be start after being created because no NIC can be allocated for the pod.
                                                                                                                  
+
                                                                                                                   
                                                                                                                  • The priorities (in descending order) of the container network configurations used by a pod are as follows: Container network configuration directly associated with the pod > Container network configuration associated with the pod namespace > Default container network configuration of the cluster (default-network)
                                                                                                                  • If default-network is available in a cluster, it takes effect on all pods where no custom container network configuration has been configured. The default container subnet in the network settings on the Overview page is the container subnet in default-network. default-network cannot be deleted.
                                                                                                                  • If there is only one container network configuration in a cluster, it is the default container network configuration. If there are multiple container network configurations in a cluster, the one with annotation yangtse.io/default-network: true is the default container network configuration. If there is no default container network configuration in a cluster, the pod that is not associated with any container network configuration fails to be start after being created because no network interface can be allocated for the pod.
                                                                                                                  
 
                                                                                                                  
 
                                                                                                                  
 
                                                                                                                  
-
                                                                                                                  Notes and Constraints
                                                                                                                  • Only the default container network configuration supports dynamic pre-binding of container NICs. When the quota of node NICs is used up, the pod that uses the custom container network configuration attempts to unbind the pre-bound NIC of the default container network configuration, leading to slower pod startup. Therefore, if you need to frequently use the custom container network configuration, disable dynamic pre-binding of global container NICs in the target cluster. If you require high-speed pod elasticity using the default container network configuration, properly plan dynamic pre-binding of container NICs in the target node pool based on scheduling.
                                                                                                                  • If a workload with a fixed IP address needs to be associated with a new container network configuration, the fixed IP address will be invalid when pods are rebuilt. In this case, delete the workload, release the fixed IP address, and create a workload again.
                                                                                                                  • Before deleting a custom container network configuration, delete the pods (with the cni.yangtse.io/network-status annotation) created using the configuration in the target namespace. For details, see Deleting a Container Network Configuration.
                                                                                                                  
+
                                                                                                                  Notes and Constraints
                                                                                                                  • Only the default container network configuration supports dynamic pre-binding of container network interfaces. When the quota of node network interfaces is used up, the pod that uses the custom container network configuration attempts to unbind the pre-bound network interface of the default container network configuration, leading to slower pod startup. Therefore, if you need to frequently use the custom container network configuration, disable dynamic pre-binding of global container network interfaces in the target cluster. If you require high-speed pod elasticity using the default container network configuration, properly plan dynamic pre-binding of container network interfaces in the target node pool based on scheduling.
                                                                                                                  • If a workload with a fixed IP address needs to be associated with a new container network configuration, the fixed IP address will be invalid when pods are rebuilt. In this case, delete the workload, release the fixed IP address, and create a workload again.
                                                                                                                  • Before deleting a custom container network configuration, delete the pods (with the cni.yangtse.io/network-status annotation) created using the configuration in the target namespace. For details, see Deleting a Container Network Configuration.
                                                                                                                  • When you add a new subnet to the default network, a security group rule is automatically added to the node security group in the inbound direction, allowing the CIDR block of that subnet. To avoid any issues, make sure that the node security group can handle more security group rules than the number of new subnets you plan to add. 
                                                                                                                  • When a subnet is added to a container network configuration, the VPC API /v2.0/subnets is called twice. The first call checks if the subnet is available, while the second call retrieves subnet information for persistence by the control plane components. Do not add more than 20 subnets at a time. Otherwise, the traffic control will be triggered for the VPC API.
                                                                                                                  
 
                                                                                                                  
-
                                                                                                                  Operations on the Console for the Namespace Type
                                                                                                                  1. Log in to the CCE console.
                                                                                                                  2. Click the cluster name to access the cluster console. Choose Settings in the navigation pane. In the right pane, click the Network tab.
                                                                                                                  3. Locate the Container Network area and click Add. In the Create Network Configurations dialog box, configure parameters such as the pod subnet and security group.
                                                                                                                    • Name: Enter a name that contains a maximum of 63 characters. Do not use default-network, default, mgnt0, or mgnt1.
                                                                                                                    • Associated Resource Type: resource type associated with the custom container network configuration. For details, see Table 1. To create a container network configuration of the namespace type, select Namespace.
                                                                                                                    • Namespace: Select the namespace to be associated. The namespaces associated with different container network configurations must be unique. If no namespace is available, click Create Namespace to create one.
                                                                                                                    • Pod Subnet: Select a subnet. If no subnet is available, click Create Subnet to create one. After the subnet is created, click the refresh button. 
                                                                                                                    • Associate Security Group: The default value is the container ENI security group. You can also click Create Security Group to create one. After the security group is created, click the refresh button. A maximum of five security groups can be selected.
                                                                                                                    
+
                                                                                                                    Operations on the Console for the Namespace Type
                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                    2. Choose Settings in the navigation pane and click the Network tab.
                                                                                                                    3. Locate the Container Network area and click Add. In the Create Network Configurations dialog box, configure parameters such as the pod subnet and security group.
                                                                                                                      • Name: Enter a name that contains a maximum of 63 characters. Do not use default-network, default, mgnt0, or mgnt1.
                                                                                                                      • Associated Resource Type: resource type associated with the custom container network configuration. For details, see Table 1. To create a container network configuration of the namespace type, select Namespace.
                                                                                                                      • Namespace: Select the namespace to be associated. The namespaces associated with different container network configurations must be unique. If no namespace is available, click Create Namespace to create one.
                                                                                                                      • Pod Subnet: Select a subnet. If no subnet is available, click Create Subnet to create one. After the subnet is created, click the refresh button. A maximum of 20 subnets can be selected for clusters of a version earlier than v1.23.18-r10, v1.25.16-r0, v1.27.16-r0, v1.28.13-r0, v1.29.8-r0, or v1.30.4-r0. A maximum of 100 subnets can be selected for clusters of v1.23.18-r10, v1.25.16-r0, v1.27.16-r0, v1.28.13-r0, v1.29.8-r0, v1.30.4-r0, or later.
                                                                                                                      • Associate Security Group: The default value is the container ENI security group. You can also click Create Security Group to create one. After the security group is created, click the refresh button. A maximum of five security groups can be selected.
                                                                                                                      
 
                                                                                                                      
 
                                                                                                                    4. Click OK. After the creation, you will be redirected to the custom container network configuration list, where the new container network configuration is included.
                                                                                                                      
 
                                                                                                                    
 
                                                                                                                    
 
                                                                                                                    Operations Using kubectl for the Namespace Type
                                                                                                                    This section describes how to use kubectl to create a container network configuration of the namespace type.
                                                                                                                    
 
                                                                                                                    1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                    2. Modify the networkattachment-test.yaml file.
                                                                                                                      vi networkattachment-test.yaml
                                                                                                                      
-
                                                                                                                      Example file content:
                                                                                                                      
+
                                                                                                                      The file content is as follows:
                                                                                                                      
 
                                                                                                                      apiVersion: k8s.cni.cncf.io/v1
 kind: NetworkAttachmentDefinition
 metadata:
@@ -209,7 +209,7 @@ spec:
 
                                                                                                                  		
 
                                                                                                                  Security group ID. If no security group is planned, ensure that the security group is the same as that in default-network.
                                                                                                                  
 
                                                                                                                  How to obtain:
                                                                                                                  
-
                                                                                                                  Log in to the VPC console. In the navigation pane, choose Access Control > Security Groups. Click the target security group name and copy the ID on the Summary tab page.
                                                                                                                  
+
                                                                                                                  Log in to the VPC console. In the navigation pane, choose Access Control > Security Groups. Click the target security group name and copy the ID on the Summary tab page.
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  
 
                                                                                                                  subnets
                                                                                                                  
@@ -222,7 +222,7 @@ spec:
 
                                                                                                                  [{"subnetID":"27d95**"},{"subnetID":"827bb**"},{"subnetID":"bdd6b**"}]
                                                                                                                  
 
                                                                                                                  Subnet ID not used by the cluster in the same VPC.
                                                                                                                  
 
                                                                                                                  How to obtain:
                                                                                                                  
-
                                                                                                                  Log in to the VPC console. In the navigation pane, choose Virtual Private Cloud > Subnets. Click the target subnet name and copy the Subnet ID on the Summary tab page.
                                                                                                                  
+
                                                                                                                  Log in to the VPC console. In the navigation pane, choose Virtual Private Cloud > Subnets. Click the target subnet name and copy the Subnet ID on the Summary tab page.
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  
                                                                                                                   
 
                                                                                                                  
 
                                                                                                                  
-
                                                                                                                • Create the container network configuration.
                                                                                                                  kubectl create -f networkattachment-test.yaml
                                                                                                                  
+
                                                                                                                • Create a NetworkAttachmentDefinition.
                                                                                                                  kubectl create -f networkattachment-test.yaml
                                                                                                                  
 
                                                                                                                  If information similar to the following is displayed, the configuration has been created:
                                                                                                                  
 
                                                                                                                  networkattachmentdefinition.k8s.cni.cncf.io/example created
                                                                                                                  
 
                                                                                                                  • 
 
-
                                                                                                                  Operations on the Console for the Workload Type
                                                                                                                  1. Log in to the CCE console.
                                                                                                                  2. Click the cluster name to access the cluster console. Choose Settings in the navigation pane. In the right pane, click the Network tab.
                                                                                                                  3. Locate the Container Network area and click Add. In the Create Network Configurations dialog box, configure parameters such as the pod subnet and security group.
                                                                                                                    • Name: Enter a name that contains a maximum of 63 characters. Do not use default-network, default, mgnt0, or mgnt1.
                                                                                                                    • Associated Resource Type: resource type associated with the custom container network configuration. For details, see Table 1. To create a container network configuration of the workload type, select Workload.
                                                                                                                    • Pod Subnet: Select a subnet. If no subnet is available, click Create Subnet to create one. After the subnet is created, click the refresh button. 
                                                                                                                    • Associate Security Group: The default value is the container ENI security group. You can also click Create Security Group to create one. After the security group is created, click the refresh button. A maximum of five security groups can be selected.
                                                                                                                    
+
                                                                                                                    Operations on the Console for the Workload Type
                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                    2. Choose Settings in the navigation pane and click the Network tab.
                                                                                                                    3. Locate the Container Network area and click Add. In the Create Network Configurations dialog box, configure parameters such as the pod subnet and security group.
                                                                                                                      • Name: Enter a name that contains a maximum of 63 characters. Do not use default-network, default, mgnt0, or mgnt1.
                                                                                                                      • Associated Resource Type: resource type associated with the custom container network configuration. For details, see Table 1. To create a container network configuration of the workload type, select Workload.
                                                                                                                      • Pod Subnet: Select a subnet. If no subnet is available, click Create Subnet to create one. After the subnet is created, click the refresh button. A maximum of 20 subnets can be selected for clusters of a version earlier than v1.23.18-r10, v1.25.16-r0, v1.27.16-r0, v1.28.13-r0, v1.29.8-r0, or v1.30.4-r0. A maximum of 100 subnets can be selected for clusters of v1.23.18-r10, v1.25.16-r0, v1.27.16-r0, v1.28.13-r0, v1.29.8-r0, v1.30.4-r0, or later.
                                                                                                                      • Associate Security Group: The default value is the container ENI security group. You can also click Create Security Group to create one. After the security group is created, click the refresh button. A maximum of five security groups can be selected.
                                                                                                                      
 
                                                                                                                    4. Click OK. After the creation, you will be redirected to the custom container network configuration list, where the new container network configuration is included.
                                                                                                                    5. When creating a workload, you can select a custom container network configuration.
                                                                                                                      1. Choose Workloads in the navigation pane. In the right pane, click the Deployments tab.
                                                                                                                      2. Click Create Workload in the upper right corner of the page. In the Advanced Settings area, choose Network Configuration and determine whether to enable a specified container network configuration.
                                                                                                                      3. Select an existing container network configuration. If no configuration is available, click Add to create one.
                                                                                                                      4. After the configuration, click Create Workload.
                                                                                                                        Return to the Settings page. In the container network configuration list, the name of the resource associated with the created container network configuration is displayed.
                                                                                                                        
 
                                                                                                                      
 
                                                                                                                    
 
                                                                                                                    
 
                                                                                                                    Operations Using kubectl for the Workload Type
                                                                                                                    This section describes how to use kubectl to create a container network configuration of the workload type.
                                                                                                                    
 
                                                                                                                    1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                    2. Modify the networkattachment-test.yaml file.
                                                                                                                      vi networkattachment-test.yaml
                                                                                                                      
-
                                                                                                                      Example file content:
                                                                                                                      
+
                                                                                                                      The file content is as follows:
                                                                                                                      
 
                                                                                                                      apiVersion: k8s.cni.cncf.io/v1
 kind: NetworkAttachmentDefinition
 metadata:
@@ -305,7 +305,7 @@ spec:
 
 
                                                                                                                  String
                                                                                                                  
 
                                                                                                                  API version. The value is fixed at k8s.cni.cncf.io/v1.
                                                                                                                  
+
                                                                                                                  API version. The value is fixed at k8s.cni.cncf.io/v1.
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  
 
                                                                                                                  kind
                                                                                                                  
@@ -314,7 +314,7 @@ spec:
                                                                                                                   		
 
                                                                                                                  String
                                                                                                                  
 
                                                                                                                  Type of the object to be created. The value is fixed at NetworkAttachmentDefinition.
                                                                                                                  
+
                                                                                                                  Type of the object to be created. The value is fixed at NetworkAttachmentDefinition.
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  
 
                                                                                                                  yangtse.io/project-id
                                                                                                                  
@@ -341,7 +341,7 @@ spec:
                                                                                                                   		
 
                                                                                                                  String
                                                                                                                  
 
                                                                                                                  Namespace of the configuration resource. The value is fixed to kube-system.
                                                                                                                  
+
                                                                                                                  Namespace of the configuration resource. The value is fixed to kube-system.
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  
 
                                                                                                                  config
                                                                                                                  
@@ -373,7 +373,7 @@ spec:
                                                                                                                   		
 
                                                                                                                  String
                                                                                                                  
 
                                                                                                                  The value is fixed at eni-neutron.
                                                                                                                  
+
                                                                                                                  The value is fixed at eni-neutron.
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  
 
                                                                                                                  args
                                                                                                                  
@@ -406,9 +406,9 @@ spec:
                                                                                                                   		
 
                                                                                                                  String
                                                                                                                  
 
                                                                                                                  Security group ID. If no security group is planned, ensure that the security group is the same as that in default-network.
                                                                                                                  
+
                                                                                                                  Security group ID. If no security group is planned, ensure that the security group is the same as that in default-network.
                                                                                                                  
 
                                                                                                                  How to obtain:
                                                                                                                  
-
                                                                                                                  Log in to the VPC console. In the navigation pane, choose Access Control > Security Groups. Click the target security group name and copy the ID on the Summary tab page.
                                                                                                                  
+
                                                                                                                  Log in to the VPC console. In the navigation pane, choose Access Control > Security Groups. Click the target security group name and copy the ID on the Summary tab page.
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  
 
                                                                                                                  subnets
                                                                                                                  
@@ -421,14 +421,14 @@ spec:
 
                                                                                                                  [{"subnetID":"27d95**"},{"subnetID":"827bb**"},{"subnetID":"bdd6b**"}]
                                                                                                                  
 
                                                                                                                  Subnet ID not used by the cluster in the same VPC.
                                                                                                                  
 
                                                                                                                  How to obtain:
                                                                                                                  
-
                                                                                                                  Log in to the VPC console. In the navigation pane, choose Virtual Private Cloud > Subnets. Click the target subnet name and copy the Subnet ID on the Summary tab page.
                                                                                                                  
+
                                                                                                                  Log in to the VPC console. In the navigation pane, choose Virtual Private Cloud > Subnets. Click the target subnet name and copy the Subnet ID on the Summary tab page.
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  
 
 
                                                                                                                  
 
                                                                                                                  
 
                                                                                                                • Create a NetworkAttachmentDefinition.
                                                                                                                  kubectl create -f networkattachment-test.yaml
                                                                                                                  
-
                                                                                                                  If information similar to the following is displayed, the configuration has been created.
                                                                                                                  
+
                                                                                                                  If information similar to the following is displayed, the configuration has been created:
                                                                                                                  
 
                                                                                                                  networkattachmentdefinition.k8s.cni.cncf.io/example created
                                                                                                                  
 
                                                                                                                • Create a Deployment workload and associate it with the newly created container network configuration.
                                                                                                                  apiVersion: apps/v1
 kind: Deployment
@@ -464,7 +464,7 @@ spec:
 
                                                                                                                  • 
 
                                                                                                                  Deleting a Container Network Configuration
                                                                                                                  You can delete the new container network configuration or view its YAML file.
                                                                                                                  
 
                                                                                                                   
                                                                                                                  Before deleting a container network configuration, delete all pods using the configuration. Otherwise, the deletion will fail.
                                                                                                                  
-
                                                                                                                  1. Run the following command to filter the pods that uses the configuration in the cluster (example is used as an example):
                                                                                                                    kubectl get pod -A -o=jsonpath="{range .items[?(@.metadata.annotations.cni\\.yangtse\\.io/network-status=='[{\"name\":\"example\"}]')]}{.metadata.namespace}{'\t'}{.metadata.name}{'\n'}{end}"
                                                                                                                    
+
                                                                                                                    1. Run the following command to filter the pods that use the configuration in the cluster (example is used as an example):
                                                                                                                      kubectl get pod -A -o=jsonpath="{range .items[?(@.metadata.annotations.cni\\.yangtse\\.io/network-status=='[{\"name\":\"example\"}]')]}{.metadata.namespace}{'\t'}{.metadata.name}{'\n'}{end}"
                                                                                                                      
 
                                                                                                                      The command output contains the pod name and namespace associated with the configuration.
                                                                                                                      
 
                                                                                                                    2. Delete the owner of the pod. The owner may be a Deployment, StatefulSet, DaemonSet, or Job.
                                                                                                                    
 
                                                                                                                  
@@ -472,7 +472,7 @@ spec:
 
                                                                                                                  
 
 
diff --git a/docs/cce/umn/cce_10_0197.html b/docs/cce/umn/cce_10_0197.html
index f342966f0..1c5efb029 100644
--- a/docs/cce/umn/cce_10_0197.html
+++ b/docs/cce/umn/cce_10_0197.html
@@ -67,6 +67,11 @@
 
                                                                                                                  v1.31
                                                                                                                  
                                                                                                                   		
 
                                                                                                                  v1.31
                                                                                                                  
+
                                                                                                                  v1.32
                                                                                                                  
+
                                                                                                                  
 
 
                                                                                                                  
 
                                                                                                                  
@@ -77,63 +82,62 @@
 
 
 
                                                                                                                  Cluster Upgrade Process
                                                                                                                  The cluster upgrade process involves pre-upgrade check, backup, upgrade, and post-upgrade verification.
                                                                                                                  
-
                                                                                                                  Figure 1 Process of upgrading a cluster
                                                                                                                  
-
                                                                                                                  
+
                                                                                                                  Figure 1 Process of upgrading a cluster
                                                                                                                  
 
                                                                                                                  After determining the target version of the cluster, read the precautions carefully and prevent function incompatibility during the upgrade.
                                                                                                                  
 
                                                                                                                  1. Pre-upgrade check
                                                                                                                    Before a cluster upgrade, CCE checks mandatory items such as the cluster status, add-ons, workload compatibility, and nodes to ensure that the cluster meets the upgrade requirements. For more details, see Pre-upgrade Check. If any check item is abnormal, rectify the fault as prompted on the console.
                                                                                                                    
 
                                                                                                                  2. Backup
                                                                                                                    You can use disk snapshots to back up master node data, including CCE component images, component configurations, and etcd data. Back up data before an upgrade. If unexpected cases occur during an upgrade, you can use the backup to quickly restore the cluster.
                                                                                                                    
 
-
                                                                                                                    Backup Type
                                                                                                                    
+
                                                                                                                    
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@@ -141,11 +145,11 @@
 
                                                                                                                    Backup Type
                                                                                                                    
 
                                                                                                                    Backup Object
                                                                                                                    
+
                                                                                                                    Backup Object
                                                                                                                    
 
                                                                                                                    Backup Mode
                                                                                                                    
+
                                                                                                                    Backup Mode
                                                                                                                    
 
                                                                                                                    Backup Duration
                                                                                                                    
+
                                                                                                                    Backup Duration
                                                                                                                    
 
                                                                                                                    Rollback Duration
                                                                                                                    
+
                                                                                                                    Rollback Duration
                                                                                                                    
 
                                                                                                                    Description
                                                                                                                    
+
                                                                                                                    Description
                                                                                                                    
                                                                                                                     		
 
                                                                                                                    
 
                                                                                                                    etcd data backup
                                                                                                                    
+
                                                                                                                    etcd data backup
                                                                                                                    
 
                                                                                                                    etcd data
                                                                                                                    
+
                                                                                                                    etcd data
                                                                                                                    
 
                                                                                                                    Automatic backup during an upgrade
                                                                                                                    
+
                                                                                                                    Automatic backup during an upgrade
                                                                                                                    
 
                                                                                                                    1-5 minutes
                                                                                                                    
+
                                                                                                                    1-5 minutes
                                                                                                                    
 
                                                                                                                    2 hours
                                                                                                                    
+
                                                                                                                    2 hours
                                                                                                                    
 
                                                                                                                    Mandatory. The data is automatically backed up during an upgrade.
                                                                                                                    
+
                                                                                                                    Mandatory. The data is automatically backed up during an upgrade.
                                                                                                                    
                                                                                                                     		
 
                                                                                                                    CBR cloud server backup
                                                                                                                    
+
                                                                                                                    CBR cloud server backup
                                                                                                                    
 
                                                                                                                    Master node disks, including component images, configurations, logs, and etcd data
                                                                                                                    
+
                                                                                                                    Master node disks, including component images, configurations, logs, and etcd data
                                                                                                                    
 
                                                                                                                    One-click backup on a web page (manually triggered)
                                                                                                                    
+
                                                                                                                    One-click backup on a web page (manually triggered)
                                                                                                                    
 
                                                                                                                    20 minutes to 2 hours (based on the cloud backup tasks in the current region)
                                                                                                                    
+
                                                                                                                    20 minutes to 2 hours (based on the cloud backup tasks in the current region)
                                                                                                                    
 
                                                                                                                    20 minutes
                                                                                                                    
+
                                                                                                                    20 minutes
                                                                                                                    
 
                                                                                                                    This function is gradually replaced by EVS snapshot backup.
                                                                                                                    
+
                                                                                                                    This function is gradually replaced by EVS snapshot backup.
                                                                                                                    
                                                                                                                     		
 
                                                                                                                    EVS snapshot backup
                                                                                                                    
+
                                                                                                                    EVS snapshot backup
                                                                                                                    
 
                                                                                                                    Master node disks, including component images, configurations, logs, and etcd data
                                                                                                                    
+
                                                                                                                    Master node disks, including component images, configurations, logs, and etcd data
                                                                                                                    
 
                                                                                                                    One-click backup on a web page (manually triggered)
                                                                                                                    
+
                                                                                                                    One-click backup on a web page (manually triggered)
                                                                                                                    
 
                                                                                                                    1-5 minutes
                                                                                                                    
+
                                                                                                                    1-5 minutes
                                                                                                                    
 
                                                                                                                    20 minutes
                                                                                                                    
+
                                                                                                                    20 minutes
                                                                                                                    
 
                                                                                                                    This function is coming soon.
                                                                                                                    
+
                                                                                                                    This function is coming soon.
                                                                                                                    
 
                                                                                                                    After this function is released, it will replace CBR cloud server backup.
                                                                                                                    
                                                                                                                     		
 
                                                                                                                    
 
                                                                                                                    
 
                                                                                                                  3. Configuration and upgrade
                                                                                                                    Configure parameters before an upgrade. CCE has provided default settings, which can be modified as needed. After the configuration, upgrade add-ons, master nodes, and worker nodes in sequence.
                                                                                                                    
-
                                                                                                                    • Add-on Upgrade Configuration: Add-ons that have been installed in your cluster are listed. During the cluster upgrade, CCE automatically upgrades the selected add-ons to be compatible with the target cluster version. You can click Set to re-define the add-on parameters.
                                                                                                                       
                                                                                                                      If an add-on is marked with  on its right side, the add-on cannot be compatible with both the source and target versions of the cluster upgrade. In this case, CCE will upgrade the add-on after the cluster upgrade. The add-on may be unavailable during the cluster upgrade.
                                                                                                                      
+
                                                                                                                      • Add-on Upgrade Configuration: Add-ons that have been installed in your cluster are listed. During the cluster upgrade, CCE automatically upgrades the selected add-ons to be compatible with the target cluster version. You can click Set to re-define the add-on parameters.
                                                                                                                         
                                                                                                                        If an add-on is marked with  on its right side, the add-on cannot be compatible with both the source and target versions of the cluster upgrade. In this case, CCE will upgrade the add-on after the cluster upgrade. The add-on may be unavailable during the cluster upgrade.
                                                                                                                        
 
                                                                                                                        
-
                                                                                                                      • Node Upgrade Configuration
                                                                                                                        • Max. Nodes for Batch Upgrade: You can configure the maximum number of nodes to be upgraded in a batch.
                                                                                                                          Node pools will be upgraded in sequence. Nodes in node pools will be upgraded in batches. One node is upgraded in the first batch, two nodes in the second batch, and the number of nodes to be upgraded in each subsequent batch increases by a power of 2 until the maximum number of nodes to be upgraded in each batch is reached. The next cluster is upgraded after the previous one is upgraded. By default, 20 nodes are upgraded in a batch, and the number can be increased to the maximum of 120.
                                                                                                                          
-
                                                                                                                        • Node Priority: You can customize node upgrade priorities. If the priorities are not specified, CCE will perform the upgrade based on the priorities generated by the default policy.
                                                                                                                          • Add Upgrade Priority: You can custom the priorities for upgrading node pools. If the priorities are not specified, CCE will preferentially upgrade the node pool with the least number of nodes based on the default policy.
                                                                                                                          • Add Node Priority: You can custom the priorities for upgrading nodes in a node pool. If the priorities are not specified, CCE will preferentially upgrade the node with lightest load (calculated based on the number of pods, resource request rate, and number of PVs) based on the default policy.
                                                                                                                          
-
                                                                                                                        • Scope of Node Upgrade Batches: By default, this parameter is set to a cluster, but it can be customized.
                                                                                                                          • If the scope is set to a cluster, the upgrade batch will remain unchanged throughout the entire upgrade process.
                                                                                                                          • If the scope is set to node pools, the upgrade batch will be reset for each node pool separately.
                                                                                                                          
+
                                                                                                                        • Node Upgrade Configuration
                                                                                                                          • Max. Nodes for Batch Upgrade: You can configure the maximum number of nodes to be upgraded in a batch.
                                                                                                                            Nodes are upgraded in batches. For example, if one node is upgraded in the first batch and four nodes in the second batch, the number of nodes to be upgraded in each subsequent batch will increase by a factor of four until it reaches the maximum allowed per batch. By default, 20 nodes are upgraded in a batch, and the number can be increased to the maximum of 120.
                                                                                                                            
+
                                                                                                                          • Node Priority: You can customize node upgrade priorities. If the priorities are not specified, CCE will perform the upgrade based on the priorities generated by the default policy.
                                                                                                                            • Add Upgrade Priority: You can define the priorities for upgrading node pools. If the priorities are not specified, CCE will preferentially upgrade the node pool with the least number of nodes based on the default policy.
                                                                                                                            • Add Node Priority: You can define the priorities for upgrading nodes in a node pool. If the priorities are not specified, CCE will preferentially upgrade the node with lightest load (calculated based on the number of pods, resource request rate, and number of PVs) based on the default policy.
                                                                                                                            
+
                                                                                                                          • Scope of Node Upgrade Batches: The node upgrade batch setting can be applied to the entire cluster or to individual node pools. You can select either of them. By default, it applies to the entire cluster.
                                                                                                                            • When applied to the entire cluster, all nodes in the cluster are upgraded in batches, regardless of their node pool groups. For example, if one node is upgraded in the first batch and four nodes in the second batch, the number of nodes to be upgraded in each subsequent batch will increase by a factor of four until it reaches the maximum allowed per batch.
                                                                                                                            • When applied to specific node pools, nodes within each pool are upgraded in batches according to a predefined progression. The upgrade begins with one node in the first batch, then four nodes in the second batch. The number of nodes in each subsequent batch increase by a factor of four until the maximum number of nodes per batch is reached. When the upgrade process moves to the next node pool, the batch size calculation resets and starts again from one node.
                                                                                                                            
 
                                                                                                                          
 
                                                                                                                        
 
                                                                                                                      • Post-upgrade verification
                                                                                                                        After an upgrade, CCE will automatically check items including the cluster status and node status. You need to manually check services, new nodes, and new pods to ensure that the cluster functions properly after the upgrade. For details, see Performing Post-Upgrade Verification.
                                                                                                                        
@@ -180,7 +184,7 @@
 
                                                                                                                    4. 
 
                                                                                                                    
 
                                                                                                                  
-
                                                                                                                  Helpful Links
                                                                                                                  For details about how to upgrade node OSs, see Upgrading an OS.
                                                                                                                  
+
                                                                                                                  Helpful Links
                                                                                                                  
 
                                                                                                                  
 
                                                                                                                  
 
                                                                                                                  
diff --git a/docs/cce/umn/cce_10_0198.html b/docs/cce/umn/cce_10_0198.html
index c13e3a873..51f8c198e 100644
--- a/docs/cce/umn/cce_10_0198.html
+++ b/docs/cce/umn/cce_10_0198.html
@@ -2,15 +2,15 @@
 
 
                                                                                                                  Accepting Nodes for Management
                                                                                                                  
 
                                                                                                                  Scenario
                                                                                                                  In CCE, you can create a node (Creating a Node) or add existing nodes (ECSs) to your cluster for management. 
                                                                                                                  
-
                                                                                                                   
                                                                                                                  • When accepting an ECS, you can reset the ECS OS to a standard public image offered by CCE. If you choose to do so, you need to reset the password or key pair, and the previous password or key pair will become invalid.
                                                                                                                  • LVM information, including volume groups (VGs), logical volumes (LVs), and physical volumes (PVs), will be deleted from the system disks and data disks attached to the selected ECSs during acceptance. Ensure that the information has been backed up.
                                                                                                                  • During the acceptance of an ECS, do not perform any operation on the ECS through the ECS console.
                                                                                                                  
+
                                                                                                                   
                                                                                                                  • When accepting an ECS, you can reset its OS to a standard public image offered by CCE. If you choose to do so, you must reconfigure the password or key, as the previous one will become invalid.
                                                                                                                  • During the acceptance process, LVM information, including volume groups (VGs), logical volumes (LVs), and physical volumes (PVs), will be deleted from the system disks and data disks attached to the selected ECSs. Ensure this information has been backed up.
                                                                                                                  • During the acceptance of an ECS, do not perform any operation on the ECS through the ECS console.
                                                                                                                  
 
                                                                                                                  
 
                                                                                                                  
 
                                                                                                                  Notes and Constraints
                                                                                                                  • ECSs can be managed.
                                                                                                                  
 
                                                                                                                  
 
                                                                                                                  Prerequisites
                                                                                                                  The cloud servers to be managed must meet the following requirements:
                                                                                                                  
-
                                                                                                                  • The node to be accepted must be in the Running state and not used by other clusters. In addition, the node to be accepted does not carry the CCE-Dynamic-Provisioning-Node tag.
                                                                                                                  • The node to be accepted and the cluster must be in the same VPC. (If the cluster version is earlier than v1.13.10, the node to be accepted and the CCE cluster must be in the same subnet.)
                                                                                                                  • Data disks must be attached to the nodes to be managed if the system components of these nodes are separately stored. A local disk (disk-intensive disk) or a data disk of at least 20 GiB can be attached to the node, and any data disks already attached cannot be smaller than 10 GiB. 
                                                                                                                  • The node to be accepted has 2-core or higher CPU, 4 GiB or larger memory, and only one NIC.
                                                                                                                  • Only cloud servers with the same data disk configuration can be accepted in batches for management.
                                                                                                                  • If IPv6 is enabled for a cluster, only nodes in a subnet with IPv6 enabled can be accepted and managed. If IPv6 is not enabled for the cluster, only nodes in a subnet without IPv6 enabled can be accepted.
                                                                                                                  • Nodes in a CCE Turbo cluster must support sub-ENIs or be bound to at least 16 ENIs. For details about the node flavors, see the options provided on the console when you create a node. 
                                                                                                                  • Data disks that have been partitioned will be ignored during node management. Ensure that there is at least one unpartitioned data disk meeting the specifications is attached to the node.
                                                                                                                  
+
                                                                                                                  • The node to be accepted must be in the Running state and not used by other clusters. In addition, the node to be accepted does not carry the CCE-Dynamic-Provisioning-Node tag.
                                                                                                                  • The node to be accepted and the cluster must be in the same VPC. (If the cluster version is earlier than v1.13.10, the node to be accepted and the CCE cluster must be in the same subnet.)
                                                                                                                  • Data disks must be attached to the nodes to be managed if the system components of these nodes are stored separately. These nodes can be attached with either a local disk (disk-intensive disk) or a data disk of at least 20 GiB. Additionally, any data disks already attached must not be smaller than 10 GiB. 
                                                                                                                  • The node to be accepted must have at least 2 CPU cores, 4 GiB of memory, and only one network interface.
                                                                                                                  • Only cloud servers with the same data disk configuration can be accepted in batches for management.
                                                                                                                  • If IPv6 is enabled for a cluster, only nodes in a subnet with IPv6 enabled can be accepted and managed. If IPv6 is not enabled for the cluster, only nodes in a subnet without IPv6 enabled can be accepted.
                                                                                                                  • CCE Turbo clusters require that each node supports supplementary network interfaces, or you will need to bind at least 16 network interfaces. For details about the node flavors, see the options provided on the console when you create a node. 
                                                                                                                  • Data disks that have been partitioned will be ignored during node management. Ensure that there is at least one unpartitioned data disk meeting the specifications is attached to the node.
                                                                                                                  
 
                                                                                                                  
-
                                                                                                                  Procedure
                                                                                                                  1. Log in to the CCE console and go to the cluster where the node to be accepted resides.
                                                                                                                  2. In the navigation pane, choose Nodes. On the displayed page, click the Nodes tab and then Accept Node in the upper right corner.
                                                                                                                  3. Specify node parameters.
                                                                                                                    Configurations
                                                                                                                    
+
                                                                                                                    Procedure
                                                                                                                    1. Log in to the CCE console and go to the cluster where the node to be accepted resides.
                                                                                                                    2. In the navigation pane, choose Nodes. On the displayed page, click the Nodes tab and then Accept Node in the upper right corner.
                                                                                                                    3. Specify node parameters.
                                                                                                                      Node Configuration
                                                                                                                      
 
 
                                                                                                                      
@@ -76,9 +76,9 @@
 
-
@@ -96,8 +96,8 @@
 
-
-
diff --git a/docs/cce/umn/cce_10_0201.html b/docs/cce/umn/cce_10_0201.html
index 6c5fca691..3e7c2e796 100644
--- a/docs/cce/umn/cce_10_0201.html
+++ b/docs/cce/umn/cce_10_0201.html
@@ -2,7 +2,7 @@
 
 
                                                                                                                      Monitoring Custom Metrics on AOM
                                                                                                                      CCE allows you to upload custom metrics to AOM. ICAgent on a node periodically calls the metric monitoring API configured on a workload to read monitoring data and then uploads the data to AOM.
                                                                                                                      
-
                                                                                                                      Figure 1 Using ICAgent to collect monitoring metrics
                                                                                                                      
+
                                                                                                                      Figure 1 Using ICAgent to collect monitoring metrics
                                                                                                                      
 
                                                                                                                      The custom metric API of a workload can be configured when the workload is created. The following procedure uses an Nginx application as an example to describe how to report custom metrics to AOM.
                                                                                                                      
 
                                                                                                                      1. Preparing an Application
                                                                                                                        Prepare an application image. The application must provide a metric monitoring API for ICAgent to collect data, and the monitoring data must comply with the Prometheus specifications.
                                                                                                                        
 
                                                                                                                      2. Deploying Applications and Converting Nginx Metrics
                                                                                                                        Use the application image to deploy a workload in a cluster. Custom metrics will be automatically reported.
                                                                                                                        
@@ -58,12 +58,12 @@ ADD nginx.conf /etc/nginx/nginx.conf
 EXPOSE 80
 CMD ["nginx", "-g", "daemon off;"]
 
                                                                                                                      
-
                                                                                                                    4. Use this Dockerfile to create an image and upload it to SWR. The image name is nginx:exporter. 
                                                                                                                      1. In the navigation pane, choose My Images. In the upper right corner, click Upload Through Client. In the displayed dialog box, click Generate a temporary login command. Then, click  to copy the command.
                                                                                                                      2. Run the login command copied in the previous step on the node. If the login is successful, the message "Login Succeeded" is displayed.
                                                                                                                      3. Run the following command to build an image named nginx. The image version is exporter.
                                                                                                                        docker build -t nginx:exporter .
                                                                                                                        
+
                                                                                                                      4. Use this Dockerfile to create an image and upload it to SWR. The image name is nginx:exporter. 
                                                                                                                        1. In the navigation pane, choose My Images. In the upper right corner, click Upload Through Client. In the displayed dialog box, click Generate a temporary login command. Then, click  to copy the command.
                                                                                                                        2. Run the login command copied in the previous step on the node. If the login is successful, the message "Login Succeeded" is displayed.
                                                                                                                        3. Run the following command to build an image named nginx. The image version is exporter.
                                                                                                                          docker build -t nginx:exporter .
                                                                                                                          
 
                                                                                                                        4. Tag the image and upload it to the image repository. Change the image repository address and organization name based on your requirements.
                                                                                                                          docker tag nginx:exporter {swr-address}/{group}/nginx:exporter
 docker push {swr-address}/{group}/nginx:exporter
                                                                                                                          
 
                                                                                                                        
-
                                                                                                                      5. View application metrics.
                                                                                                                        1. Use nginx:exporter to create a workload.
                                                                                                                        2. Log in to the container and obtain the Nginx monitoring data through http://<ip_address>:8080/stub_status. <ip_address> indicates the IP address of the container.
                                                                                                                          curl http://127.0.0.1:8080/stub_status
                                                                                                                          
-
                                                                                                                          The command output is as follows:
                                                                                                                          
+
                                                                                                                        3. View application metrics.
                                                                                                                          1. Use nginx:exporter to create a workload.
                                                                                                                          2. Log in to the container and use http://<ip_address>:8080/stub_status to obtain nginx monitoring data. <ip_address> indicates the IP address of the container.
                                                                                                                            curl http://127.0.0.1:8080/stub_status
                                                                                                                            
+
                                                                                                                            Information similar to the following is displayed:
                                                                                                                            
 
                                                                                                                            Active connections: 3 
 server accepts handled requests
  146269 146269 212 
@@ -72,7 +72,7 @@ Reading: 0 Writing: 1 Waiting: 2
                                                                                                                            
 
                                                                                                                          
 
 
                                                                                                                          Deploying Applications and Converting Nginx Metrics
                                                                                                                          The format of the monitoring data provided by nginx:exporter does not meet the requirements of Prometheus. Convert the data format to the format required by Prometheus. To convert the format of Nginx metrics, use nginx-prometheus-exporter, as shown in the following figure.
                                                                                                                          
-
                                                                                                                          Figure 2 Using exporter to convert the data format
                                                                                                                          
+
                                                                                                                          Figure 2 Using exporter to convert the data format
                                                                                                                          
 
                                                                                                                          Deploy nginx:exporter and nginx-prometheus-exporter in the same pod.
                                                                                                                          
 
                                                                                                                          kind: Deployment
 apiVersion: apps/v1
@@ -112,17 +112,17 @@ spec:
 
                                                                                                                           
                                                                                                                          The nginx/nginx-prometheus-exporter:0.9.0 image needs to be pulled from the public network. Therefore, a public IP address needs to be bound to each node in the cluster.
                                                                                                                          
 
                                                                                                                          
 
                                                                                                                          nginx-prometheus-exporter requires a startup command. nginx-prometheus-exporter -nginx.scrape-uri=http://127.0.0.1:8080/stub_status is used to obtain Nginx monitoring data.
                                                                                                                          
-
                                                                                                                          In addition, add an annotation metrics.alpha.kubernetes.io/custom-endpoints: '[{"api":"prometheus","path":"/metrics","port":"9113","names":""}]' to the pod.
                                                                                                                          
+
                                                                                                                          In addition, add metrics.alpha.kubernetes.io/custom-endpoints: '[{"api":"prometheus","path":"/metrics","port":"9113","names":""}]' to the pod.
                                                                                                                          
 
                                                                                                                          
 
                                                                                                                          Verification
                                                                                                                          After an application is deployed, you can access Nginx to construct some access data and check whether the corresponding monitoring data can be obtained in AOM.
                                                                                                                          
 
                                                                                                                          1. Obtain the pod name of Nginx.
                                                                                                                            kubectl get pod
                                                                                                                            
-
                                                                                                                            The command output is as follows:
                                                                                                                            
+
                                                                                                                            Information similar to the following is displayed:
                                                                                                                            
 
                                                                                                                            NAME                              READY   STATUS    RESTARTS   AGE
 nginx-exporter-78859765db-6j8sw   2/2     Running   0          4m
                                                                                                                            
-
                                                                                                                          2. Run the following command to log in to the container:
                                                                                                                            kubectl exec -it nginx-exporter-78859765db-6j8sw -- /bin/sh
                                                                                                                            
-
                                                                                                                            Run the following command to access Nginx:
                                                                                                                            
+
                                                                                                                          3. Log in to the container.
                                                                                                                            kubectl exec -it nginx-exporter-78859765db-6j8sw -- /bin/sh
                                                                                                                            
+
                                                                                                                            Access Nginx.
                                                                                                                            
 
                                                                                                                            curl http://localhost
                                                                                                                            
-
                                                                                                                            The command output is as follows:
                                                                                                                            
+
                                                                                                                            Information similar to the following is displayed:
                                                                                                                            
 
                                                                                                                            <!DOCTYPE html>
 <html>
 <head>
diff --git a/docs/cce/umn/cce_10_0205.html b/docs/cce/umn/cce_10_0205.html
index c2d7ca930..140d3c578 100644
--- a/docs/cce/umn/cce_10_0205.html
+++ b/docs/cce/umn/cce_10_0205.html
@@ -5,31 +5,31 @@
 
                                                                                                                            metrics-server is an aggregator for monitoring data of core cluster resources. You can quickly install this add-on on the CCE console.
                                                                                                                            
 
                                                                                                                            After installing this add-on, you can create HPA policies. For details, see Creating an HPA Policy.
                                                                                                                            
 
                                                                                                                            The official community project and documentation are available at https://github.com/kubernetes-sigs/metrics-server.
                                                                                                                            
-
                                                                                                                            Installing the Add-on
                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Add-ons, locate Kubernetes Metrics Server on the right, and click Install.
                                                                                                                            2. On the Install Add-on page, configure the specifications as needed.
                                                                                                                              • If you selected Preset, you can choose between Small or Large as needed. The system will automatically set the number of add-on pods and resource quotas according to the preset specifications. You can see the configurations on the console.
                                                                                                                                The smaller specification lacks HA capabilities, while the large specification has them. However, deploying multiple pods requires more compute resources.
                                                                                                                                
+
                                                                                                                                Installing the Add-on
                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                2. In the navigation pane, choose Add-ons. Locate Kubernetes Metrics Server on the right and click Install.
                                                                                                                                3. On the Install Add-on page, configure the specifications as needed.
                                                                                                                                  • If you selected Preset, you can choose between Small or Large as needed. The system will automatically set the number of add-on pods and resource quotas according to the preset specifications. You can see the configurations on the console.
                                                                                                                                    The smaller specification lacks HA capabilities, while the large specification has them. However, deploying multiple pods requires more compute resources.
                                                                                                                                    
 
                                                                                                                                  • If you selected Custom, you can adjust the number of pods and resource quotas as needed. High availability is not possible with a single pod. If an error occurs on the node where the add-on instance runs, the add-on will fail.
                                                                                                                                  
 
                                                                                                                                4. Configure deployment policies for the add-on pods.
                                                                                                                                   
                                                                                                                                  • Scheduling policies do not take effect on add-on pods of the DaemonSet type.
                                                                                                                                  • When configuring multi-AZ deployment or node affinity, ensure that there are nodes meeting the scheduling policy and that resources are sufficient in the cluster. Otherwise, the add-on cannot run.
                                                                                                                                  
 
                                                                                                                                  
 
-
                                                                                                                      5. Table 1 Node configuration parameters
                                                                                                                      Parameter
                                                                                                                      
 
                                                                                                                      
 
                                                                                                                      Data Disk
                                                                                                                      
 
                                                                                                                      • At least one default data disk must be added for storing container runtime and kubelet components if System Component Storage is set to Data Disk. This data disk cannot be deleted or detached. Otherwise, the node will be unavailable. This function is available for clusters of a version earlier than v1.23.18-r0, v1.25.13-r0, v1.27.10-r0, v1.28.8-r0, or v1.29.4-r0.
                                                                                                                      • If System Component Storage is set to System Disk, you do not need to add a default data disk. In this case, all data disks are common ones: You can set the data disk size to a value ranging from 10 GiB to 32768 GiB. The default value is 100 GiB. This function is available for clusters of v1.23.18-r0, v1.25.13-r0, v1.27.10-r0, v1.28.8-r0, v1.29.4-r0, or later versions.
                                                                                                                      
+
                                                                                                                      • At least one default data disk must be added for storing container runtime and kubelet components if System Component Storage is set to Data Disk. This data disk cannot be deleted or detached. Otherwise, the node will be unavailable. 
                                                                                                                      • If System Component Storage is set to System Disk, you do not need to add a default data disk. In this case, all data disks are common ones: You can set the data disk size to a value ranging from 10 GiB to 32768 GiB. The default value is 100 GiB. This function is available for clusters of v1.23.18-r0, v1.25.13-r0, v1.27.10-r0, v1.28.8-r0, v1.29.4-r0, or later versions.
                                                                                                                      
 
                                                                                                                      Click Expand to configure Data Disk Space Allocation. This allocates space for container engines, images, and ephemeral storage to ensure their proper running. For details about how to allocate data disk space, see Space Allocation of a Data Disk.
                                                                                                                      
-
                                                                                                                      For other data disks, a raw disk is created without any processing by default. You can also click Expand and select Mount Disk to mount the data disk to a specified directory. Data disks can also be used as local PVs or local EVs.
                                                                                                                      
+
                                                                                                                      For other data disks, a raw disk is created without any processing by default. You can also click Expand and select Mount Disk to mount the data disk to a specified directory. 
                                                                                                                      
                                                                                                                       		
 
                                                                                                                      
 
                                                                                                                      Resource Tag
                                                                                                                      
                                                                                                                       		
 
                                                                                                                      You can add resource tags to classify resources. A maximum of eight resource tags can be added.
                                                                                                                      
-
                                                                                                                      You can create predefined tags on the TMS console. These tags are available to all resources that support tags. You can use these tags to improve the tag creation and resource migration efficiency. 
                                                                                                                      
-
                                                                                                                      CCE will automatically create the "CCE-Dynamic-Provisioning-Node=Node ID" tag.
                                                                                                                      
+
                                                                                                                      You can create predefined tags on the TMS console. These tags are available to all resources that support tags. You can use these tags to improve the tag creation and resource migration efficiency. 
                                                                                                                      
+
                                                                                                                      CCE will automatically create the CCE-Dynamic-Provisioning-Node=Node ID tag.
                                                                                                                      
                                                                                                                       		
 
                                                                                                                      
 
                                                                                                                      Kubernetes Label
                                                                                                                      
@@ -122,14 +122,16 @@
 
                                                                                                                      
 
                                                                                                                      Pre-installation Command
                                                                                                                      
 
                                                                                                                      Installation script command, in which Chinese characters are not allowed. The script command will be Base64-transcoded. The characters of both the pre-installation and post-installation scripts are centrally calculated, and the total number of characters after transcoding cannot exceed 10240.
                                                                                                                      
+
                                                                                                                      Installation script command. The script command will be Base64-transcoded. The characters of both the pre-installation and post-installation scripts are centrally calculated, and the total number of characters after transcoding cannot exceed 10240.
                                                                                                                      
 
                                                                                                                      The script will be executed before Kubernetes software is installed. Note that if the script is incorrect, Kubernetes software may fail to be installed.
                                                                                                                      
                                                                                                                       		
 
                                                                                                                      
 
                                                                                                                      Post-installation Command
                                                                                                                      
 
                                                                                                                      Installation script command, in which Chinese characters are not allowed. The script command will be Base64-transcoded. The characters of both the pre-installation and post-installation scripts are centrally calculated, and the total number of characters after transcoding cannot exceed 10240.
                                                                                                                      
-
                                                                                                                      The script will be executed after Kubernetes software is installed, which does not affect the installation.
                                                                                                                      
+
                                                                                                                      Installation script command. The script command will be Base64-transcoded. The characters of both the pre-installation and post-installation scripts are centrally calculated, and the total number of characters after transcoding cannot exceed 10240.
                                                                                                                      
+
                                                                                                                      The script will be executed after Kubernetes software is installed, which does not affect the installation. During post-installation script execution, pods can be scheduled normally. However, if the script execution times out, node installation will fail. To prevent pods from being scheduled to nodes with incomplete script execution, enable the option to schedule pods only after the post-installation script execution completes.
                                                                                                                       CAUTION: 
                                                                                                                      Do not use the reboot command in the post-installation script to restart the system immediately. Instead, use the shutdown -r 1 command to restart the system with a one-minute delay.
                                                                                                                      
+
                                                                                                                      
+
                                                                                                                      
                                                                                                                       		
 
                                                                                                                      
                                                                                                                       
 
                                                                                                                      Table 1 Configurations for add-on scheduling
                                                                                                                      Parameter
                                                                                                                      
+
                                                                                                                      
-
-
-
-
-
-
-
@@ -59,8 +59,8 @@
 
                                                                                                                      Table 1 Configurations for add-on scheduling
                                                                                                                      Parameter
                                                                                                                      
 
                                                                                                                      Description
                                                                                                                      
+
                                                                                                                      Description
                                                                                                                      
                                                                                                                       		
 
                                                                                                                      
 
                                                                                                                      Multi-AZ Deployment
                                                                                                                      
+
                                                                                                                      Multi-AZ Deployment
                                                                                                                      
 
                                                                                                                      • Preferred: Deployment pods of the add-on will be preferentially scheduled to nodes in different AZs. If all the nodes in the cluster are deployed in the same AZ, the pods will be scheduled to different nodes in that AZ.
                                                                                                                      • Equivalent mode: Deployment pods of the add-on are evenly scheduled to the nodes in the cluster in each AZ. If a new AZ is added, you are advised to increase add-on pods for cross-AZ HA deployment. With the Equivalent multi-AZ deployment, the difference between the number of add-on pods in different AZs will be less than or equal to 1. If resources in one of the AZs are insufficient, pods cannot be scheduled to that AZ.
                                                                                                                      • Forcible: Deployment pods of the add-on are forcibly scheduled to nodes in different AZs. There can be at most one pod in each AZ. If nodes in a cluster are not in different AZs, some add-on pods cannot run properly. If a node is faulty, add-on pods on it may fail to be migrated.
                                                                                                                      
+
                                                                                                                      • Preferred: Deployment pods of the add-on will be preferentially scheduled to nodes in different AZs. If all the nodes in the cluster are deployed in the same AZ, the pods will be scheduled to different nodes in that AZ.
                                                                                                                      • Equivalent mode: Deployment pods of the add-on are evenly scheduled to the nodes in the cluster in each AZ. If a new AZ is added, you are advised to increase add-on pods for cross-AZ HA deployment. With the Equivalent multi-AZ deployment, the difference between the number of add-on pods in different AZs will be less than or equal to 1. If resources in one of the AZs are insufficient, pods cannot be scheduled to that AZ.
                                                                                                                      • Forcible: Deployment pods of the add-on are forcibly scheduled to nodes in different AZs. There can be at most one pod in each AZ. If nodes in a cluster are not in different AZs, some add-on pods cannot run properly. If a node is faulty, add-on pods on it may fail to be migrated.
                                                                                                                      
                                                                                                                       		
 
                                                                                                                      Node Affinity
                                                                                                                      
+
                                                                                                                      Node Affinity
                                                                                                                      
 
                                                                                                                      • Not configured: Node affinity is disabled for the add-on.
                                                                                                                      • Specify node: Specify the nodes where the add-on is deployed. If you do not specify the nodes, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                                                      • Specify node pool: Specify the node pool where the add-on is deployed. If you do not specify the node pools, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                                                      • Customize affinity: Enter the labels of the nodes where the add-on is to be deployed for more flexible scheduling policies. If you do not specify node labels, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                                                        If multiple custom affinity policies are configured, ensure that there are nodes that meet all the affinity policies in the cluster. Otherwise, the add-on cannot run.
                                                                                                                        
+
                                                                                                                      • Not configured: Node affinity is disabled for the add-on.
                                                                                                                      • Specify node: Specify the nodes where the add-on is deployed. If you do not specify the nodes, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                                                      • Specify node pool: Specify the node pool where the add-on is deployed. If you do not specify the node pools, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                                                      • Customize affinity: Enter the labels of the nodes where the add-on is to be deployed for more flexible scheduling policies. If you do not specify node labels, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                                                        If multiple custom affinity policies are configured, ensure that there are nodes that meet all the affinity policies in the cluster. Otherwise, the add-on cannot run.
                                                                                                                        
 
                                                                                                                      
                                                                                                                       		
 
                                                                                                                      Toleration
                                                                                                                      
+
                                                                                                                      Toleration
                                                                                                                      
 
                                                                                                                      Using both taints and tolerations allows (not forcibly) the add-on Deployment to be scheduled to a node with the matching taints, and controls the Deployment eviction policies after the node where the Deployment is located is tainted.
                                                                                                                      
+
                                                                                                                      Using both taints and tolerations allows (not forcibly) the add-on Deployment to be scheduled to a node with the matching taints, and controls the Deployment eviction policies after the node where the Deployment is located is tainted.
                                                                                                                      
 
                                                                                                                      The add-on adds the default tolerance policy for the node.kubernetes.io/not-ready and node.kubernetes.io/unreachable taints, respectively. The tolerance time window is 60s.
                                                                                                                      
 
                                                                                                                      For details, see Configuring Tolerance Policies.
                                                                                                                      
 
                                                                                                                      
 
                                                                                                                      
 
-
                                                                                                                      Change History
                                                                                                                      
-
                                                                                                                      Table 3 Release history
                                                                                                                      Add-on Version
                                                                                                                      
+
                                                                                                                      Release History
                                                                                                                      
+
                                                                                                                      
@@ -70,7 +70,22 @@
 
-
+
+
+
+
+
                                                                                                                      Table 3 Kubernetes Metrics Server add-on
                                                                                                                      Add-on Version
                                                                                                                      
                                                                                                                       		
 
                                                                                                                      Supported Cluster Version
                                                                                                                      
                                                                                                                       		
 
                                                                                                                      
 
                                                                                                                      1.3.90
                                                                                                                      
+
                                                                                                                      1.3.102
                                                                                                                      
+
                                                                                                                      v1.25
                                                                                                                      
+
                                                                                                                      v1.27
                                                                                                                      
+
                                                                                                                      v1.28
                                                                                                                      
+
                                                                                                                      v1.29
                                                                                                                      
+
                                                                                                                      v1.30
                                                                                                                      
+
                                                                                                                      v1.31
                                                                                                                      
+
                                                                                                                      v1.32
                                                                                                                      
+
                                                                                                                      CCE clusters v1.32 are supported.
                                                                                                                      
+
                                                                                                                      0.6.2
                                                                                                                      
+
                                                                                                                      1.3.90
                                                                                                                      
                                                                                                                       		
 
                                                                                                                      v1.25
                                                                                                                      
 
                                                                                                                      v1.27
                                                                                                                      
diff --git a/docs/cce/umn/cce_10_0207.html b/docs/cce/umn/cce_10_0207.html
index 16957294e..61c66cde5 100644
--- a/docs/cce/umn/cce_10_0207.html
+++ b/docs/cce/umn/cce_10_0207.html
@@ -4,11 +4,11 @@
 
                                                                                                                      
 
                                                                                                                      
 
                                                                                                                        
-
                                                                                                                      • Overview
                                                                                                                        
+
                                                                                                                      • Auto Scaling Overview
                                                                                                                        
 
                                                                                                                        • 
-
                                                                                                                      • Scaling a Workload
                                                                                                                        
+
                                                                                                                      • Workload Scaling
                                                                                                                        
 
                                                                                                                        • 
-
                                                                                                                      • Scaling a Node
                                                                                                                        
+
                                                                                                                      • Node Scaling
                                                                                                                        
 
                                                                                                                        • 
 
                                                                                                                      • Using HPA and CA for Auto Scaling of Workloads and Nodes
                                                                                                                        
 
                                                                                                                        • 
diff --git a/docs/cce/umn/cce_10_0208.html b/docs/cce/umn/cce_10_0208.html
index 451c15342..041222a9b 100644
--- a/docs/cce/umn/cce_10_0208.html
+++ b/docs/cce/umn/cce_10_0208.html
@@ -1,8 +1,9 @@
 
 
 
                                                                                                                        Creating an HPA Policy
                                                                                                                        
-
                                                                                                                        Horizontal Pod Autoscaling (HPA) in Kubernetes implements horizontal scaling of pods. In a CCE HPA policy, you can configure different cooldown time windows and scaling thresholds for different applications based on the Kubernetes HPA.
                                                                                                                        
-
                                                                                                                        Prerequisites
                                                                                                                        To use HPA, install an add-on that provides metrics APIs. Select one of the following add-ons based on your cluster version and service requirements.
                                                                                                                        • Kubernetes Metrics Server: provides basic resource usage metrics, such as container CPU and memory usage. It is supported by all cluster versions.
                                                                                                                        • Cloud Native Cluster Monitoring: available only in clusters of v1.17 or later.
+
                                                                                                                          As application access requests fluctuate, the preset number of pods often fails to meet the requirements for efficient, elastic resource utilization. For example, if the number of pods is insufficient during peak hours, the response delay may increase and user experience may deteriorate. If the number of pods is excessive during off-peak hours, resources go wasted.
                                                                                                                          
+
                                                                                                                          Kubernetes provides the HPA policy to horizontally scale pods. The HPA policy monitors application loads, such as the CPU usage and memory usage, and automatically increases or decreases the number of pods to adapt to the current workload. This ensures stable application performance and efficient resource utilization.
                                                                                                                          
+
                                                                                                                          Prerequisites
                                                                                                                          To use HPA, you have installed either of the following add-ons that support metrics APIs:
 
                                                                                                                          
 
                                                                                                                          
@@ -11,46 +12,44 @@
 
                                                                                                                          
 
                                                                                                                          Procedure
                                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                          2. Choose Workloads in the navigation pane. Locate the target workload and choose More > Auto Scaling in the Operation column.
                                                                                                                          3. Set Policy Type to HPA+CronHPA, enable the created HPA policy, and configure parameters.
                                                                                                                            This section describes only HPA policies. To enable CronHPA, see Creating a Scheduled CronHPA Policy.
                                                                                                                            
 
-
                                                                                                                            Table 1 HPA policy
                                                                                                                            Parameter
                                                                                                                            
+
                                                                                                                            
-
-
-
-
-
-
-
-
-
-
-
                                                                                                                            Table 1 HPA policy
                                                                                                                            Parameter
                                                                                                                            
 
                                                                                                                            Description
                                                                                                                            
+
                                                                                                                            Description
                                                                                                                            
                                                                                                                             		
 
                                                                                                                            
 
                                                                                                                            Pod Range
                                                                                                                            
+
                                                                                                                            Pod Range
                                                                                                                            
 
                                                                                                                            Minimum and maximum numbers of pods.
                                                                                                                            
+
                                                                                                                            Minimum and maximum numbers of pods.
                                                                                                                            
 
                                                                                                                            When a policy is triggered, the workload pods are scaled within this range.
                                                                                                                            
                                                                                                                             		
 
                                                                                                                            Cooldown Period
                                                                                                                            
+
                                                                                                                            Cooldown Period
                                                                                                                            
 
                                                                                                                            Interval between a scale-in and a scale-out. The unit is minute. The interval cannot be shorter than 1 minute.
                                                                                                                            
+
                                                                                                                            Interval between a scale-in and a scale-out. The unit is minute. The interval cannot be shorter than 1 minute.
                                                                                                                            
 
                                                                                                                            This parameter is supported only in clusters of v1.15 to v1.23.
                                                                                                                            
 
                                                                                                                            This parameter indicates the interval between consecutive scaling operations. The cooldown period ensures that a scaling operation is initiated only when the previous one is completed and the system is running stably.
                                                                                                                            
                                                                                                                             		
 
                                                                                                                            Scaling Behavior
                                                                                                                            
+
                                                                                                                            Scaling Behavior
                                                                                                                            
 
                                                                                                                            This parameter is supported only in clusters of v1.25 or later.
                                                                                                                            
+
                                                                                                                            This parameter is supported only in clusters of v1.25 or later.
                                                                                                                            
 
                                                                                                                            • Default: scales workloads using the Kubernetes default behavior. For details, see Default Behavior.
                                                                                                                            • Custom: scales workloads using custom policies such as stabilization window, steps, and priorities. Unspecified parameters use the values recommended by Kubernetes.
                                                                                                                              • Disable scale-out/scale-in: Select whether to disable scale-out or scale-in.
                                                                                                                              • Stabilization Window: a period during which CCE continuously checks whether the metrics used for scaling keep fluctuating. CCE triggers scaling if the desired state is not maintained for the entire window. This window restricts the unwanted flapping of pod count due to metric changes.
                                                                                                                              • Step: specifies the scaling step. You can set the number or percentage of pods to be scaled in or out within a specified period. If there are multiple policies, you can select the policy that maximizes or minimizes the number of pods.
                                                                                                                              
 
                                                                                                                            
                                                                                                                             		
 
                                                                                                                            System Policy
                                                                                                                            
+
                                                                                                                            System Policy
                                                                                                                            
 
                                                                                                                            • Metric: You can select CPU usage or Memory usage.
                                                                                                                               NOTE: 
                                                                                                                              Usage = Average resource usage of all pods in a workload/Requested resources
                                                                                                                              
-
                                                                                                                              
-
                                                                                                                            • Desired Value: Enter the desired average resource usage.
                                                                                                                              This parameter indicates the desired value of the selected metric. Number of target pods (rounded up) = (Current metric value/Desired value) x Number of current pods
                                                                                                                              
-
                                                                                                                               NOTE: 
                                                                                                                              When calculating the number of pods to be added or reduced, the HPA policy uses the maximum number of pods in the last 5 minutes.
                                                                                                                              
-
                                                                                                                              
-
                                                                                                                            • Tolerance Range: Scaling is not triggered when the metric value is within the tolerance range. The desired value must be within the tolerance range.
                                                                                                                              If the metric value is greater than the scale-in threshold and less than the scale-out threshold, no scaling is triggered. This parameter is supported only in clusters of v1.15 or later.
                                                                                                                              
+
                                                                                                                            When calculating the number of pods to add or remove, HPA determines the target number of pods based on the current metric value, desired value, and the current number of pods. The current number of pods is the maximum number of pods over the last 5 minutes. The formula is as follows:
                                                                                                                            
+
                                                                                                                            Desired number of pods = Rounded up value of [Current number of pods x (Current metric value/Desired value)]
                                                                                                                            
+
                                                                                                                            • Metric: You can select CPU usage or Memory usage.
                                                                                                                              Usage = Average resource usage of all pods in a workload/Requested resources
                                                                                                                              
+
                                                                                                                            • Desired Value: Enter the desired average resource usage.
                                                                                                                            • Tolerance Range: Scaling is not triggered when the metric value is within the tolerance range. The desired value must be within the tolerance range.
                                                                                                                              If the metric value is greater than the scale-in threshold and less than the scale-out threshold, no scaling is triggered. This parameter is supported only in clusters of v1.15 or later.
                                                                                                                              
 
                                                                                                                            
                                                                                                                             		
 
                                                                                                                            Custom Policy (supported only in clusters of v1.15 or later)
                                                                                                                            
+
                                                                                                                            Custom Policy (supported only in clusters of v1.15 or later)
                                                                                                                            
 
                                                                                                                             NOTE: 
                                                                                                                            Before creating a custom policy, install an add-on that supports custom metric collection (for example, Prometheus) in the cluster. Ensure that the add-on can collect and report the custom metrics of the workloads.
                                                                                                                            
+
                                                                                                                             NOTE: 
                                                                                                                            Before creating a custom policy, install an add-on that supports custom metric collection (for example, Prometheus) in the cluster. Ensure that the add-on can collect and report the custom metrics of the workloads.
                                                                                                                            
 
                                                                                                                            For details, see Monitoring Custom Metrics Using Cloud Native Cluster Monitoring.
                                                                                                                            
 
                                                                                                                            
 
                                                                                                                            • Metric Name: name of the custom metric. You can select a name as prompted.
                                                                                                                            • Metric Source: Select an object type from the drop-down list. You can select Pod.
                                                                                                                            • Desired Value: the average metric value of all pods. Number of pods to be scaled (rounded up) = (Current metric value/Desired value) x Number of current pods
                                                                                                                               NOTE: 
                                                                                                                              When calculating the number of pods to be added or reduced, the HPA policy uses the maximum number of pods in the last 5 minutes.
                                                                                                                              
@@ -66,7 +65,7 @@
 
                                                                                                                              
 
                                                                                                                              
 
                                                                                                                              
-
                                                                                                                              Parent topic: Scaling a Workload
                                                                                                                              
+
                                                                                                                              Parent topic: Workload Scaling
                                                                                                                              
 
                                                                                                                              
 
                                                                                                                              
 
diff --git a/docs/cce/umn/cce_10_0209.html b/docs/cce/umn/cce_10_0209.html
index faaac3687..551cf8b40 100644
--- a/docs/cce/umn/cce_10_0209.html
+++ b/docs/cce/umn/cce_10_0209.html
@@ -1,59 +1,59 @@
 
 
-
                                                                                                                              Creating a Node Scaling Policy
                                                                                                                              
-
                                                                                                                              CCE provides auto scaling through the CCE Cluster Autoscaler add-on. Nodes with different flavors can be automatically added across AZs on demand.
                                                                                                                              
-
                                                                                                                              If both a node scaling policy and the configuration in the Autoscaler add-on take effect, for example, there are pods that cannot be scheduled and a metric value exceeds the threshold, a scale-out will be performed first for the unschedulable pods.
                                                                                                                              
-
                                                                                                                              • If the scale-out succeeds for the unschedulable pods, the system skips the metric-based rule logic and enters the next loop.
                                                                                                                              • If the scale-out fails for the unschedulable pods, the metric-based rule is executed.
                                                                                                                              
-
                                                                                                                              Prerequisites
                                                                                                                              Before using the node scaling function, you must install the CCE Cluster Autoscaler add-on of v1.13.8 or later in the cluster.
                                                                                                                              
+
                                                                                                                              Creating a Node Auto Scaling Policy
                                                                                                                              
+
                                                                                                                              If a large number of applications and services are running in a cluster, the compute resources of nodes are fixed, but the load is dynamic. There may be the following problems:
                                                                                                                              
+
                                                                                                                              • During peak hours, if the node quantity is insufficient, workload pods cannot run, resulting in slow response and request timeout.
                                                                                                                              • During off-peak hours, if there are a large number of nodes, a lot of compute resources are wasted.
                                                                                                                              
+
                                                                                                                              These problems affect application performance and user experience and increase O&M complexity and costs. Kubernetes provides node auto scaling (Cluster Autoscaler), which can automatically add or remove nodes based on the cluster load. CCE provides auto scaling through the CCE Cluster Autoscaler add-on (CCE Cluster Autoscaler). Nodes with different flavors can be automatically added or removed across AZs on demand.
                                                                                                                              
+
                                                                                                                              Prerequisites
                                                                                                                              Before using node auto scaling, you must install the CCE Cluster Autoscaler add-on (CCE Cluster Autoscaler) of v1.13.8 or later in the cluster.
                                                                                                                              
 
                                                                                                                              
-
                                                                                                                              Notes and Constraints
                                                                                                                              • If there are no nodes in a node pool, Autoscaler cannot obtain the CPU or memory data of the node, and the node scaling rule triggered using these metrics will not take effect.
                                                                                                                              • If the driver of a GPU node is not installed, Autoscaler will determine that the node is not fully available and the node scaling rules triggered using the CPU or memory metrics will not take effect.
                                                                                                                              • When CCE Cluster Autoscaler is used, some taints or annotations may affect auto scaling. Therefore, do not use the following taints or annotations in clusters:
                                                                                                                                • ignore-taint.cluster-autoscaler.kubernetes.io: The taint works on nodes. Kubernetes-native Autoscaler supports protection against abnormal scale-outs and periodically evaluates the proportion of available nodes in the cluster. When the proportion of non-ready nodes exceeds 45%, protection will be triggered. In this case, all nodes with the ignore-taint.cluster-autoscaler.kubernetes.io taint in the cluster are filtered out from the Autoscaler template and recorded as non-ready nodes, which affect cluster scaling.
                                                                                                                                • cluster-autoscaler.kubernetes.io/enable-ds-eviction: The annotation works on pods, which determines whether DaemonSet pods can be evicted by Autoscaler. For details, see Well-Known Labels, Annotations and Taints.
                                                                                                                                
-
                                                                                                                              
+
                                                                                                                              Notes and Constraints
                                                                                                                              • If there are no nodes in a node pool, the CCE Cluster Autoscaler add-on cannot obtain the CPU or memory data of the node, and the node auto scaling rule triggered based on CPU or memory metrics will not take effect.
                                                                                                                              • If the driver of a GPU node is not installed, the CCE Cluster Autoscaler add-on will consider that the node is not fully available, and the node auto scaling rules triggered based on the CPU or memory metrics will not take effect.
                                                                                                                              • When CCE Cluster Autoscaler is used, some taints or annotations may affect auto scaling. Therefore, do not use the following taints or annotations in clusters:
                                                                                                                                • ignore-taint.cluster-autoscaler.kubernetes.io: The taint works on nodes. Kubernetes-native Autoscaler supports protection against abnormal scale-outs and periodically evaluates the proportion of available nodes in the cluster. When the proportion of non-ready nodes exceeds 45%, protection will be triggered. In this case, all nodes with the ignore-taint.cluster-autoscaler.kubernetes.io taint in the cluster are filtered out from the Autoscaler template and recorded as non-ready nodes, which affect cluster scaling.
                                                                                                                                • cluster-autoscaler.kubernetes.io/enable-ds-eviction: The annotation works on pods, which determines whether DaemonSet pods can be evicted by Autoscaler. For details, see Well-Known Labels, Annotations and Taints.
                                                                                                                                
+
                                                                                                                              • If the CCE Cluster Autoscaler add-on is installed, node pool auto scaling cannot be triggered when some node affinity policies of workloads cause pod scheduling failures. The following node labels should not be used for node affinity policies of the workloads in the cluster: node.kubernetes.io/subnetid, os.architecture, os.name, and os.version.
                                                                                                                              
 
                                                                                                                              
-
                                                                                                                              Configuring Node Pool Scaling Policies
                                                                                                                              1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                              2. In the navigation pane, choose Nodes. On the Node Pools tab, locate the row containing the target node pool and click Auto Scaling.
                                                                                                                                • If Autoscaler has not been installed, configure add-on parameters based on service requirements, click Install, and wait until the add-on is installed. For details about add-on configurations, see CCE Cluster Autoscaler.
                                                                                                                                • If Autoscaler has been installed, directly configure scaling policies.
                                                                                                                                
-
                                                                                                                              3. Configure auto scaling policies.
                                                                                                                                AS Configuration
                                                                                                                                
-
                                                                                                                                • Customized Rule: Click Add Rule. In the dialog box displayed, configure parameters. You can add multiple node scaling policies, a maximum of one CPU usage-based rule, and one memory usage-based rule. The total number of rules cannot exceed 10.
                                                                                                                                  The following table lists custom rules.
-
                                                                                                                                  Table 1 Custom rules
                                                                                                                                  Rule Type
                                                                                                                                  
+
                                                                                                                                  Configuring a Node Pool Auto Scaling Policy
                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                  2. In the navigation pane, choose Nodes. On the Node Pools tab, locate the row containing the target node pool and click Auto Scaling.
                                                                                                                                    • If CCE Cluster Autoscaler is not installed, configure add-on parameters based on service requirements, click Install, and wait until the add-on is installed. For details about add-on configurations, see CCE Cluster Autoscaler.
                                                                                                                                    • If CCE Cluster Autoscaler has been installed, configure scaling policies.
                                                                                                                                    
+
                                                                                                                                  3. Configure auto scaling policies.
                                                                                                                                    Auto Scaling Configuration
                                                                                                                                    
+
                                                                                                                                    • Custom rules: Click Add Rule. In the dialog box displayed, configure parameters. You can add multiple node scaling policies, a maximum of one CPU usage-based rule, and a maximum of one memory usage-based rule. The total number of rules cannot exceed 10.
                                                                                                                                      The following table lists custom rules.
+
                                                                                                                                      
-
-
-
-
-
                                                                                                                                      Table 1 Custom rules
                                                                                                                                      Rule Type
                                                                                                                                      
 
                                                                                                                                      Configuration
                                                                                                                                      
+
                                                                                                                                      Configuration
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      
 
                                                                                                                                      Metric-based
                                                                                                                                      
+
                                                                                                                                      Metric-based
                                                                                                                                      
 
                                                                                                                                      • Trigger: Select CPU allocation rate or Memory allocation rate and enter a value. The percentage must be greater than the value specified in the node resource requirements for a node scale-in when you configure a scaling policy (Configuring an Auto Scaling Policy for a Cluster).
                                                                                                                                         NOTE: 
                                                                                                                                        • Resource allocation (%) = Resources requested by pods in the node pool/Resources allocatable to pods in the node pool
                                                                                                                                        • If multiple rules meet the conditions, the rules are executed in either of the following modes:
                                                                                                                                          If rules based on the CPU allocation rate and memory allocation rate are configured and two or more rules meet the scale-out conditions, the rule that will add the most nodes will be executed.
                                                                                                                                          
-
                                                                                                                                          If a rule is configured based on the CPU allocation rate and a periodic rule and both the rules meet the scale-out conditions, the periodic rule executed early changes the node pool to the scaling state. As a result, the metric-based rule cannot be executed. After the periodic rule is executed and the node pool status becomes normal, the metric-based rule will not be executed. If the metric-based rule is executed early, the periodic rule will be executed after the metric-based rule is executed.
                                                                                                                                          
-
                                                                                                                                        • If a rule is configured based on the CPU allocation rate and memory allocation rate, the policy detection period varies with the processing logic of each loop of the Autoscaler add-on. A scale-out is triggered once the conditions are met, but it is constrained by other factors such as the cooldown period and node pool status.
                                                                                                                                        • If the number of nodes reaches the upper limit of the cluster scale, the upper limit of the nodes supported in a node pool, or the upper limit of the nodes of a specific flavor, a metric-based scale-out will not be triggered.
                                                                                                                                        • If the number of nodes, CPUs, or memory resources reaches the upper limit for a node scale-out, a metric-based scale-out will not be triggered.
                                                                                                                                        
+
                                                                                                                                      • Trigger: Select CPU allocation rate or Memory allocation rate and enter a value. The rate must be greater than the value specified in the node resource requirements for a node scale-in when you configure a scaling policy (Configuring an Auto Scaling Policy for a Cluster).
                                                                                                                                         NOTE: 
                                                                                                                                        • Resource allocation rate (%) = Resources requested by pods in the node pool/Resources allocatable to pods in the node pool
                                                                                                                                        • If multiple rules meet scaling conditions, the rules are executed in either of the following modes:
                                                                                                                                          If rules based on the CPU allocation rate and memory allocation rate are configured and two or more rules meet the scale-out conditions, the rule that will add the most nodes will be executed.
                                                                                                                                          
+
                                                                                                                                          If a rule based on the CPU allocation rate and a periodic rule are configured and both the rules meet the scale-out conditions, the periodic rule executed early changes the node pool to the scaling state. As a result, the metric-based rule cannot be executed. After the periodic rule is executed and the node pool status becomes normal, the metric-based rule will not be executed. If the metric-based rule is executed early, the periodic rule will be executed after the metric-based rule is executed.
                                                                                                                                          
+
                                                                                                                                        • If rules based on the CPU allocation rate and memory allocation rate are configured, the policy detection period varies with the processing logic of each loop of the CCE Cluster Autoscaler add-on. A scale-out is triggered once the conditions are met, but it is constrained by other factors such as the cooldown period and node pool status.
                                                                                                                                        • If the number of nodes reaches the upper limit of the cluster scale, the upper limit of the nodes supported in a node pool, or the upper limit of the nodes of a specific flavor, a metric-based scale-out will not be triggered.
                                                                                                                                        • If the number of nodes, the number of vCPUs, or the amount of memory reaches the upper limit for a node scale-out, a metric-based scale-out will not be triggered.
                                                                                                                                        
 
                                                                                                                                        
-
                                                                                                                                      • Action: Configure an action to be performed when the triggering condition is met.
                                                                                                                                        • Custom: Add a specified number of nodes to a node pool.
                                                                                                                                        • Auto calculation: When the trigger condition is met, nodes are automatically added and the allocation rate is restored to a value lower than the threshold. The formula is as follows:
                                                                                                                                          Number of nodes to be added = [Resource request of pods in the node pool/(Available resources of a single node x Target allocation rate)] – Number of current nodes + 1
                                                                                                                                          
+
                                                                                                                                        • Action: Configure an action to be performed when the triggering conditions are met.
                                                                                                                                          • Custom: Plan the number of nodes added to a node pool.
                                                                                                                                          • Auto calculation: When the triggering conditions are met, nodes are automatically added and the allocation rate is restored to a value lower than the threshold. The formula is as follows:
                                                                                                                                            The number of nodes to be added = Resource requests of pods in the node pool/(Available resources of a single node × Target allocation rate) – The number of current nodes + 1
                                                                                                                                            
 
                                                                                                                                          
 
                                                                                                                                        
 
                                                                                                                                      		
 
                                                                                                                                      Periodic
                                                                                                                                      
+
                                                                                                                                      Periodic
                                                                                                                                      
 
                                                                                                                                      • Trigger Time: You can select a specific time every day, every week, every month, or every year.
                                                                                                                                      • Action: specifies an action to be carried out when the trigger time is reached. A specified number of nodes will be added to the node pool.
                                                                                                                                      
+
                                                                                                                                      • Trigger Time: You can select a specific time every day, every week, every month, or every year.
                                                                                                                                      • Action: specifies an action to be carried out when the trigger time is reached. Plan the number of nodes added to the node pool.
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      
                                                                                                                                       
 
                                                                                                                                      
 
                                                                                                                                      
 
                                                                                                                                      
-
                                                                                                                                    • Nodes: The number of nodes in a node pool will always be within the range during auto scaling.
                                                                                                                                    • Cooldown Period: a period during which the nodes added in the current node pool cannot be scaled in.
                                                                                                                                    
-
                                                                                                                                    AS Object
                                                                                                                                    
-
                                                                                                                                    • Specifications: Configure whether to enable auto scaling for node flavors in a node pool.
                                                                                                                                       
                                                                                                                                      If multiple flavors are configured for a node pool, you can specify the upper limit for the number of nodes and the priority for each flavor separately.
                                                                                                                                      
+
                                                                                                                                    • Nodes: The number of nodes in a node pool will always be within the range during auto scaling.
                                                                                                                                    • Cooldown Period: a period during which the nodes added to the current node pool cannot be scaled in.
                                                                                                                                    
+
                                                                                                                                    Auto Scaling Object
                                                                                                                                    
+
                                                                                                                                    • Specifications: Configure whether to enable auto scaling for node flavors in a node pool.
                                                                                                                                       
                                                                                                                                      If multiple flavors are configured for a node pool, you can specify the number of nodes and the scaling priority for each flavor.
                                                                                                                                      
 
                                                                                                                                      
 
                                                                                                                                    
-
                                                                                                                                  4. View cluster-level auto scaling configurations, which take effect for all node pools in the cluster. On this page, you can only view cluster-level auto scaling policies. To modify these policies, go to the Settings page. For details, see Configuring an Auto Scaling Policy for a Cluster.
                                                                                                                                  5. Click OK.
                                                                                                                                  
+
                                                                                                                                • View cluster-level auto scaling configurations, which take effect for all node pools in the cluster. On the Policies page, you can only view cluster-level auto scaling policies. To modify these policies, go to the Settings page. For details, see Configuring an Auto Scaling Policy for a Cluster.
                                                                                                                                • Click OK.
                                                                                                                                  • 
 
                                                                                                                                  
 
                                                                                                                                  Configuring an Auto Scaling Policy for a Cluster
                                                                                                                                   
                                                                                                                                  An auto scaling policy applies to all node pools in a cluster. After the policy is modified, the Autoscaler add-on will be restarted.
                                                                                                                                  
 
                                                                                                                                  
-
                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                  2. In the navigation pane, choose Settings and click the Auto Scaling tab.
                                                                                                                                    • If Autoscaler has not been installed, configure add-on parameters based on service requirements, click Install, and wait until the add-on is installed. For details about add-on configurations, see CCE Cluster Autoscaler.
                                                                                                                                    • If Autoscaler has been installed, directly configure scaling policies.
                                                                                                                                    
-
                                                                                                                                  3. Configure auto scale-out.
                                                                                                                                    • Auto Scale-out when the load cannot be scheduled: When workload pods in a cluster cannot be scheduled (pods remain in pending state), CCE automatically adds nodes to the slave node pool. If a pod has been scheduled to a node, the node will not be involved in an automatic scale-out. Such auto scaling typically works with an HPA policy. For details, see Using HPA and CA for Auto Scaling of Workloads and Nodes.
                                                                                                                                      If this function is not enabled, custom scaling rules are the only option for performing a scale-out.
                                                                                                                                      
-
                                                                                                                                    • Upper limit of resources to be expanded: the upper limit for the cluster's resources, such as the number of nodes, CPU cores, and memory. Once this limit is reached, no new nodes will be automatically added.
                                                                                                                                    • Scale-Out Priority: You can drag and drop the node pools in a list to adjust their scale-out priorities.
                                                                                                                                    
-
                                                                                                                                  4. Configure auto scale-in. Auto scale-in is disabled by default. After it is enabled, you can configure Node Scale-In Conditions and Node Scale-In Policy. If the nodes in the cluster meet the scale-in conditions, the node are removed automatically.
                                                                                                                                    Node Scale-In Conditions
                                                                                                                                    
-
                                                                                                                                    Nodes in a cluster comply with the default scale-in conditions by default. If scale-in conditions are customized for a node pool, the nodes in the node pool comply with the customized scale-in conditions.
                                                                                                                                    
+
                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                    2. In the navigation pane, choose Settings. Then click the Auto Scaling tab.
                                                                                                                                      • If CCE Cluster Autoscaler is not installed, configure add-on parameters based on service requirements, click Install, and wait until the add-on is installed. For details about add-on configurations, see CCE Cluster Autoscaler.
                                                                                                                                      • If CCE Cluster Autoscaler has been installed, configure scaling policies.
                                                                                                                                      
+
                                                                                                                                    3. Configure auto scale-out.
                                                                                                                                      • Auto Scale-out when the load cannot be scheduled: When workload pods in a cluster cannot be scheduled (pods remain in the pending state), CCE automatically adds nodes to the node pool. If a pod has been scheduled to a node, the node will not be involved in an auto scale-out. Such auto scaling typically works with an HPA policy. For details, see Using HPA and CA for Auto Scaling of Workloads and Nodes.
                                                                                                                                        If this function is not enabled, custom scaling rules are the only option for performing a scale-out.
                                                                                                                                        
+
                                                                                                                                      • Upper limit of resources to be expanded: the upper limits for the cluster's resources, such as the number of nodes, the number of vCPUs, and the amount of memory. Once an upper limit is reached, no new nodes will be automatically added.
                                                                                                                                      • Scale-Out Priority: You can drag and drop the node pools in a list to adjust their scale-out priorities.
                                                                                                                                      
+
                                                                                                                                    4. Configure auto scale-in. Auto scale-in is disabled by default. After it is enabled, you can configure Node Scale-In Conditions and Node Scale-In Policy. If the nodes in the cluster meet the scale-in conditions, the nodes are removed automatically.
                                                                                                                                      Node Scale-In Conditions
                                                                                                                                      
+
                                                                                                                                      Nodes in a cluster comply with the default scale-in conditions by default. If custom scale-in conditions are specified for a node pool, the nodes in the node pool comply with the custom scale-in conditions.
                                                                                                                                      
 
-
                                                                                                                                      Table 2 Node scale-in conditions
                                                                                                                                      Parameter
                                                                                                                                      
+
                                                                                                                                      
@@ -62,86 +62,86 @@
 
-
                                                                                                                                      Table 2 Node scale-in conditions
                                                                                                                                      Parameter
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      Description
                                                                                                                                      
 
                                                                                                                                      Default Scale-In Conditions
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      If the CPU and memory allocation rates of a node are lower than a certain percentage (50% by default) for a period of time (10 minutes by default), or the node is unavailable for a period of time (20 minutes by default), the node will be scaled in.
                                                                                                                                      
-
                                                                                                                                      Allocation rate = Total requested resources of all pods/Allocatable resources on the node
                                                                                                                                      
-
                                                                                                                                      If the option Ignore the pre-allocated CPU and memory of the DaemonSet container is selected, CCE will not consider the CPU and memory resources pre-allocated to DaemonSet pods when determining whether to scale in cluster nodes. This means that the resources used by DaemonSet pods will not affect the scaling-in decision. If this option is not selected, the resources pre-allocated to DaemonSet pods will be included in the resource allocation calculations. This can cause the CPU and memory allocation rates to exceed the node scale-in threshold, potentially preventing nodes with low CPU and memory utilization from being scaled in.
                                                                                                                                      
+
                                                                                                                                      Allocation rate = Total requested resources of all pods/Allocatable resources on the node
                                                                                                                                      
+
                                                                                                                                      If the option Ignore the pre-allocated CPU and memory of the DaemonSet container is selected, CCE will not consider the CPU and memory resources pre-allocated to DaemonSet pods when determining whether to scale in cluster nodes. This means that the resources used by DaemonSet pods will not affect the scaling-in decision. If this option is not selected, the resources pre-allocated to DaemonSet pods will be included in the resource allocation calculations. This can cause the CPU and memory allocation rates to exceed the node scale-in threshold, potentially preventing nodes with low CPU and memory utilization from being scaled in.
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      
 
                                                                                                                                      (Optional) Custom Scale-In Conditions
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      You can configure scale-in conditions for each node pool. If the CPU and memory allocation rates of nodes in a node pool are lower than a certain percentage (50% by default) for a period of time (10 minutes by default), the node pool will be scaled in.
                                                                                                                                      
-
                                                                                                                                      Custom scale-in conditions are supported when the CCE Cluster Autoscaler add-on version is 1.25.181, 1.27.152, 1.28.120, 1.29.81, 1.30.48, 1.31.10, or later. If auto scaling is not enabled for all specifications in a node pool, custom scale-in conditions configured for the node pool do not take effect. For details about how to enable auto scaling for a node pool, see Configuring Node Pool Scaling Policies.
                                                                                                                                      
+
                                                                                                                                      Custom scale-in conditions are supported when the CCE Cluster Autoscaler add-on version is 1.25.181, 1.27.152, 1.28.120, 1.29.81, 1.30.48, 1.31.10, or later. If the auto scaling function is not enabled for all specifications in a node pool, custom scale-in conditions configured for the node pool do not take effect. For details about how to enable the auto scaling function for a node pool, see Configuring a Node Pool Auto Scaling Policy.
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      
 
                                                                                                                                      Scale-in Exception Scenarios
                                                                                                                                      
 
                                                                                                                                      When a node meets the following exception scenarios, CCE will not scale in the node even if the node resources or status meets scale-in conditions:
                                                                                                                                      • Resources on other nodes in the cluster are insufficient.
                                                                                                                                      • Scale-in protection is enabled on the node. To enable or disable node scale-in protection, choose Nodes in the navigation pane and then click the Nodes tab. Locate the target node, choose More, and then enable or disable node scale-in protection in the Operation column.
                                                                                                                                      • There is a pod with the non-scale label on the node.
                                                                                                                                      • Policies such as reliability have been configured on some containers on the node.
                                                                                                                                      • There are non-DaemonSet containers in the kube-system namespace on the node.
                                                                                                                                      • (Optional) A container managed by a third-party pod controller is running on a node. Third-party pod controllers are for custom workloads except Kubernetes-native workloads such as Deployments and StatefulSets. Such controllers can be created using CustomResourceDefinitions.
                                                                                                                                      
+
                                                                                                                                      When a node meets the following exception scenarios, CCE will not scale in the node even if the node resources or status meets scale-in conditions:
                                                                                                                                      • Resources on other nodes in the cluster are insufficient.
                                                                                                                                      • Scale-in protection is enabled on the node. To enable or disable node scale-in protection, choose Nodes in the navigation pane and then click the Nodes tab. Locate the target node, choose More, and then enable or disable node scale-in protection in the Operation column.
                                                                                                                                      • There is a pod with the non-scale label on the node.
                                                                                                                                      • Policies such as reliability have been configured on some containers on the node.
                                                                                                                                      • There are non-DaemonSet containers in the kube-system namespace on the node.
                                                                                                                                      • (Optional) A container managed by a third-party pod controller is running on a node. Third-party pod controllers are for custom workloads except Kubernetes-native workloads such as Deployments and StatefulSets. Such controllers can be created using CustomResourceDefinitions.
                                                                                                                                      
 
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      
                                                                                                                                       
 
                                                                                                                                      
 
                                                                                                                                      
-
                                                                                                                                      Node Scale-in Policy
                                                                                                                                      
-
-
                                                                                                                                      Table 3 Node scale-in policy configurations
                                                                                                                                      Item
                                                                                                                                      
+
                                                                                                                                      Node Scale-In Policy
+
                                                                                                                                      
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                                                                                                      Table 3 Node scale-in policy configurations
                                                                                                                                      Item
                                                                                                                                      
 
                                                                                                                                      Description
                                                                                                                                      
+
                                                                                                                                      Description
                                                                                                                                      
 
                                                                                                                                      Default Value
                                                                                                                                      
+
                                                                                                                                      Default Value
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      
 
                                                                                                                                      Number of Concurrent Scale-In Requests
                                                                                                                                      
+
                                                                                                                                      Number of Concurrent Scale-In Requests
                                                                                                                                      
 
                                                                                                                                      Maximum number of idle nodes that can be deleted concurrently.
                                                                                                                                      
+
                                                                                                                                      Maximum number of idle nodes that can be deleted concurrently.
                                                                                                                                      
 
                                                                                                                                      Only idle nodes can be concurrently scaled in. Nodes that are not idle can only be scaled in one by one.
                                                                                                                                      
 
                                                                                                                                       NOTE: 
                                                                                                                                      During a node scale-in, if the pods on the node do not need to be evicted (such as DaemonSet pods), the node is idle. Otherwise, the node is not idle.
                                                                                                                                      
 
                                                                                                                                      
 
                                                                                                                                      10
                                                                                                                                      
+
                                                                                                                                      10
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      Node Recheck Timeout
                                                                                                                                      
+
                                                                                                                                      Node Recheck Timeout
                                                                                                                                      
 
                                                                                                                                      Interval at which a node can be checked again after it is determined that the node cannot be scaled in
                                                                                                                                      
+
                                                                                                                                      Interval at which a node can be checked again after it is determined that the node cannot be scaled in
                                                                                                                                      
 
                                                                                                                                      5 minutes
                                                                                                                                      
+
                                                                                                                                      5 minutes
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      Cooldown Time
                                                                                                                                      
+
                                                                                                                                      Cooldown Time
                                                                                                                                      
 
                                                                                                                                      Cooldown period for starting scale-in evaluation again after auto scale-in is triggered in a cluster
                                                                                                                                      
+
                                                                                                                                      Cooldown period for starting scale-in evaluation again after auto scale-in is triggered in a cluster
                                                                                                                                      
 
                                                                                                                                       NOTE: 
                                                                                                                                      If both auto scale-out and scale-in exist in a cluster, set this parameter to 0 minutes. This prevents the node scale-in from being blocked due to continuous scale-out of some node pools or retries upon a scale-out failure, which results in unexpected waste of node resources.
                                                                                                                                      
 
                                                                                                                                      
 
                                                                                                                                      10 minutes
                                                                                                                                      
+
                                                                                                                                      10 minutes
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      Cooldown period for starting scale-in evaluation again after auto scale-out is triggered in a cluster
                                                                                                                                      
+
                                                                                                                                      Cooldown period for starting scale-in evaluation again after auto scale-out is triggered in a cluster
                                                                                                                                      
 
                                                                                                                                      10 minutes
                                                                                                                                      
+
                                                                                                                                      10 minutes
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      Cooldown period for starting scale-in evaluation again after auto scale-in triggered in a cluster failed
                                                                                                                                      
+
                                                                                                                                      Cooldown period for starting scale-in evaluation again after auto scale-in triggered in a cluster failed
                                                                                                                                      
 
                                                                                                                                      3 minutes
                                                                                                                                      
+
                                                                                                                                      3 minutes
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      
                                                                                                                                       
 
                                                                                                                                      
 
                                                                                                                                      
-
                                                                                                                                    5. Click Confirm configuration.
                                                                                                                                      6. 
+
                                                                                                                                      
+
                                                                                                                                    6. Click Confirm Settings.
                                                                                                                                      7. 
 
 
                                                                                                                                      Cooldown Period
                                                                                                                                      The impact and relationship between the two cooldown periods configured for a node pool are as follows:
                                                                                                                                      
 
                                                                                                                                      Cooldown Period During a Scale-out
                                                                                                                                      
-
                                                                                                                                      This interval indicates the period during which nodes added to the current node pool after a scale-out cannot be deleted. This setting takes effect in the entire node pool.
                                                                                                                                      
+
                                                                                                                                      This period after a scale-out controls how long nodes added to the current node pool after a scale-out cannot be removed. This setting applies to the node pool.
                                                                                                                                      
 
                                                                                                                                      Cooldown Period During a Scale-in
                                                                                                                                      
-
                                                                                                                                      The interval after a scale-out indicates the period during which the entire cluster cannot be scaled in after the Autoscaler add-on triggers a scale-out (due to the unschedulable pods, metrics, or scaling policies). This interval applies to the entire cluster.
                                                                                                                                      
-
                                                                                                                                      The interval after a node is deleted indicates the period during which the cluster cannot be scaled in after the Autoscaler add-on triggers a scale-in. This setting applies to the entire cluster.
                                                                                                                                      
-
                                                                                                                                      The interval after a failed scale-in indicates the period during which the cluster cannot be scaled in after the Autoscaler add-on triggers a scale-in. This setting applies to the entire cluster.
                                                                                                                                      
+
                                                                                                                                      The period after a scale-out controls how long the cluster cannot be scaled in after the CCE Cluster Autoscaler add-on triggers a scale-out (due to the unschedulable pods, metrics, or periodic scaling policies). This setting applies to the cluster.
                                                                                                                                      
+
                                                                                                                                      The period after a node is removed controls how long the cluster cannot be scaled in after the CCE Cluster Autoscaler add-on triggers a scale-in. This setting applies to the cluster.
                                                                                                                                      
+
                                                                                                                                      The interval after a failed scale-in indicates the period during which the cluster cannot be scaled in after the CCE Cluster Autoscaler add-on triggers a scale-in. This setting applies to the entire cluster.
                                                                                                                                      
 
                                                                                                                                      
-
                                                                                                                                      Period for Autoscaler to Retry a Scale-out
                                                                                                                                      If a node pool failed to scale out, for example, due to insufficient quota, or an error occurred during node installation, Autoscaler can retry the scale-out in the node pool or switch to another node pool. The retry period varies depending on failure causes:
                                                                                                                                      
-
                                                                                                                                      • When the user quota is insufficient, Autoscaler cools down the node pool for 5 minutes, 10 minutes, or 20 minutes. The maximum cooldown duration is 30 minutes. Then, Autoscaler switches to another node pool in the next 10 seconds for a scale-out until the expected nodes are added or all node pools have cooled down.
                                                                                                                                      • If an error occurred during node installation in a node pool, the node pool enters a 5-minute cooldown period. After the period expires, Autoscaler can trigger a node pool scale-out again. If the faulty node is automatically reclaimed, Autoscaler re-evaluates the cluster status within 1 minute and triggers a node pool scale-out as needed.
                                                                                                                                      • During a node pool scale-out, if a node remains in the installing state for a long time, Autoscaler tolerates the node for a maximum of 15 minutes. After the tolerance period expires, Autoscaler re-evaluates the cluster status and triggers a node pool scale-out as needed.
                                                                                                                                      
+
                                                                                                                                      Period for CCE Cluster Autoscaler to Retry a Scale-out
                                                                                                                                      If a node pool failed to be scaled out, for example, due to insufficient quota, or an error during node installation, the CCE Cluster Autoscaler add-on can retry the scale-out in the same node pool or another node pool. The retry period varies depending on failure causes:
                                                                                                                                      
+
                                                                                                                                      • When the user quota is insufficient, the CCE Cluster Autoscaler add-on cools down the node pool for 5 minutes, 10 minutes, or 20 minutes. The maximum cooldown period is 30 minutes. Then, the CCE Cluster Autoscaler add-on switches to another node pool in the next 10 seconds for a scale-out until the desired nodes are added or all node pools have been cooled down.
                                                                                                                                      • If there is an error during node installation in a node pool, the node pool will enter a 5-minute cooldown period. After the period expires, the CCE Cluster Autoscaler add-on can trigger a node pool scale-out again. If the faulty node is automatically reclaimed, the CCE Cluster Autoscaler add-on re-evaluates the cluster status within 1 minute and triggers a node pool scale-out as needed.
                                                                                                                                      • During a node pool scale-out, if a node remains in the installing state for a long time, the CCE Cluster Autoscaler add-on tolerates the node for a maximum of 15 minutes. After the tolerance period expires, the CCE Cluster Autoscaler add-on re-evaluates the cluster status and triggers a node pool scale-out as needed.
                                                                                                                                      
 
                                                                                                                                      
 
                                                                                                                                      Example YAML
                                                                                                                                      The following is a YAML example of a node scaling policy:
                                                                                                                                      
 
                                                                                                                                      apiVersion: autoscaling.cce.io/v1alpha1
@@ -177,131 +177,131 @@ spec:
   - 7d48eca7-3419-11ea-bc29-0255ac1001a8
                                                                                                                                      
 
                                                                                                                                      
 
-
                                                                                                                                      Table 4 Key parameters
                                                                                                                                      Parameter
                                                                                                                                      
+
                                                                                                                                      
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@@ -310,7 +310,7 @@ spec:
 
                                                                                                                                      
 
                                                                                                                                      
-
                                                                                                                                      Parent topic: Scaling a Node
                                                                                                                                      
+
                                                                                                                                      Parent topic: Node Scaling
                                                                                                                                      
 
                                                                                                                                      
 
                                                                                                                                      
 
diff --git a/docs/cce/umn/cce_10_0210.html b/docs/cce/umn/cce_10_0210.html
index 7b01cc1d7..0b103295b 100644
--- a/docs/cce/umn/cce_10_0210.html
+++ b/docs/cce/umn/cce_10_0210.html
@@ -16,7 +16,7 @@
 
-
diff --git a/docs/cce/umn/cce_10_0212.html b/docs/cce/umn/cce_10_0212.html
index 2b6ecfdf0..82003ab89 100644
--- a/docs/cce/umn/cce_10_0212.html
+++ b/docs/cce/umn/cce_10_0212.html
@@ -3,7 +3,7 @@
 
                                                                                                                                      Deleting a Cluster
                                                                                                                                      Precautions
                                                                                                                                      • Deleting a cluster will delete the workloads and Services in the cluster, and the deleted data cannot be recovered. Before performing this operation, ensure that related data has been backed up or migrated.
                                                                                                                                      • If you choose to delete a cluster with the nodes in it, the system disks and data disks attached to the nodes will also be deleted. Back up data before the deletion.
                                                                                                                                      • If you delete a cluster that is not running (for example, unavailable), associated resources, such as storage and networking resources, will remain.
                                                                                                                                      • A hibernated cluster can be deleted only after it is awakened.
                                                                                                                                      
 
                                                                                                                                      
-
                                                                                                                                      Deleting a Cluster
                                                                                                                                      1. Log in to the CCE console. In the navigation pane, choose Clusters.
                                                                                                                                      2. In the cluster list on the right, locate the cluster to be deleted and click . In the drop-down list, choose Delete.
                                                                                                                                      3. In the displayed Delete Cluster dialog box, select the resources to be released.
                                                                                                                                        • Delete cloud storage resources associated with workloads in the cluster.
                                                                                                                                           
                                                                                                                                          When deleting underlying cloud storage resources bound to storage volumes in a cluster, pay attention to following constraints:
                                                                                                                                          
+
                                                                                                                                          Deleting a Cluster
                                                                                                                                          1. Log in to the CCE console. In the navigation pane, choose Clusters.
                                                                                                                                          2. In the cluster list on the right, locate the cluster to be deleted and click . In the drop-down list, choose Delete.
                                                                                                                                          3. In the displayed Delete Cluster dialog box, select the resources to be released.
                                                                                                                                            • Delete cloud storage resources associated with workloads in the cluster.
                                                                                                                                               
                                                                                                                                              When deleting underlying cloud storage resources bound to storage volumes in a cluster, pay attention to following constraints:
                                                                                                                                              
 
                                                                                                                                              • The underlying storage resources are deleted according to the reclamation policy you defined for the storage volumes. For example, if the reclamation policy of storage volumes is Retain, the underlying storage resources will be retained after the cluster is deleted.
                                                                                                                                              • If there are more than 1000 files in the OBS bucket, manually clear the files and then delete the cluster.
                                                                                                                                              
 
                                                                                                                                              
 
                                                                                                                                              If the storage volume's reclamation policy is set to Retain, the following table lists the method of deleting PVs based on their type.
@@ -19,7 +19,7 @@
 
 
                                                                                                                                      
-
-
-
-
-
-
-
@@ -43,589 +43,752 @@
 
                                                                                                                                      Table 4 Key parameters
                                                                                                                                      Parameter
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      Type
                                                                                                                                      
 
                                                                                                                                      Description
                                                                                                                                      
+
                                                                                                                                      Description
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      
 
                                                                                                                                      spec.disable
                                                                                                                                      
+
                                                                                                                                      spec.disable
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      Bool
                                                                                                                                      
 
                                                                                                                                      Whether to enable the scaling policy. This parameter takes effect for all rules in the policy.
                                                                                                                                      
+
                                                                                                                                      Whether to enable the scaling policy. This parameter takes effect for all rules in the policy.
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      spec.rules
                                                                                                                                      
+
                                                                                                                                      spec.rules
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      Array
                                                                                                                                      
 
                                                                                                                                      All rules in a scaling policy.
                                                                                                                                      
+
                                                                                                                                      All rules in a scaling policy.
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      spec.rules[x].ruleName
                                                                                                                                      
+
                                                                                                                                      spec.rules[x].ruleName
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      String
                                                                                                                                      
 
                                                                                                                                      Rule name.
                                                                                                                                      
+
                                                                                                                                      Rule name.
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      spec.rules[x].type
                                                                                                                                      
+
                                                                                                                                      spec.rules[x].type
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      String
                                                                                                                                      
 
                                                                                                                                      Rule type. Cron and Metric are supported.
                                                                                                                                      
+
                                                                                                                                      Rule type. Cron and Metric are supported.
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      spec.rules[x].disable
                                                                                                                                      
+
                                                                                                                                      spec.rules[x].disable
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      Bool
                                                                                                                                      
 
                                                                                                                                      Rule switch. Currently, only false is supported.
                                                                                                                                      
+
                                                                                                                                      Rule switch. Currently, only false is supported.
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      spec.rules[x].action.type
                                                                                                                                      
+
                                                                                                                                      spec.rules[x].action.type
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      String
                                                                                                                                      
 
                                                                                                                                      Rule action type. Currently, only ScaleUp is supported.
                                                                                                                                      
+
                                                                                                                                      Rule action type. Currently, only ScaleUp is supported.
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      spec.rules[x].action.unit
                                                                                                                                      
+
                                                                                                                                      spec.rules[x].action.unit
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      String
                                                                                                                                      
 
                                                                                                                                      Rule action unit. Currently, only Node is supported.
                                                                                                                                      
+
                                                                                                                                      Rule action unit. Currently, only Node is supported.
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      spec.rules[x].action.value
                                                                                                                                      
+
                                                                                                                                      spec.rules[x].action.value
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      Integer
                                                                                                                                      
 
                                                                                                                                      Rule action value.
                                                                                                                                      
+
                                                                                                                                      Rule action value.
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      spec.rules[x].cronTrigger
                                                                                                                                      
+
                                                                                                                                      spec.rules[x].cronTrigger
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      N/A
                                                                                                                                      
 
                                                                                                                                      Optional. This parameter is valid only in periodic rules.
                                                                                                                                      
+
                                                                                                                                      Optional. This parameter is valid only in periodic rules.
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      spec.rules[x].cronTrigger.schedule
                                                                                                                                      
+
                                                                                                                                      spec.rules[x].cronTrigger.schedule
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      String
                                                                                                                                      
 
                                                                                                                                      Cron expression of a periodic rule.
                                                                                                                                      
+
                                                                                                                                      Cron expression of a periodic rule.
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      spec.rules[x].metricTrigger
                                                                                                                                      
+
                                                                                                                                      spec.rules[x].metricTrigger
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      N/A
                                                                                                                                      
 
                                                                                                                                      Optional. This parameter is valid only in metric-based rules.
                                                                                                                                      
+
                                                                                                                                      Optional. This parameter is valid only in metric-based rules.
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      spec.rules[x].metricTrigger.metricName
                                                                                                                                      
+
                                                                                                                                      spec.rules[x].metricTrigger.metricName
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      String
                                                                                                                                      
 
                                                                                                                                      Metric of a metric-based rule. Currently, Cpu and Memory are supported.
                                                                                                                                      
+
                                                                                                                                      Metric of a metric-based rule. Currently, Cpu and Memory are supported.
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      spec.rules[x].metricTrigger.metricOperation
                                                                                                                                      
+
                                                                                                                                      spec.rules[x].metricTrigger.metricOperation
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      String
                                                                                                                                      
 
                                                                                                                                      Comparison operator of a metric-based rule. Only > is supported.
                                                                                                                                      
+
                                                                                                                                      Comparison operator of a metric-based rule. Only > is supported.
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      spec.rules[x].metricTrigger.metricValue
                                                                                                                                      
+
                                                                                                                                      spec.rules[x].metricTrigger.metricValue
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      String
                                                                                                                                      
 
                                                                                                                                      Threshold of the metric rule. The value can be an integer ranging from 1 to 100 and must be a character. If the value is set to -1, the threshold is automatically calculated.
                                                                                                                                      
+
                                                                                                                                      Threshold of the metric rule. The value can be an integer from 1 to 100 and must be a character. If the value is set to -1, the threshold is automatically calculated.
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      spec.rules[x].metricTrigger.Unit
                                                                                                                                      
+
                                                                                                                                      spec.rules[x].metricTrigger.Unit
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      String
                                                                                                                                      
 
                                                                                                                                      Unit of the metric-based rule threshold. Only % is supported.
                                                                                                                                      
+
                                                                                                                                      Unit of the metric-based rule threshold. Only % is supported.
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      spec.targetNodepoolIds
                                                                                                                                      
+
                                                                                                                                      spec.targetNodepoolIds
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      Array
                                                                                                                                      
 
                                                                                                                                      All node pools associated with the scaling policy.
                                                                                                                                      
+
                                                                                                                                      All node pools associated with the scaling policy.
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      spec.targetNodepoolIds[x]
                                                                                                                                      
+
                                                                                                                                      spec.targetNodepoolIds[x]
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      String
                                                                                                                                      
 
                                                                                                                                      UID of the node pool associated with the scaling policy.
                                                                                                                                      
+
                                                                                                                                      UID of the node pool associated with the scaling policy.
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      
                                                                                                                                       
 
                                                                                                                                      NodeIP-related: Check whether node IP addresses (including EIPs) of the cluster before the migration have been used in other configurations or trustlists.
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      Workloads
                                                                                                                                      
+
                                                                                                                                      Workload
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      Record the number of workloads for post-migration check.
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      Disks
                                                                                                                                      
 
                                                                                                                                      Pay-per-use EVS disks will be deleted.
                                                                                                                                      
+
                                                                                                                                      Yes
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      
 
                                                                                                                                      SFS
                                                                                                                                      
@@ -69,7 +69,7 @@
 
 
                                                                                                                                      
 
                                                                                                                                      
-
                                                                                                                                      Parent topic: Managing a Cluster
                                                                                                                                      
+
                                                                                                                                      Parent topic: Managing Clusters
                                                                                                                                      
 
                                                                                                                                      
 
                                                                                                                                      
 
diff --git a/docs/cce/umn/cce_10_0213.html b/docs/cce/umn/cce_10_0213.html
index 8512c80d1..8e1ead4cf 100644
--- a/docs/cce/umn/cce_10_0213.html
+++ b/docs/cce/umn/cce_10_0213.html
@@ -9,33 +9,33 @@
 
 
                                                                                                                                      
 
                                                                                                                                      API server (kube-apiserver)
                                                                                                                                      
+
                                                                                                                                      API server (kube-apiserver)
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      Control resource scheduling, manage requests, ensure security, and toggle feature statuses to maintain efficient cluster operation and proper resource allocation.
                                                                                                                                      
 
                                                                                                                                      Modifying kube-apiserver parameters will restart the cluster and terminate existing persistent connections. Exercise caution when performing this operation.
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      Scheduler
                                                                                                                                      
+
                                                                                                                                      Scheduler configurations
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      Manage and optimize resource scheduling, request control, and GPU resource allocation in clusters. You can dynamically adjust scheduling policies based on cluster loads and resource requirements to ensure efficient cluster running and maximize resource utilization.
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      Cluster controller (kube-controller-manager)
                                                                                                                                      
+
                                                                                                                                      Cluster controller (kube-controller-manager)
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      Control the behavior and synchronization frequency of different controllers in a cluster to optimize cluster resource management and task scheduling.
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      Network components (supported only by CCE Turbo clusters)
                                                                                                                                      
+
                                                                                                                                      Network component configurations (supported only by CCE Turbo clusters)
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      Control and optimize the management of network resources in clusters, especially in heavy-load and large-scale clusters, to ensure efficient network running and proper resource allocation.
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      Network components (supported only by CCE clusters using VPC networks)
                                                                                                                                      
+
                                                                                                                                      Network component configurations (supported only by CCE clusters using VPC networks)
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      Specify the IP address range that does not require SNAT. This avoids unnecessary SNAT and optimizes network performance.
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      Extended controller (supported only by clusters of v1.21 or later)
                                                                                                                                      
+
                                                                                                                                      Extended controller configurations (supported only by clusters of v1.21 or later)
                                                                                                                                      
                                                                                                                                       		
 
                                                                                                                                      Restrict the resource usage in the namespace to ensure fair and reasonable resource allocation.
                                                                                                                                      
 
                                                                                                                                      
 
                                                                                                                                      
 
                                                                                                                                      
-
                                                                                                                                      Modifying Cluster Configurations
                                                                                                                                      1. Log in to the CCE console. In the navigation pane, choose Clusters.
                                                                                                                                      2. Locate the target cluster, click ... to view more operations on the cluster, and choose Manage. This function allows you to modify parameter settings of Kubernetes native components and proprietary components.
                                                                                                                                      3. On the Manage Component page, change the values of the Kubernetes parameters listed in the following table.
                                                                                                                                        
-
                                                                                                                                        Table 2 kube-apiserver configurations
                                                                                                                                        Item
                                                                                                                                        
+
                                                                                                                                        Using the Console
                                                                                                                                        1. Log in to the CCE console. In the navigation pane, choose Clusters.
                                                                                                                                        2. Locate the target cluster, click ... to view more operations on the cluster, and choose Manage. This function allows you to modify parameter settings of Kubernetes native components and proprietary components.
                                                                                                                                          
+
                                                                                                                                        3. In the Manage Component window, modify the Kubernetes parameter values based on service requirements. For details about the parameters, see Cluster Configuration Parameters.
                                                                                                                                        
+
                                                                                                                                        
+
                                                                                                                                        Using an API
                                                                                                                                        You can modify the CCE cluster configuration parameters using an API.
                                                                                                                                        
+
                                                                                                                                        PUT /api/v3/projects/{project_id}/clusters/{cluster_id}/nodepools/master/configuration
                                                                                                                                        
+
+
                                                                                                                                        
-
-
-
-
-
-
-
-
-
-
-
-
+
                                                                                                                                        Parameter
                                                                                                                                        
 
                                                                                                                                        Parameter
                                                                                                                                        
-
                                                                                                                                        Description
                                                                                                                                        
-
                                                                                                                                        Value
                                                                                                                                        
+
                                                                                                                                        Description
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        
 
                                                                                                                                        Toleration time for nodes in NotReady state
                                                                                                                                        
+
                                                                                                                                        project_id
                                                                                                                                        
 
                                                                                                                                        default-not-ready-toleration-seconds
                                                                                                                                        
-
                                                                                                                                        Tolerance time during which containers can continue running before being automatically evicted if their node becomes unavailable. This setting applies to all containers by default. In a CCE cluster, you can configure separate tolerance policies for different pods for refined management. For details, see Configuring Tolerance Policies.
                                                                                                                                        
-
                                                                                                                                        Configuration suggestion: Unless otherwise specified, keep the default settings.
                                                                                                                                        
-
                                                                                                                                        Potential risks: If the specified tolerance time is too short, pods may be frequently migrated due to transient issues like network jitter. If the specified tolerance time is too long, services may remain interrupted for an extended period after a node failure.
                                                                                                                                        
-
                                                                                                                                        Default: 300s
                                                                                                                                        
+
                                                                                                                                        Project ID. For details about how to obtain the project ID, see .
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        Toleration time for nodes in unreachable state
                                                                                                                                        
+
                                                                                                                                        cluster_id
                                                                                                                                        
 
                                                                                                                                        default-unreachable-toleration-seconds
                                                                                                                                        
-
                                                                                                                                        Tolerance time during which containers can continue running before being automatically evicted if their node cannot be accessed. This setting applies to all containers by default. In a CCE cluster, you can configure separate tolerance policies for different pods for refined management. For details, see Configuring Tolerance Policies.
                                                                                                                                        
-
                                                                                                                                        Configuration suggestion: Unless otherwise specified, keep the default settings.
                                                                                                                                        
-
                                                                                                                                        Potential risks: If the specified tolerance time is too short, pods may be frequently migrated due to transient issues like network jitter. If the specified tolerance time is too long, services may remain interrupted for an extended period after a node failure.
                                                                                                                                        
-
                                                                                                                                        Default: 300s
                                                                                                                                        
+
                                                                                                                                        Cluster ID. For details about how to obtain the cluster ID, see .
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        Maximum Number of Concurrent Modification API Calls
                                                                                                                                        
+
                                                                                                                                        
+
                                                                                                                                        
+
                                                                                                                                        The request body is as follows:
                                                                                                                                        
+
                                                                                                                                        {
+  "kind" : "Configuration",
+  "apiVersion" : "v3",
+  "metadata" : {
+    "name" : "configuration"
+  },
+  "spec" : {
+    "packages" : [ {
+      "name" : "kube-apiserver",
+      "configurations" : [ {
+        "name" : "default-not-ready-toleration-seconds",
+        "value" : 300
+      }, {
+        "name" : "default-unreachable-toleration-seconds",
+        "value" : 300
+      } ]
+    } ]
+  }
+}
                                                                                                                                        
+
                                                                                                                                        In the preceding example, the configuration parameters of the cluster server (kube-apiserver) are modified as follows:
                                                                                                                                        
+
                                                                                                                                        • Toleration time for nodes in NotReady state during container migration (default-not-ready-toleration-seconds): 300
                                                                                                                                        • Toleration time for nodes in unreachable state during container migration (default-not-ready-toleration-seconds): 300
                                                                                                                                        
+
                                                                                                                                        
+
                                                                                                                                        Cluster Configuration Parameters
                                                                                                                                        
+
                                                                                                                                        
+
+
+
+
+
+
+
-
-
-
+
-
-
-
-
+
-
-
-
-
+
-
-
-
-
+
-
-
-
-
+
-
-
-
-
+
-
-
-
-
+
-
-
-
-
+
-
-
-
-
+
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                        Table 2 kube-apiserver configurations
                                                                                                                                        Item
                                                                                                                                        
+
                                                                                                                                        Parameter
                                                                                                                                        
+
                                                                                                                                        Description
                                                                                                                                        
+
                                                                                                                                        Value
                                                                                                                                        
+
                                                                                                                                        Configuration Method
                                                                                                                                        
+
                                                                                                                                        Toleration time for nodes in NotReady state
                                                                                                                                        
 
                                                                                                                                        max-mutating-requests-inflight
                                                                                                                                        
+
                                                                                                                                        default-not-ready-toleration-seconds
                                                                                                                                        
 
                                                                                                                                        Maximum number of concurrent mutating requests. Any requests exceeding the specified value will be rejected. Value 0 indicates that there is no limit on the maximum number of concurrent mutating requests.
                                                                                                                                        
-
                                                                                                                                        Configuration suggestion: Retain the default setting.
                                                                                                                                        
-
                                                                                                                                        Potential risks: Increasing the value of this parameter may cause overload.
                                                                                                                                        
+
                                                                                                                                        Tolerance time during which containers can continue running before being automatically evicted if their node becomes unavailable. This setting applies to all containers by default. In a CCE cluster, you can configure separate tolerance policies for different pods for refined management. For details, see Configuring Tolerance Policies.
                                                                                                                                        
+
                                                                                                                                        Configuration suggestion: Unless otherwise specified, retain the default settings.
                                                                                                                                        
+
                                                                                                                                        Potential risks: If the specified tolerance time is too short, pods may be frequently migrated due to transient issues like network jitter. If the specified tolerance time is too long, services may remain interrupted for an extended period after a node failure.
                                                                                                                                        
 
                                                                                                                                        Manual configuration is no longer supported since cluster v1.21. The value is automatically specified based on the cluster scale.
                                                                                                                                        
-
                                                                                                                                        • 200 for clusters with 50 or 200 nodes
                                                                                                                                        • 500 for clusters with 1000 nodes
                                                                                                                                        • 1000 for clusters with 2000 nodes
                                                                                                                                        
+
                                                                                                                                        Default: 300s
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        Maximum Number of Concurrent Non-Modification API Calls
                                                                                                                                        
+
                                                                                                                                        Toleration time for nodes in unreachable state
                                                                                                                                        
 
                                                                                                                                        max-requests-inflight
                                                                                                                                        
+
                                                                                                                                        default-unreachable-toleration-seconds
                                                                                                                                        
 
                                                                                                                                        Maximum number of concurrent non-mutating requests. Any requests exceeding the specified value will be rejected. Value 0 indicates that there is no limit on the maximum number of concurrent non-mutating requests.
                                                                                                                                        
-
                                                                                                                                        Configuration suggestion: Retain the default setting.
                                                                                                                                        
-
                                                                                                                                        Potential risks: Increasing the value of this parameter may cause overload.
                                                                                                                                        
+
                                                                                                                                        Tolerance time during which containers can continue running before being automatically evicted if their node cannot be accessed. This setting applies to all containers by default. In a CCE cluster, you can configure separate tolerance policies for different pods for refined management. For details, see Configuring Tolerance Policies.
                                                                                                                                        
+
                                                                                                                                        Configuration suggestion: Unless otherwise specified, retain the default settings.
                                                                                                                                        
+
                                                                                                                                        Potential risks: If the specified tolerance time is too short, pods may be frequently migrated due to transient issues like network jitter. If the specified tolerance time is too long, services may remain interrupted for an extended period after a node failure.
                                                                                                                                        
 
                                                                                                                                        Manual configuration is no longer supported since cluster v1.21. The value is automatically specified based on the cluster scale.
                                                                                                                                        
-
                                                                                                                                        • 400 for clusters with 50 or 200 nodes
                                                                                                                                        • 1000 for clusters with 1000 nodes
                                                                                                                                        • 2000 for clusters with 2000 nodes
                                                                                                                                        
+
                                                                                                                                        Default: 300s
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        NodePort port range
                                                                                                                                        
+
                                                                                                                                        Maximum number of concurrent modification API calls
                                                                                                                                        
 
                                                                                                                                        service-node-port-range
                                                                                                                                        
+
                                                                                                                                        max-mutating-requests-inflight
                                                                                                                                        
 
                                                                                                                                        Port range for a NodePort Service. After changing the value, go to the security group page and change the TCP/UDP port range of node security groups 30000 to 32767. Otherwise, ports other than the default port cannot be accessed externally.
                                                                                                                                        
-
                                                                                                                                        Configuration suggestion: Retain the default setting.
                                                                                                                                        
-
                                                                                                                                        Potential risks: If the port number is smaller than 20106, a conflict may occur between the port and the CCE health check port, which may further lead to unavailable cluster. If the port number is greater than 32767, a conflict may occur between the port and the ports in net.ipv4.ip_local_port_range, which may further affect the network performance.
                                                                                                                                        
+
                                                                                                                                        Maximum number of concurrent mutating requests. Any requests exceeding the specified value will be rejected. Value 0 indicates that there is no limit on the maximum number of concurrent mutating requests.
                                                                                                                                        
+
                                                                                                                                        Configuration suggestion: Retain the default setting.
                                                                                                                                        
+
                                                                                                                                        Potential risks: Increasing the value of this parameter may cause overload.
                                                                                                                                        
 
                                                                                                                                        Default: 30000 to 32767
                                                                                                                                        
-
                                                                                                                                        Value range:
                                                                                                                                        
-
                                                                                                                                        Min > 20105
                                                                                                                                        
-
                                                                                                                                        Max < 32768
                                                                                                                                        
+
                                                                                                                                        Manual configuration is no longer supported since cluster v1.21. The value is automatically specified based on the cluster scale.
                                                                                                                                        
+
                                                                                                                                        • 200 for clusters with 50 or 200 nodes
                                                                                                                                        • 500 for clusters with 1,000 nodes
                                                                                                                                        • 1000 for clusters with 2,000 nodes
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        Request Timeout
                                                                                                                                        
+
                                                                                                                                        Maximum number of concurrent non-modification API calls
                                                                                                                                        
 
                                                                                                                                        request-timeout
                                                                                                                                        
+
                                                                                                                                        max-requests-inflight
                                                                                                                                        
 
                                                                                                                                        Request timeout of the kube-apiserver component.
                                                                                                                                        
-
                                                                                                                                        Configuration suggestion: Retain the default setting to prevent frequent API timeouts and other exceptions.
                                                                                                                                        
-
                                                                                                                                        Applicable cluster version: This parameter is available only in clusters of v1.19.16-r30, v1.21.10-r10, v1.23.8-r10, v1.25.3-r10, or later.
                                                                                                                                        
+
                                                                                                                                        Maximum number of concurrent non-mutating requests. Any requests exceeding the specified value will be rejected. Value 0 indicates that there is no limit on the maximum number of concurrent non-mutating requests.
                                                                                                                                        
+
                                                                                                                                        Configuration suggestion: Retain the default setting.
                                                                                                                                        
+
                                                                                                                                        Potential risks: Increasing the value of this parameter may cause overload.
                                                                                                                                        
 
                                                                                                                                        Default: 1m0s
                                                                                                                                        
-
                                                                                                                                        Value range:
                                                                                                                                        
-
                                                                                                                                        Min ≥ 1s
                                                                                                                                        
-
                                                                                                                                        Max ≤ 1 hour
                                                                                                                                        
+
                                                                                                                                        Manual configuration is no longer supported since cluster v1.21. The value is automatically specified based on the cluster scale.
                                                                                                                                        
+
                                                                                                                                        • 400 for clusters with 50 or 200 nodes
                                                                                                                                        • 1000 for clusters with 1,000 nodes
                                                                                                                                        • 2000 for clusters with 2,000 nodes
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        Overload Control
                                                                                                                                        
+
                                                                                                                                        NodePort port range
                                                                                                                                        
 
                                                                                                                                        support-overload
                                                                                                                                        
+
                                                                                                                                        service-node-port-range
                                                                                                                                        
 
                                                                                                                                        Cluster overload control. After this function is enabled, concurrent requests will be dynamically controlled based on the resource demands received by master nodes, ensuring stable running of the master nodes and the cluster.
                                                                                                                                        
-
                                                                                                                                        Configuration suggestion: Enable this function. In scenarios like short-term request bursts, a cluster may still become overloaded even with overload control enabled. In such cases, you are advised to manage and control access to the cluster promptly.
                                                                                                                                        
-
                                                                                                                                        Applicable cluster version: This parameter is available only in clusters of v1.23 or later.
                                                                                                                                        
+
                                                                                                                                        Port range for a NodePort Service. After changing the value, go to the security group page and change the TCP/UDP port range of node security groups 30000 to 32767. Otherwise, ports other than the default port cannot be accessed externally.
                                                                                                                                        
+
                                                                                                                                        Configuration suggestion: Retain the default setting.
                                                                                                                                        
+
                                                                                                                                        Potential risks: If the port number is smaller than 20106, a conflict may occur between the port and the CCE health check port, which may further lead to unavailable cluster. If the port number is greater than 32767, a conflict may occur between the port and the ports in net.ipv4.ip_local_port_range, which may further affect the network performance.
                                                                                                                                        
 
                                                                                                                                        • false: Overload control is disabled.
                                                                                                                                        • true: Overload control is enabled.
                                                                                                                                        
+
                                                                                                                                        Default: 30000 to 32767
                                                                                                                                        
+
                                                                                                                                        Value range:
                                                                                                                                        
+
                                                                                                                                        Min > 20105
                                                                                                                                        
+
                                                                                                                                        Max < 32768
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        Node Restriction Add-on
                                                                                                                                        
+
                                                                                                                                        Request timeout
                                                                                                                                        
 
                                                                                                                                        enable-admission-plugin-node-restriction
                                                                                                                                        
+
                                                                                                                                        request-timeout
                                                                                                                                        
 
                                                                                                                                        Restrict kubelet to modify only the pods on its own node. This prevents unauthorized operations and enhances isolation in high-security or multi-tenant scenarios.
                                                                                                                                        
-
                                                                                                                                        Applicable cluster version: This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later.
                                                                                                                                        
+
                                                                                                                                        Request timeout of the kube-apiserver component.
                                                                                                                                        
+
                                                                                                                                        Configuration suggestion: Retain the default setting to prevent frequent API timeouts and other exceptions.
                                                                                                                                        
+
                                                                                                                                        Applicable cluster version: This parameter is available only in clusters of v1.19.16-r30, v1.21.10-r10, v1.23.8-r10, v1.25.3-r10, or later.
                                                                                                                                        
 
                                                                                                                                        Default: true
                                                                                                                                        
+
                                                                                                                                        Default: 1m0s
                                                                                                                                        
+
                                                                                                                                        Value range:
                                                                                                                                        
+
                                                                                                                                        Min ≥ 1s
                                                                                                                                        
+
                                                                                                                                        Max ≤ 1 hour
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        Pod Node Selector Add-on
                                                                                                                                        
+
                                                                                                                                        Overload control
                                                                                                                                        
 
                                                                                                                                        enable-admission-plugin-pod-node-selector
                                                                                                                                        
+
                                                                                                                                        support-overload
                                                                                                                                        
 
                                                                                                                                        Allow cluster administrators to configure default node selectors through namespace annotations. In this way, pods run only on specific nodes and configurations are simplified.
                                                                                                                                        
-
                                                                                                                                        Applicable cluster version: This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later.
                                                                                                                                        
+
                                                                                                                                        Cluster overload control. After this function is enabled, CCE will dynamically adjust concurrent requests based on the resource demands received by master nodes to ensure the stability and reliability of the master nodes and the cluster.
                                                                                                                                        
+
                                                                                                                                        Configuration suggestion: Enable this function. In scenarios like short-term request bursts, a cluster may still become overloaded even with overload control enabled. In such cases, you are advised to manage and control access to the cluster promptly.
                                                                                                                                        
+
                                                                                                                                        Applicable cluster version: This parameter is available only in clusters of v1.23 or later.
                                                                                                                                        
 
                                                                                                                                        Default: true
                                                                                                                                        
+
                                                                                                                                        • false: Overload control is disabled.
                                                                                                                                        • true: Overload control is enabled.
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        Pod Toleration Limit Add-on
                                                                                                                                        
+
                                                                                                                                        Node restriction add-on
                                                                                                                                        
 
                                                                                                                                        enable-admission-plugin-pod-toleration-restriction
                                                                                                                                        
+
                                                                                                                                        enable-admission-plugin-node-restriction
                                                                                                                                        
 
                                                                                                                                        Allow cluster administrators to configure default pod toleration values and limits through namespaces. This enables fine-grained control over pod scheduling and protects key resources.
                                                                                                                                        
-
                                                                                                                                        Applicable cluster version: This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later.
                                                                                                                                        
+
                                                                                                                                        Restrict kubelet to modify only the pods on its own node. This prevents unauthorized operations and enhances isolation in high-security or multi-tenant scenarios.
                                                                                                                                        
+
                                                                                                                                        Applicable cluster version: This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later.
                                                                                                                                        
 
                                                                                                                                        Default: false
                                                                                                                                        
+
                                                                                                                                        Default: true
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        API Audience Settings
                                                                                                                                        
+
                                                                                                                                        Pod node selector add-on
                                                                                                                                        
 
                                                                                                                                        api-audiences
                                                                                                                                        
+
                                                                                                                                        enable-admission-plugin-pod-node-selector
                                                                                                                                        
 
                                                                                                                                        Specify the audiences associated with a ServiceAccount token in service account token volume projection. For details, see the official document.
                                                                                                                                        
-
                                                                                                                                        Configuration suggestion: Retain the default setting. To ensure the proper running of the original service account authentication, add audiences instead of deleting existing ones when configuring this parameter.
                                                                                                                                        
-
                                                                                                                                        Potential risks: Deleting the original configuration that is still in use or setting it to an incorrect URL may result in a service account authentication failure.
                                                                                                                                        
-
                                                                                                                                        Applicable cluster version: This parameter is available only in clusters of v1.23.16-r0, v1.25.11-r0, v1.27.8-r0, v1.28.6-r0, v1.29.2-r0, or later.
                                                                                                                                        
+
                                                                                                                                        Allow cluster administrators to configure default node selectors through namespace annotations. In this way, pods run only on specific nodes and configurations are simplified.
                                                                                                                                        
+
                                                                                                                                        Applicable cluster version: This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later.
                                                                                                                                        
 
                                                                                                                                        Default value: "https://kubernetes.default.svc.cluster.local"
                                                                                                                                        
-
                                                                                                                                        Multiple values can be configured, which are separated by commas (,).
                                                                                                                                        
+
                                                                                                                                        Default: true
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        Service Account Token Issuer Identity
                                                                                                                                        
+
                                                                                                                                        Pod toleration limit add-on
                                                                                                                                        
 
                                                                                                                                        service-account-issuer
                                                                                                                                        
+
                                                                                                                                        enable-admission-plugin-pod-toleration-restriction
                                                                                                                                        
 
                                                                                                                                        Entity identifier for issuing a service account token, which is the value identified by the iss field in the payload of the service account token.
                                                                                                                                        
-
                                                                                                                                        Configuration suggestion: Ensure the configured issuer URL can be accessed in the cluster and trusted by the authentication system in the cluster.
                                                                                                                                        
-
                                                                                                                                        Potential risks: If your specified issuer URL is untrusted or inaccessible, the authentication process based on the service account may fail.
                                                                                                                                        
-
                                                                                                                                        Applicable cluster version: This parameter is available only in clusters of v1.23.16-r0, v1.25.11-r0, v1.27.8-r0, v1.28.6-r0, v1.29.2-r0, or later.
                                                                                                                                        
+
                                                                                                                                        Allow cluster administrators to configure default pod toleration values and limits through namespaces. This enables fine-grained control over pod scheduling and protects key resources.
                                                                                                                                        
+
                                                                                                                                        Applicable cluster version: This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later.
                                                                                                                                        
 
                                                                                                                                        Default value: "https://kubernetes.default.svc.cluster.local"
                                                                                                                                        
-
                                                                                                                                        Multiple values can be configured, which are separated by commas (,).
                                                                                                                                        
+
                                                                                                                                        Default: false
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
+
                                                                                                                                        API audiences
                                                                                                                                        
+
                                                                                                                                        api-audiences
                                                                                                                                        
+
                                                                                                                                        Specify the audiences associated with a ServiceAccount token in service account token volume projection. For details, see the official document.
                                                                                                                                        
+
                                                                                                                                        Configuration suggestion: Retain the default setting. To ensure the proper running of the original service account authentication, add audiences instead of deleting existing ones when configuring this parameter.
                                                                                                                                        
+
                                                                                                                                        Potential risks: Deleting the original configuration that is still in use or setting it to an incorrect URL may result in a service account authentication failure.
                                                                                                                                        
+
                                                                                                                                        Applicable cluster version: This parameter is available only in clusters of v1.23.16-r0, v1.25.11-r0, v1.27.8-r0, v1.28.6-r0, v1.29.2-r0, or later.
                                                                                                                                        
+
                                                                                                                                        Default value: "https://kubernetes.default.svc.cluster.local"
                                                                                                                                        
+
                                                                                                                                        Multiple values can be configured, which are separated by commas (,).
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
+
                                                                                                                                        Service account token issuer identity
                                                                                                                                        
+
                                                                                                                                        service-account-issuer
                                                                                                                                        
+
                                                                                                                                        Entity identifier for issuing a service account token, which is the value identified by the iss field in the payload of the service account token.
                                                                                                                                        
+
                                                                                                                                        Configuration suggestion: Ensure the configured issuer URL can be accessed in the cluster and trusted by the authentication system in the cluster.
                                                                                                                                        
+
                                                                                                                                        Potential risks: If your specified issuer URL is untrusted or inaccessible, the authentication process based on the service account may fail.
                                                                                                                                        
+
                                                                                                                                        Applicable cluster version: This parameter is available only in clusters of v1.23.16-r0, v1.25.11-r0, v1.27.8-r0, v1.28.6-r0, v1.29.2-r0, or later.
                                                                                                                                        
+
                                                                                                                                        Default value: "https://kubernetes.default.svc.cluster.local"
                                                                                                                                        
+
                                                                                                                                        Multiple values can be configured, which are separated by commas (,).
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
+
                                                                                                                                        OIDC
                                                                                                                                        
+
                                                                                                                                        oidc-enable
                                                                                                                                        
+
                                                                                                                                        CCE supports OpenID Connect (OIDC) authentication. You can configure the necessary identity authentication information to obtain an access token (known as an ID token) and add it to kubectl. For details, see Using Dex for OIDC Authentication on CCE.
                                                                                                                                        
+
                                                                                                                                        For more details, see OIDC parameters.
                                                                                                                                        
+
                                                                                                                                        Default: false
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        
                                                                                                                                         
 
                                                                                                                                        
 
                                                                                                                                        
 
-
                                                                                                                                        Table 3 Scheduler configurations
                                                                                                                                        Item
                                                                                                                                        
+
                                                                                                                                        
-
-
-
+
-
-
-
-
+
-
-
-
-
+
-
-
-
-
+
                                                                                                                                        Table 3 Scheduler configurations
                                                                                                                                        Item
                                                                                                                                        
 
                                                                                                                                        Parameter
                                                                                                                                        
+
                                                                                                                                        Parameter
                                                                                                                                        
 
                                                                                                                                        Description
                                                                                                                                        
+
                                                                                                                                        Description
                                                                                                                                        
 
                                                                                                                                        Value
                                                                                                                                        
+
                                                                                                                                        Value
                                                                                                                                        
+
                                                                                                                                        Configuration Method
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        
 
                                                                                                                                        QPS for communicating with kube-apiserver
                                                                                                                                        
+
                                                                                                                                        QPS for communicating with kube-apiserver
                                                                                                                                        
 
                                                                                                                                        kube-api-qps
                                                                                                                                        
+
                                                                                                                                        kube-api-qps
                                                                                                                                        
 
                                                                                                                                        QPS for communicating with kube-apiserver.
                                                                                                                                        
+
                                                                                                                                        QPS for communicating with kube-apiserver.
                                                                                                                                        
 
                                                                                                                                        • If the number of nodes in a cluster is less than 1000, the default value is 100.
                                                                                                                                        • If the number of nodes in a cluster is 1000 or more, the default value is 200.
                                                                                                                                        
+
                                                                                                                                        • If the number of nodes in a cluster is less than 1,000, the default value is 100.
                                                                                                                                        • If the number of nodes in a cluster is 1,000 or more, the default value is 200.
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        Burst for communicating with kube-apiserver
                                                                                                                                        
+
                                                                                                                                        Burst for communicating with kube-apiserver
                                                                                                                                        
 
                                                                                                                                        kube-api-burst
                                                                                                                                        
+
                                                                                                                                        kube-api-burst
                                                                                                                                        
 
                                                                                                                                        Burst QPS for communicating with kube-apiserver.
                                                                                                                                        
+
                                                                                                                                        Burst QPS for communicating with kube-apiserver.
                                                                                                                                        
 
                                                                                                                                        • If the number of nodes in a cluster is less than 1000, the default value is 100.
                                                                                                                                        • If the number of nodes in a cluster is 1000 or more, the default value is 200.
                                                                                                                                        
+
                                                                                                                                        • If the number of nodes in a cluster is less than 1,000, the default value is 100.
                                                                                                                                        • If the number of nodes in a cluster is 1,000 or more, the default value is 200.
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        Whether to enable GPU sharing
                                                                                                                                        
+
                                                                                                                                        Whether to enable GPU sharing
                                                                                                                                        
 
                                                                                                                                        enable-gpu-share
                                                                                                                                        
+
                                                                                                                                        enable-gpu-share
                                                                                                                                        
 
                                                                                                                                        Determine whether to enable GPU sharing as needed.
                                                                                                                                        
-
                                                                                                                                        • When disabled, ensure that pods in the cluster cannot use shared GPUs (no cce.io/gpu-decision annotation in pods) and that GPU virtualization is disabled.
                                                                                                                                        • When enabled, ensure that there is a cce.io/gpu-decision annotation on all pods that use GPU resources in the cluster.
                                                                                                                                        
-
                                                                                                                                        Applicable cluster version: This parameter is available only in clusters of v1.23.7-r10, v1.25.3-r0, or later.
                                                                                                                                        
+
                                                                                                                                        Determine whether to enable GPU sharing as needed.
                                                                                                                                        
+
                                                                                                                                        • When disabled, ensure that pods in the cluster cannot use shared GPUs (no cce.io/gpu-decision annotation in pods) and that GPU virtualization is disabled.
                                                                                                                                        • When enabled, ensure that there is a cce.io/gpu-decision annotation on all pods that use GPU resources in the cluster.
                                                                                                                                        
+
                                                                                                                                        Applicable cluster version: This parameter is available only in clusters of v1.23.7-r10, v1.25.3-r0, or later.
                                                                                                                                        
 
                                                                                                                                        Default: true
                                                                                                                                        
+
                                                                                                                                        Default: true
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        
                                                                                                                                         
 
                                                                                                                                        
 
                                                                                                                                        
 
-
                                                                                                                                        Table 4 kube-controller-manager configurations
                                                                                                                                        Item
                                                                                                                                        
+
                                                                                                                                        
-
-
-
+
-
-
-
-
+
-
-
-
-
+
-
-
-
-
+
-
-
-
-
+
-
-
-
-
+
-
-
-
-
+
-
-
-
-
+
-
-
-
-
+
-
-
-
-
+
-
-
-
-
+
-
-
-
-
+
-
-
-
-
+
-
-
-
-
+
-
-
-
-
+
-
-
-
-
+
-
-
-
-
+
-
-
-
-
+
-
-
-
-
+
-
-
-
-
+
-
-
-
-
+
-
-
-
-
+
-
-
-
-
+
-
-
-
-
+
-
-
-
-
+
                                                                                                                                        Table 4 kube-controller-manager configurations
                                                                                                                                        Item
                                                                                                                                        
 
                                                                                                                                        Parameter
                                                                                                                                        
+
                                                                                                                                        Parameter
                                                                                                                                        
 
                                                                                                                                        Description
                                                                                                                                        
+
                                                                                                                                        Description
                                                                                                                                        
 
                                                                                                                                        Value
                                                                                                                                        
+
                                                                                                                                        Value
                                                                                                                                        
+
                                                                                                                                        Configuration Method
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        
 
                                                                                                                                        Number of concurrent processing of deployment
                                                                                                                                        
+
                                                                                                                                        Deployment
                                                                                                                                        
 
                                                                                                                                        concurrent-deployment-syncs
                                                                                                                                        
+
                                                                                                                                        concurrent-deployment-syncs
                                                                                                                                        
 
                                                                                                                                        Number of deployment objects that are allowed to sync concurrently
                                                                                                                                        
+
                                                                                                                                        Number of deployment objects that are allowed to sync concurrently
                                                                                                                                        
 
                                                                                                                                        Default: 5
                                                                                                                                        
+
                                                                                                                                        Default: 5
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        Concurrent processing number of endpoint
                                                                                                                                        
+
                                                                                                                                        Endpoint
                                                                                                                                        
 
                                                                                                                                        concurrent-endpoint-syncs
                                                                                                                                        
+
                                                                                                                                        concurrent-endpoint-syncs
                                                                                                                                        
 
                                                                                                                                        Number of service endpoint syncing operations that will be done concurrently
                                                                                                                                        
+
                                                                                                                                        Number of service endpoint syncing operations that will be done concurrently
                                                                                                                                        
 
                                                                                                                                        Default: 5
                                                                                                                                        
+
                                                                                                                                        Default: 5
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        Concurrent number of garbage collectors
                                                                                                                                        
+
                                                                                                                                        Concurrent number of garbage collector workers
                                                                                                                                        
 
                                                                                                                                        concurrent-gc-syncs
                                                                                                                                        
+
                                                                                                                                        concurrent-gc-syncs
                                                                                                                                        
 
                                                                                                                                        Number of garbage collector workers that can be synchronized concurrently
                                                                                                                                        
+
                                                                                                                                        Number of garbage collector workers that can be synchronized concurrently
                                                                                                                                        
 
                                                                                                                                        Default: 20
                                                                                                                                        
+
                                                                                                                                        Default: 20
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        Number of job objects allowed to sync simultaneously
                                                                                                                                        
+
                                                                                                                                        Job
                                                                                                                                        
 
                                                                                                                                        concurrent-job-syncs
                                                                                                                                        
+
                                                                                                                                        concurrent-job-syncs
                                                                                                                                        
 
                                                                                                                                        Number of job objects that can be synchronized concurrently
                                                                                                                                        
+
                                                                                                                                        Number of job objects that can be synchronized concurrently
                                                                                                                                        
 
                                                                                                                                        Default: 5
                                                                                                                                        
+
                                                                                                                                        Default: 5
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        Number of CronJob objects allowed to sync simultaneously
                                                                                                                                        
+
                                                                                                                                        CronJob
                                                                                                                                        
 
                                                                                                                                        concurrent-cron-job-syncs
                                                                                                                                        
+
                                                                                                                                        concurrent-cron-job-syncs
                                                                                                                                        
 
                                                                                                                                        Number of scheduled jobs that can be synchronized concurrently
                                                                                                                                        
+
                                                                                                                                        Number of scheduled jobs that can be synchronized concurrently
                                                                                                                                        
 
                                                                                                                                        Default: 5
                                                                                                                                        
+
                                                                                                                                        Default: 5
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        Number of concurrent processing of namespace
                                                                                                                                        
+
                                                                                                                                        Namespace
                                                                                                                                        
 
                                                                                                                                        concurrent-namespace-syncs
                                                                                                                                        
+
                                                                                                                                        concurrent-namespace-syncs
                                                                                                                                        
 
                                                                                                                                        Number of namespace objects that can be synchronized concurrently
                                                                                                                                        
+
                                                                                                                                        Number of namespace objects that can be synchronized concurrently
                                                                                                                                        
 
                                                                                                                                        Default: 10
                                                                                                                                        
+
                                                                                                                                        Default: 10
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        Concurrent processing number of replicaset
                                                                                                                                        
+
                                                                                                                                        ReplicaSet
                                                                                                                                        
 
                                                                                                                                        concurrent-replicaset-syncs
                                                                                                                                        
+
                                                                                                                                        concurrent-replicaset-syncs
                                                                                                                                        
 
                                                                                                                                        Number of replica sets that can be synchronized concurrently
                                                                                                                                        
+
                                                                                                                                        Number of replica sets that can be synchronized concurrently
                                                                                                                                        
 
                                                                                                                                        Default: 5
                                                                                                                                        
+
                                                                                                                                        Default: 5
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        Number of concurrent processing of resource quota
                                                                                                                                        
+
                                                                                                                                        ResourceQuota
                                                                                                                                        
 
                                                                                                                                        concurrent-resource-quota-syncs
                                                                                                                                        
+
                                                                                                                                        concurrent-resource-quota-syncs
                                                                                                                                        
 
                                                                                                                                        Number of resource quotas that can be synchronized concurrently
                                                                                                                                        
+
                                                                                                                                        Number of resource quotas that can be synchronized concurrently
                                                                                                                                        
 
                                                                                                                                        Default: 5
                                                                                                                                        
+
                                                                                                                                        Default: 5
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        Service
                                                                                                                                        
+
                                                                                                                                        Service
                                                                                                                                        
 
                                                                                                                                        concurrent-service-syncs
                                                                                                                                        
+
                                                                                                                                        concurrent-service-syncs
                                                                                                                                        
 
                                                                                                                                        Number of services that can be synchronized concurrently
                                                                                                                                        
+
                                                                                                                                        Number of services that can be synchronized concurrently
                                                                                                                                        
 
                                                                                                                                        Default: 10
                                                                                                                                        
+
                                                                                                                                        Default: 10
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        Concurrent processing number of serviceaccount-token
                                                                                                                                        
+
                                                                                                                                        ServiceAccountToken
                                                                                                                                        
 
                                                                                                                                        concurrent-serviceaccount-token-syncs
                                                                                                                                        
+
                                                                                                                                        concurrent-serviceaccount-token-syncs
                                                                                                                                        
 
                                                                                                                                        Number of service account token objects that can be synchronized concurrently
                                                                                                                                        
+
                                                                                                                                        Number of service account token objects that can be synchronized concurrently
                                                                                                                                        
 
                                                                                                                                        Default: 5
                                                                                                                                        
+
                                                                                                                                        Default: 5
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        Concurrent processing of ttl-after-finished
                                                                                                                                        
+
                                                                                                                                        TTLAfterFinished
                                                                                                                                        
 
                                                                                                                                        concurrent-ttl-after-finished-syncs
                                                                                                                                        
+
                                                                                                                                        concurrent-ttl-after-finished-syncs
                                                                                                                                        
 
                                                                                                                                        Number of ttl-after-finished-controller workers that can be synchronized concurrently
                                                                                                                                        
+
                                                                                                                                        Number of ttl-after-finished workers that can be synchronized concurrently
                                                                                                                                        
 
                                                                                                                                        Default: 5
                                                                                                                                        
+
                                                                                                                                        Default: 5
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        RC
                                                                                                                                        
+
                                                                                                                                        RC
                                                                                                                                        
 
                                                                                                                                        concurrent_rc_syncs (used in clusters of v1.19 or earlier)
                                                                                                                                        
-
                                                                                                                                        concurrent-rc-syncs (used in clusters of v1.21 through v1.25.3-r0)
                                                                                                                                        
+
                                                                                                                                        concurrent_rc_syncs (used in clusters of v1.19 or earlier)
                                                                                                                                        
+
                                                                                                                                        concurrent-rc-syncs (used in clusters of v1.21 through v1.25.3-r0)
                                                                                                                                        
 
                                                                                                                                        Number of replication controllers that can be synchronized concurrently
                                                                                                                                        
-
                                                                                                                                        This parameter is deprecated in clusters of v1.25.3-r0 and later versions.
                                                                                                                                        
+
                                                                                                                                        Number of replication controllers that can be synchronized concurrently
                                                                                                                                        
+
                                                                                                                                        This parameter is deprecated in clusters of v1.25.3-r0 and later versions.
                                                                                                                                        
 
                                                                                                                                        Default: 5
                                                                                                                                        
+
                                                                                                                                        Default: 5
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        HPA
                                                                                                                                        
+
                                                                                                                                        Number of HPA concurrent requests
                                                                                                                                        
 
                                                                                                                                        concurrent-horizontal-pod-autoscaler-syncs
                                                                                                                                        
+
                                                                                                                                        concurrent-horizontal-pod-autoscaler-syncs
                                                                                                                                        
 
                                                                                                                                        Number of HPA auto scaling requests that can be concurrently processed
                                                                                                                                        
+
                                                                                                                                        Number of HPA auto scaling requests that can be concurrently processed
                                                                                                                                        
 
                                                                                                                                        Default 1 for clusters earlier than v1.27 and 5 for clusters of v1.27 or later
                                                                                                                                        
-
                                                                                                                                        Value range: 1 to 50
                                                                                                                                        
+
                                                                                                                                        Default 1 for clusters earlier than v1.27 and 5 for clusters of v1.27 or later
                                                                                                                                        
+
                                                                                                                                        Value range: 1 to 50
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        Cluster elastic computing period
                                                                                                                                        
+
                                                                                                                                        HPA synchronization period
                                                                                                                                        
 
                                                                                                                                        horizontal-pod-autoscaler-sync-period
                                                                                                                                        
+
                                                                                                                                        horizontal-pod-autoscaler-sync-period
                                                                                                                                        
 
                                                                                                                                        Period for the horizontal pod autoscaler to perform auto scaling on pods. A smaller value will result in a faster auto scaling response and higher CPU load.
                                                                                                                                        
-
                                                                                                                                        Configuration suggestion: Retain the default setting.
                                                                                                                                        
-
                                                                                                                                        Potential risks: A lengthy period can cause the controller to respond slowly, while a short period may overload the cluster control plane.
                                                                                                                                        
+
                                                                                                                                        Period for the horizontal pod autoscaler to perform auto scaling on pods. A smaller value will result in a faster auto scaling response and higher CPU load.
                                                                                                                                        
+
                                                                                                                                        Configuration suggestion: Retain the default setting.
                                                                                                                                        
+
                                                                                                                                        Potential risks: A lengthy period can cause the controller to respond slowly, while a short period may overload the cluster control plane.
                                                                                                                                        
 
                                                                                                                                        Default: 15 seconds
                                                                                                                                        
+
                                                                                                                                        Default: 15s
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        Horizontal Pod Scaling Tolerance
                                                                                                                                        
+
                                                                                                                                        HPA tolerance
                                                                                                                                        
 
                                                                                                                                        horizontal-pod-autoscaler-tolerance
                                                                                                                                        
+
                                                                                                                                        horizontal-pod-autoscaler-tolerance
                                                                                                                                        
 
                                                                                                                                        The configuration determines how quickly HPA will act to auto scaling policies. If the parameter is set to 0, auto scaling will be triggered immediately when the related metrics are met.
                                                                                                                                        
-
                                                                                                                                        Configuration suggestion: Configure this parameter based on service resource usage. If the service resource usage increases sharply over time, configure a tolerance to prevent unexpected auto scaling in short-term high-resource usage scenarios.
                                                                                                                                        
+
                                                                                                                                        The configuration determines how quickly HPA will act to auto scaling policies. If the parameter is set to 0, auto scaling will be triggered immediately when the related metrics are met.
                                                                                                                                        
+
                                                                                                                                        Configuration suggestion: Configure this parameter based on service resource usage. If the service resource usage increases sharply over time, configure a tolerance to prevent unexpected auto scaling in short-term high-resource usage scenarios.
                                                                                                                                        
 
                                                                                                                                        Default: 0.1
                                                                                                                                        
+
                                                                                                                                        Default: 0.1
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        HPA CPU Initialization Period
                                                                                                                                        
+
                                                                                                                                        HPA CPU initialization period
                                                                                                                                        
 
                                                                                                                                        horizontal-pod-autoscaler-cpu-initialization-period
                                                                                                                                        
+
                                                                                                                                        horizontal-pod-autoscaler-cpu-initialization-period
                                                                                                                                        
 
                                                                                                                                        The built-in delay of the HPA for collecting CPU usage after pods start. You can use this parameter to filter out unstable CPU usage data during the early stage of pod startup. This helps prevent incorrect scaling decisions based on momentary peak values.
                                                                                                                                        
-
                                                                                                                                        Configuration suggestion: If HPA makes an incorrect scaling decision due to fluctuating CPU usage during pod startup, increase the value of this parameter.
                                                                                                                                        
-
                                                                                                                                        Potential risks: A small parameter value may trigger unnecessary scaling based on peak CPU usage, while a large value may cause delayed scaling.
                                                                                                                                        
-
                                                                                                                                        Applicable cluster version: This parameter is available only in clusters of v1.23.16-r0, v1.25.11-r0, v1.27.8-r0, v1.28.6-r0, v1.29.2-r0, or later.
                                                                                                                                        
+
                                                                                                                                        The built-in delay of the HPA for collecting CPU usage after pods start. You can use this parameter to filter out unstable CPU usage data during the early stage of pod startup. This helps prevent incorrect scaling decisions based on momentary peak values.
                                                                                                                                        
+
                                                                                                                                        Configuration suggestion: If HPA makes an incorrect scaling decision due to fluctuating CPU usage during pod startup, increase the value of this parameter.
                                                                                                                                        
+
                                                                                                                                        Potential risks: A small parameter value may trigger unnecessary scaling based on peak CPU usage, while a large value may cause delayed scaling.
                                                                                                                                        
+
                                                                                                                                        Applicable cluster version: This parameter is available only in clusters of v1.23.16-r0, v1.25.11-r0, v1.27.8-r0, v1.28.6-r0, v1.29.2-r0, or later.
                                                                                                                                        
 
                                                                                                                                        Default: 5 minutes
                                                                                                                                        
+
                                                                                                                                        Default: 5 minutes
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        HPA Initial Readiness Delay
                                                                                                                                        
+
                                                                                                                                        HPA initial readiness delay
                                                                                                                                        
 
                                                                                                                                        horizontal-pod-autoscaler-initial-readiness-delay
                                                                                                                                        
+
                                                                                                                                        horizontal-pod-autoscaler-initial-readiness-delay
                                                                                                                                        
 
                                                                                                                                        The waiting time before the HPA starts automatic scaling based on pod readiness.
                                                                                                                                        
-
                                                                                                                                        Configuration suggestion: To prevent HPA misjudgment caused by pod readiness fluctuations after startup, increase the value of this parameter.
                                                                                                                                        
-
                                                                                                                                        Potential risks: If this parameter is set to a small value, an unnecessary scale-out may occur due to CPU data fluctuations when the pod is just ready. If it is set to a large value, the HPA may not respond quickly enough in situations requiring rapid scaling.
                                                                                                                                        
-
                                                                                                                                        Applicable cluster version: This parameter is available only in clusters of v1.23.16-r0, v1.25.11-r0, v1.27.8-r0, v1.28.6-r0, v1.29.2-r0, or later.
                                                                                                                                        
+
                                                                                                                                        The waiting time before the HPA starts automatic scaling based on pod readiness.
                                                                                                                                        
+
                                                                                                                                        Configuration suggestion: To prevent HPA misjudgment caused by pod readiness fluctuations after startup, increase the value of this parameter.
                                                                                                                                        
+
                                                                                                                                        Potential risks: If this parameter is set to a small value, an unnecessary scale-out may occur due to CPU data fluctuations when the pod is just ready. If it is set to a large value, the HPA may not respond quickly enough in situations requiring rapid scaling.
                                                                                                                                        
+
                                                                                                                                        Applicable cluster version: This parameter is available only in clusters of v1.23.16-r0, v1.25.11-r0, v1.27.8-r0, v1.28.6-r0, v1.29.2-r0, or later.
                                                                                                                                        
 
                                                                                                                                        Default: 30s
                                                                                                                                        
+
                                                                                                                                        Default: 30s
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        QPS for communicating with kube-apiserver
                                                                                                                                        
+
                                                                                                                                        QPS for communicating with kube-apiserver
                                                                                                                                        
 
                                                                                                                                        kube-api-qps
                                                                                                                                        
+
                                                                                                                                        kube-api-qps
                                                                                                                                        
 
                                                                                                                                        QPS for communicating with kube-apiserver
                                                                                                                                        
+
                                                                                                                                        QPS for communicating with kube-apiserver
                                                                                                                                        
 
                                                                                                                                        • If the number of nodes in a cluster is less than 1000, the default value is 100.
                                                                                                                                        • If the number of nodes in a cluster is 1000 or more, the default value is 200.
                                                                                                                                        
+
                                                                                                                                        • If the number of nodes in a cluster is less than 1,000, the default value is 100.
                                                                                                                                        • If the number of nodes in a cluster is 1,000 or more, the default value is 200.
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        Burst for communicating with kube-apiserver
                                                                                                                                        
+
                                                                                                                                        Burst for communicating with kube-apiserver
                                                                                                                                        
 
                                                                                                                                        kube-api-burst
                                                                                                                                        
+
                                                                                                                                        kube-api-burst
                                                                                                                                        
 
                                                                                                                                        Burst QPS for communicating with kube-apiserver
                                                                                                                                        
+
                                                                                                                                        Burst QPS for communicating with kube-apiserver.
                                                                                                                                        
 
                                                                                                                                        • If the number of nodes in a cluster is less than 1000, the default value is 100.
                                                                                                                                        • If the number of nodes in a cluster is 1000 or more, the default value is 200.
                                                                                                                                        
+
                                                                                                                                        • If the number of nodes in a cluster is less than 1,000, the default value is 100.
                                                                                                                                        • If the number of nodes in a cluster is 1,000 or more, the default value is 200.
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        The maximum number of terminated pods that can be kept before the Pod GC deletes the terminated pod
                                                                                                                                        
+
                                                                                                                                        Maximum number of terminated pods that can be kept before the Pod GC deletes the terminated pod
                                                                                                                                        
 
                                                                                                                                        terminated-pod-gc-threshold
                                                                                                                                        
+
                                                                                                                                        terminated-pod-gc-threshold
                                                                                                                                        
 
                                                                                                                                        Number of terminated pods that can exist in a cluster. When the number of terminated pods exceeds the expected threshold, the excess terminated pods will be automatically deleted.
                                                                                                                                        
-
                                                                                                                                        If this parameter is set to 0, all terminated pods will be retained.
                                                                                                                                        
+
                                                                                                                                        Number of terminated pods that can exist in a cluster. When the number of terminated pods exceeds the expected threshold, the excess terminated pods will be automatically deleted.
                                                                                                                                        
+
                                                                                                                                        If this parameter is set to 0, all terminated pods will be retained.
                                                                                                                                        
 
                                                                                                                                        Default: 1000
                                                                                                                                        
-
                                                                                                                                        Value range: 10 to 12500
                                                                                                                                        
-
                                                                                                                                        If the cluster version is v1.21.11-r40, v1.23.8-r0, v1.25.6-r0, v1.27.3-r0, or later, the value range is changed to 0 to 100000.
                                                                                                                                        
+
                                                                                                                                        Default: 1000
                                                                                                                                        
+
                                                                                                                                        Value range: 10 to 12500
                                                                                                                                        
+
                                                                                                                                        If the cluster version is v1.21.11-r40, v1.23.8-r0, v1.25.6-r0, v1.27.3-r0, or later, the value range is changed to 0 to 100000.
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        Unhealthy AZ Threshold
                                                                                                                                        
+
                                                                                                                                        Unhealthy AZ threshold
                                                                                                                                        
 
                                                                                                                                        unhealthy-zone-threshold
                                                                                                                                        
+
                                                                                                                                        unhealthy-zone-threshold
                                                                                                                                        
 
                                                                                                                                        If the number of not-ready nodes exceeds the specified threshold in a given AZ, that AZ will be marked as unhealthy. In such unhealthy AZs, the frequency of service migration for faulty nodes will be reduced to prevent further negative impacts caused by large-scale migrations during major fault scenarios.
                                                                                                                                        
-
                                                                                                                                        Configuration suggestion: Retain the default setting.
                                                                                                                                        
-
                                                                                                                                        Potential risks: If the parameter is set to a large value, pods in unhealthy AZs will be migrated in a large scale, which can lead to risks such as overloading the cluster.
                                                                                                                                        
-
                                                                                                                                        Applicable cluster version: This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later.
                                                                                                                                        
+
                                                                                                                                        If the number of not-ready nodes exceeds the specified threshold in a given AZ, that AZ will be marked as unhealthy. In such unhealthy AZs, the frequency of service migration for faulty nodes will be reduced to prevent further negative impacts caused by large-scale migrations during major fault scenarios.
                                                                                                                                        
+
                                                                                                                                        Configuration suggestion: Retain the default setting.
                                                                                                                                        
+
                                                                                                                                        Potential risks: If the parameter is set to a large value, pods in unhealthy AZs will be migrated in a large scale, which can lead to risks such as overloading the cluster.
                                                                                                                                        
+
                                                                                                                                        Applicable cluster version: This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later.
                                                                                                                                        
 
                                                                                                                                        Default: 0.55
                                                                                                                                        
-
                                                                                                                                        Value range: 0 to 1
                                                                                                                                        
+
                                                                                                                                        Default: 0.55
                                                                                                                                        
+
                                                                                                                                        Value range: 0 to 1
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        Node Eviction Rate
                                                                                                                                        
+
                                                                                                                                        Node eviction rate
                                                                                                                                        
 
                                                                                                                                        node-eviction-rate
                                                                                                                                        
+
                                                                                                                                        node-eviction-rate
                                                                                                                                        
 
                                                                                                                                        The maximum number of pods that can be evicted per second when a node is faulty in a healthy AZ. The default value is 0.1, indicating that pods from at most one node can be evicted every 10 seconds.
                                                                                                                                        
-
                                                                                                                                        Configuration suggestion: Ensure that the number of pods migrated in each batch does not exceed 300. If the parameter is set to a large value, the cluster may be overloaded. Additionally, if too many pods are evicted, they cannot be rescheduled, which will slow down fault recovery.
                                                                                                                                        
-
                                                                                                                                        Applicable cluster version: This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later.
                                                                                                                                        
+
                                                                                                                                        The maximum number of pods that can be evicted per second when a node is faulty in a healthy AZ. The default value is 0.1, indicating that pods from at most one node can be evicted every 10 seconds.
                                                                                                                                        
+
                                                                                                                                        Configuration suggestion: Ensure that the number of pods migrated in each batch does not exceed 300. If the parameter is set to a large value, the cluster may be overloaded. Additionally, if too many pods are evicted, they cannot be rescheduled, which will slow down fault recovery.
                                                                                                                                        
+
                                                                                                                                        Applicable cluster version: This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later.
                                                                                                                                        
 
                                                                                                                                        Default: 0.1
                                                                                                                                        
+
                                                                                                                                        Default: 0.1
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        Secondary Node Eviction Rate
                                                                                                                                        
+
                                                                                                                                        Secondary node eviction rate
                                                                                                                                        
 
                                                                                                                                        secondary-node-eviction-rate
                                                                                                                                        
+
                                                                                                                                        secondary-node-eviction-rate
                                                                                                                                        
 
                                                                                                                                        The maximum number of pods that can be evicted per second when a node is faulty in an unhealthy AZ. The default value is 0.01, indicating that pods from at most one node can be evicted every 100 seconds.
                                                                                                                                        
-
                                                                                                                                        Configuration suggestion: Configure this parameter to be one-tenth of node-eviction-rate.
                                                                                                                                        
-
                                                                                                                                        Potential risks: For nodes in an unhealthy AZ, there is no need to set this parameter to a large value. Doing so may result in overloaded clusters.
                                                                                                                                        
-
                                                                                                                                        Applicable cluster version: This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later.
                                                                                                                                        
+
                                                                                                                                        The maximum number of pods that can be evicted per second when a node is faulty in an unhealthy AZ. The default value is 0.01, indicating that pods from at most one node can be evicted every 100 seconds.
                                                                                                                                        
+
                                                                                                                                        Configuration suggestion: Configure this parameter to be one-tenth of node-eviction-rate.
                                                                                                                                        
+
                                                                                                                                        Potential risks: For nodes in an unhealthy AZ, there is no need to set this parameter to a large value. Doing so may result in overloaded clusters.
                                                                                                                                        
+
                                                                                                                                        Applicable cluster version: This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later.
                                                                                                                                        
 
                                                                                                                                        Default: 0.01
                                                                                                                                        
-
                                                                                                                                        
+
                                                                                                                                        Default: 0.01
                                                                                                                                        
+
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        Large Cluster Threshold
                                                                                                                                        
+
                                                                                                                                        Large cluster threshold
                                                                                                                                        
 
                                                                                                                                        large-cluster-size-threshold
                                                                                                                                        
+
                                                                                                                                        large-cluster-size-threshold
                                                                                                                                        
 
                                                                                                                                        The criterion for determining whether a cluster is a large-scale cluster. If the number of nodes in a cluster exceeds the value of this parameter, the cluster is considered a large-scale cluster.
                                                                                                                                        
-
                                                                                                                                        Configuration suggestion: For the clusters with a large number of nodes, configure a relatively larger value than the default one for higher performance and faster responses of controllers. Retain the default value for small clusters. Before adjusting the value of this parameter in a production environment, check the impact of the change on cluster performance in a test environment.
                                                                                                                                        
-
                                                                                                                                        Potential risks: In a large-scale cluster, kube-controller-manager adjusts specific configurations to optimize the performance of the cluster. Setting an excessively small threshold for small clusters will deteriorate the cluster performance.
                                                                                                                                        
-
                                                                                                                                        Applicable cluster version: This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later.
                                                                                                                                        
+
                                                                                                                                        The criterion for determining whether a cluster is a large-scale cluster. If the number of nodes in a cluster exceeds the value of this parameter, the cluster is considered a large-scale cluster.
                                                                                                                                        
+
                                                                                                                                        Configuration suggestion: For the clusters with a large number of nodes, configure a relatively larger value than the default one for higher performance and faster responses of controllers. Retain the default value for small clusters. Before adjusting the value of this parameter in a production environment, check the impact of the change on cluster performance in a test environment.
                                                                                                                                        
+
                                                                                                                                        Potential risks: In a large-scale cluster, kube-controller-manager adjusts specific configurations to optimize the performance of the cluster. Setting an excessively small threshold for small clusters will deteriorate the cluster performance.
                                                                                                                                        
+
                                                                                                                                        Applicable cluster version: This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later.
                                                                                                                                        
 
                                                                                                                                        Default: 50
                                                                                                                                        
-
                                                                                                                                        
+
                                                                                                                                        Default: 50
                                                                                                                                        
+
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        
                                                                                                                                         
 
                                                                                                                                        
 
                                                                                                                                        
 
-
                                                                                                                                        Table 5 Network components (supported only by CCE Turbo clusters)
                                                                                                                                        Item
                                                                                                                                        
+
                                                                                                                                        
-
-
-
+
-
-
-
-
+
-
-
-
-
+
-
-
-
-
+
-
-
-
-
+
-
-
-
-
+
                                                                                                                                        Table 5 Network component configurations (supported only by CCE Turbo clusters)
                                                                                                                                        Item
                                                                                                                                        
 
                                                                                                                                        Parameter
                                                                                                                                        
+
                                                                                                                                        Parameter
                                                                                                                                        
 
                                                                                                                                        Description
                                                                                                                                        
+
                                                                                                                                        Description
                                                                                                                                        
 
                                                                                                                                        Value
                                                                                                                                        
+
                                                                                                                                        Value
                                                                                                                                        
+
                                                                                                                                        Configuration Method
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        
 
                                                                                                                                        The minimum number of network cards bound to the container at the cluster level
                                                                                                                                        
+
                                                                                                                                        The minimum number of network interfaces bound to a node in a cluster
                                                                                                                                        
 
                                                                                                                                        nic-minimum-target
                                                                                                                                        
+
                                                                                                                                        nic-minimum-target
                                                                                                                                        
 
                                                                                                                                        Minimum number of container NICs bound to a node
                                                                                                                                        
-
                                                                                                                                        The parameter value must be a positive integer. The value 10 indicates that at least 10 container NICs must be bound to a node. If the number you specified exceeds the container NIC quota of the node, the NIC quota will be used.
                                                                                                                                        
+
                                                                                                                                        The minimum number of network interfaces bound to a node
                                                                                                                                        
+
                                                                                                                                        The parameter value must be a positive integer. The value 10 indicates that at least 10 container network interfaces must be bound to a node. If the number you specified exceeds the container network interface quota of the node, the network interface quota will be used.
                                                                                                                                        
 
                                                                                                                                        Default: 10
                                                                                                                                        
+
                                                                                                                                        Default: 10
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        Cluster-level node preheating container NIC upper limit check value
                                                                                                                                        
+
                                                                                                                                        Maximum number of network interfaces pre-bound to a node in a cluster
                                                                                                                                        
 
                                                                                                                                        nic-maximum-target
                                                                                                                                        
+
                                                                                                                                        nic-maximum-target
                                                                                                                                        
 
                                                                                                                                        After the number of NICs bound to a node exceeds the nic-maximum-target value, CCE will not proactively pre-bind NICs.
                                                                                                                                        
-
                                                                                                                                        Checking the upper limit of pre-bound container NICs is enabled only when the value of this parameter is greater than or equal to the minimum number of container NICs (nic-minimum-target) bound to a node.
                                                                                                                                        
-
                                                                                                                                        The parameter value must be a positive integer. The value 0 indicates that checking the upper limit of pre-bound container NICs is disabled. If the number you specified exceeds the container NIC quota of the node, the NIC quota will be used.
                                                                                                                                        
+
                                                                                                                                        After the number of network interfaces bound to a node exceeds the nic-maximum-target value, CCE will not proactively pre-bind network interfaces.
                                                                                                                                        
+
                                                                                                                                        Checking the upper limit of pre-bound container network interfaces is enabled only when the value of this parameter is greater than or equal to the minimum number of container network interfaces (nic-minimum-target) bound to a node.
                                                                                                                                        
+
                                                                                                                                        The parameter value must be a positive integer. The value 0 indicates that checking the upper limit of pre-bound container network interfaces is disabled. If the number you specified exceeds the container network interface quota of the node, the network interface quota will be used.
                                                                                                                                        
 
                                                                                                                                        Default: 0
                                                                                                                                        
+
                                                                                                                                        Default: 0
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        Number of NICs for dynamically warming up containers at the cluster level
                                                                                                                                        
+
                                                                                                                                        The number of network interfaces dynamically pre-bound to a node in a cluster
                                                                                                                                        
 
                                                                                                                                        nic-warm-target
                                                                                                                                        
+
                                                                                                                                        nic-warm-target
                                                                                                                                        
 
                                                                                                                                        The target number of NICs to be pre-bound to a node before it starts.
                                                                                                                                        
-
                                                                                                                                        When the sum of the nic-warm-target value and the number of NICs already bound to the node exceeds the nic-maximum-target value, CCE will pre-bind the number of NICs specified by the difference between the nic-maximum-target value and the current number of NICs bound to the node.
                                                                                                                                        
+
                                                                                                                                        The target number of network interfaces to be pre-bound to a node before it starts.
                                                                                                                                        
+
                                                                                                                                        When the sum of the nic-warm-target value and the number of network interfaces already bound to the node exceeds the nic-maximum-target value, CCE will pre-bind the number of network interfaces specified by the difference between the nic-maximum-target value and the current number of network interfaces bound to the node.
                                                                                                                                        
 
                                                                                                                                        Default: 2
                                                                                                                                        
+
                                                                                                                                        Default: 2
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        Cluster-level node warm-up container NIC recycling threshold
                                                                                                                                        
+
                                                                                                                                        The threshold for reclaiming the network interfaces pre-bound to a node in a cluster
                                                                                                                                        
 
                                                                                                                                        nic-max-above-warm-target
                                                                                                                                        
+
                                                                                                                                        nic-max-above-warm-target
                                                                                                                                        
 
                                                                                                                                        Pre-bound NICs on a node will only be unbound and reclaimed if the difference between the number of idle NICs and the nic-warm-target value exceeds the threshold. The value can only be a number.
                                                                                                                                        
-
                                                                                                                                        • A large value will accelerate pod startup but slow down the unbinding of idle container NICs and decrease the IP address usage. Exercise caution when performing this operation.
                                                                                                                                        • A small value will speed up the unbinding of idle container NICs and increase the IP address usage but will slow down pod startup, especially when a large number of pods increase instantaneously.
                                                                                                                                        
+
                                                                                                                                        Pre-bound network interfaces on a node will only be unbound and reclaimed if the difference between the number of idle network interfaces and the nic-warm-target value exceeds the threshold. The value can only be a number.
                                                                                                                                        
+
                                                                                                                                        • A large value will accelerate pod startup but slow down the unbinding of idle container network interfaces and decrease the IP address usage. Exercise caution when performing this operation.
                                                                                                                                        • A small value will speed up the unbinding of idle container network interfaces and increase the IP address usage but will slow down pod startup, especially when a large number of pods increase instantaneously.
                                                                                                                                        
 
                                                                                                                                        Default: 2
                                                                                                                                        
+
                                                                                                                                        Default: 2
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        Pod Access to Metadata
                                                                                                                                        
+
                                                                                                                                        Pod access to metadata
                                                                                                                                        
 
                                                                                                                                        allow-metadata-network-access
                                                                                                                                        
+
                                                                                                                                        allow-metadata-network-access
                                                                                                                                        
 
                                                                                                                                        After this function is enabled, pods in a cluster can access the node's metadata.
                                                                                                                                        
-
                                                                                                                                        • If a pod is created after this function is enabled, its ability to access metadata depends on the function's status.
                                                                                                                                        • If a pod is created after this function is disabled, or in a cluster of an earlier version without this function, it cannot access metadata. To enable a pod to access metadata, it must be rebuilt while the function is enabled.
                                                                                                                                        
+
                                                                                                                                        After this function is enabled, pods in a cluster can access the node's metadata.
                                                                                                                                        
+
                                                                                                                                        • If a pod is created after this function is enabled, its ability to access metadata depends on the function's status.
                                                                                                                                        • If a pod is created after this function is disabled, or in a cluster of an earlier version without this function, it cannot access metadata. To enable a pod to access metadata, it must be rebuilt while the function is enabled.
                                                                                                                                        
 
                                                                                                                                        Default: false
                                                                                                                                        
+
                                                                                                                                        Default: false
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        
                                                                                                                                         
 
                                                                                                                                        
 
                                                                                                                                        
 
-
                                                                                                                                        Table 6 Network component configurations (supported only by CCE clusters using VPC networks)
                                                                                                                                        Item
                                                                                                                                        
+
                                                                                                                                        
-
-
-
+
-
-
-
-
+
                                                                                                                                        Table 6 Network component configurations (supported only by CCE clusters using VPC networks)
                                                                                                                                        Item
                                                                                                                                        
 
                                                                                                                                        Parameter
                                                                                                                                        
+
                                                                                                                                        Parameter
                                                                                                                                        
 
                                                                                                                                        Description
                                                                                                                                        
+
                                                                                                                                        Description
                                                                                                                                        
 
                                                                                                                                        Value
                                                                                                                                        
+
                                                                                                                                        Value
                                                                                                                                        
+
                                                                                                                                        Configuration Method
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        
 
                                                                                                                                        Retaining the non-masqueraded CIDR block of the original pod IP address
                                                                                                                                        
+
                                                                                                                                        Retaining the non-masqueraded CIDR block of the original pod IP address
                                                                                                                                        
 
                                                                                                                                        nonMasqueradeCIDRs
                                                                                                                                        
+
                                                                                                                                        nonMasqueradeCIDRs
                                                                                                                                        
 
                                                                                                                                        In a CCE cluster using the VPC network model, if a container in the cluster needs to access externally, the source pod IP address must be masqueraded as the IP address of the node where the pod resides through SNAT. After the configuration, the node will not perform SNAT on IP addresses within the specified CIDR block by default.
                                                                                                                                        
-
                                                                                                                                        By default, nodes in a cluster do not perform SNAT on packets destined for the private CIDR blocks 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16. Instead, these packets are directly transferred using the upper-layer VPC. These three CIDR blocks are considered internal networks within the cluster and are reachable at Layer 3 by default.
                                                                                                                                        
-
                                                                                                                                        Applicable cluster version: This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later.
                                                                                                                                        
+
                                                                                                                                        In a CCE cluster using the VPC network model, if a container in the cluster needs to access externally, the source pod IP address must be masqueraded as the IP address of the node where the pod resides through SNAT. After the configuration, the node will not perform SNAT on IP addresses within the specified CIDR block by default.
                                                                                                                                        
+
                                                                                                                                        By default, nodes in a cluster do not perform SNAT on packets destined for the private CIDR blocks 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16. Instead, these packets are directly transferred using the upper-layer VPC. These three CIDR blocks are considered internal networks within the cluster and are reachable at Layer 3 by default.
                                                                                                                                        
+
                                                                                                                                        Applicable cluster version: This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later.
                                                                                                                                        
 
                                                                                                                                        Default: 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16
                                                                                                                                        
-
                                                                                                                                         NOTE: 
                                                                                                                                        To enable cross-node pod access, the CIDR block of the node where the target pod runs must be added.
                                                                                                                                        
-
                                                                                                                                        Similarly, to enable cross-ECS pod access in a VPC, the CIDR block of the ECS where the target pod runs must be added.
                                                                                                                                        
+
                                                                                                                                        Default: 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16
                                                                                                                                        
+
                                                                                                                                         NOTE: 
                                                                                                                                        To enable cross-node pod access, the CIDR block of the node where the target pod runs must be added.
                                                                                                                                        
+
                                                                                                                                        Similarly, to enable cross-ECS pod access in a VPC, the CIDR block of the ECS where the target pod runs must be added.
                                                                                                                                        
 
                                                                                                                                        
 
                                                                                                                                        Console/API
                                                                                                                                        
+                                                                                                                                        		
 
                                                                                                                                        
                                                                                                                                         
 
                                                                                                                                        
 
                                                                                                                                        
 
-
                                                                                                                                        Table 7 Extended controller configurations (supported only by clusters of v1.21 or later)
                                                                                                                                        Item
                                                                                                                                        
+
                                                                                                                                        
-
-
-
+
-
-
-
-
+
                                                                                                                                        Table 7 Extended controller configurations (supported only by clusters of v1.21 or later)
                                                                                                                                        Item
                                                                                                                                        
 
                                                                                                                                        Parameter
                                                                                                                                        
+
                                                                                                                                        Parameter
                                                                                                                                        
 
                                                                                                                                        Description
                                                                                                                                        
+
                                                                                                                                        Description
                                                                                                                                        
 
                                                                                                                                        Value
                                                                                                                                        
+
                                                                                                                                        Value
                                                                                                                                        
+
                                                                                                                                        Configuration Method
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        
 
                                                                                                                                        Enable resource quota management
                                                                                                                                        
+
                                                                                                                                        Whether to enable resource quota management
                                                                                                                                        
 
                                                                                                                                        enable-resource-quota
                                                                                                                                        
+
                                                                                                                                        enable-resource-quota
                                                                                                                                        
 
                                                                                                                                        Determine whether to automatically create a ResourceQuota when creating a namespace. With quota management, you can control the number of workloads of each type and the upper limits of resources in a namespace or related dimensions.
                                                                                                                                        
-
                                                                                                                                        • false: Auto creation is disabled.
                                                                                                                                        • true: Auto creation is enabled. For details about the resource quota defaults, see Configuring Resource Quotas.
                                                                                                                                        
-
                                                                                                                                        Configuration suggestion: In high-concurrency scenarios (for example, batch creation of pods), resource quota management may cause some requests to fail due to conflicts. This function should not be enabled unless necessary. If you enable it, ensure that the request client has a retry mechanism.
                                                                                                                                        
+
                                                                                                                                        Determine whether to automatically create a ResourceQuota when creating a namespace. With quota management, you can control the number of workloads of each type and the upper limits of resources in a namespace or related dimensions.
                                                                                                                                        
+
                                                                                                                                        • false: Auto creation is disabled.
                                                                                                                                        • true: Auto creation is enabled. For details about the resource quota defaults, see Configuring Resource Quotas.
                                                                                                                                        
+
                                                                                                                                        Configuration suggestion: In high-concurrency scenarios (for example, batch creation of pods), resource quota management may cause some requests to fail due to conflicts. This function should not be enabled unless necessary. If you enable it, ensure that the request client has a retry mechanism.
                                                                                                                                        
 
                                                                                                                                        Default: false
                                                                                                                                        
+
                                                                                                                                        Default: false
                                                                                                                                        
+
                                                                                                                                        Console/API
                                                                                                                                        
                                                                                                                                         		
 
                                                                                                                                        
                                                                                                                                         
 
                                                                                                                                        
 
                                                                                                                                        
-
                                                                                                                                      4. Click OK.
                                                                                                                                        5. 
 
 
                                                                                                                                        References
                                                                                                                                        
 
                                                                                                                                        
 
 
                                                                                                                                        
 
                                                                                                                                        
-
                                                                                                                                        Parent topic: Managing a Cluster
                                                                                                                                        
+
                                                                                                                                        Parent topic: Managing Clusters
                                                                                                                                        
 
                                                                                                                                        
 
                                                                                                                                        
 
diff --git a/docs/cce/umn/cce_10_0214.html b/docs/cce/umn/cce_10_0214.html
index 8d59cb37c..c879809ef 100644
--- a/docs/cce/umn/cce_10_0214.html
+++ b/docs/cce/umn/cce_10_0214.html
@@ -4,17 +4,17 @@
 
                                                                                                                                        Scenario
                                                                                                                                        If a cluster is not needed temporarily, hibernate it to reduce costs.
                                                                                                                                        
 
                                                                                                                                        After a cluster is hibernated, resources such as workloads cannot be created or managed in the cluster.
                                                                                                                                        
 
                                                                                                                                        
-
                                                                                                                                        Precautions
                                                                                                                                        • During cluster wakeup, the master node may fail to start due to insufficient resources, which leads to a cluster wakeup failure. In this case, wait for a while and try again.
                                                                                                                                        • After a cluster is woken up, it takes 3 to 5 minutes to initialize data. Deliver services after the cluster runs properly.
                                                                                                                                        
+
                                                                                                                                        Precautions
                                                                                                                                        • During cluster wakeup, the master node may fail to start due to insufficient resources. This leads to a cluster wakeup failure. In this case, wait for a while and try again.
                                                                                                                                        • After a cluster is woken up, it takes 3 to 5 minutes to initialize data. Deliver services after the cluster runs properly.
                                                                                                                                        
 
                                                                                                                                        
-
                                                                                                                                        Hibernating a Cluster
                                                                                                                                        1. Log in to the CCE console. In the navigation pane, choose Clusters.
                                                                                                                                        2. Locate the cluster to be hibernated, click ... to view more operations on the cluster, and choose Hibernate.
                                                                                                                                        3. In the dialog box displayed, check the precautions and click Yes. Wait until the cluster is hibernated.
                                                                                                                                        
+
                                                                                                                                        Hibernating a Cluster
                                                                                                                                        1. Log in to the CCE console. In the navigation pane, choose Clusters.
                                                                                                                                        2. Locate the cluster to be hibernated, click ... to view more operations on the cluster, and choose Hibernate.
                                                                                                                                        3. In the dialog box displayed, check the precautions and click Yes. Wait until the cluster is hibernated.
                                                                                                                                        
 
                                                                                                                                        
 
                                                                                                                                        Waking Up a Cluster
                                                                                                                                        You can wake up a hibernated cluster as needed.
                                                                                                                                        
-
                                                                                                                                        1. Log in to the CCE console. In the navigation pane, choose Clusters.
                                                                                                                                        2. Click Wake Up in the row of the target cluster.
                                                                                                                                        3. When the cluster status changes from Waking up to Running, the cluster is woken up. It takes about 3 to 5 minutes to wake up the cluster. 
                                                                                                                                        
+
                                                                                                                                        1. Log in to the CCE console. In the navigation pane, choose Clusters.
                                                                                                                                        2. Click Wake Up in the row of the target cluster.
                                                                                                                                        3. When the cluster status changes from Waking up to Running, the cluster is woken up. It takes about 3 to 5 minutes to wake up the cluster. 
                                                                                                                                        
 
                                                                                                                                        
 
                                                                                                                                        
 
                                                                                                                                        
 
                                                                                                                                        
-
                                                                                                                                        Parent topic: Managing a Cluster
                                                                                                                                        
+
                                                                                                                                        Parent topic: Managing Clusters
                                                                                                                                        
 
                                                                                                                                        
 
                                                                                                                                        
 
diff --git a/docs/cce/umn/cce_10_0216.html b/docs/cce/umn/cce_10_0216.html
index ef4311b66..bb946d151 100644
--- a/docs/cce/umn/cce_10_0216.html
+++ b/docs/cce/umn/cce_10_0216.html
@@ -1,78 +1,111 @@
 
 
 
                                                                                                                                        Creating a DaemonSet
                                                                                                                                        
-
                                                                                                                                        Scenario
                                                                                                                                        CCE provides deployment and management capabilities for multiple types of containers and supports features of container workloads, including creation, configuration, monitoring, scaling, upgrade, uninstall, service discovery, and load balancing.
                                                                                                                                        
-
                                                                                                                                        DaemonSet ensures that only one pod runs on all or some nodes. When a node is added to a cluster, a new pod is also added for the node. When a node is removed from a cluster, the pod is also reclaimed. If a DaemonSet is deleted, all pods created by it will be deleted.
                                                                                                                                        
-
                                                                                                                                        The typical application scenarios of a DaemonSet are as follows:
                                                                                                                                        
-
                                                                                                                                        • Run the cluster storage daemon, such as glusterd or Ceph, on each node.
                                                                                                                                        • Run the log collection daemon, such as Fluentd or Logstash, on each node.
                                                                                                                                        • Run the monitoring daemon, such as Prometheus Node Exporter, collectd, Datadog agent, New Relic agent, or Ganglia (gmond), on each node.
                                                                                                                                        
-
                                                                                                                                        You can deploy a DaemonSet for each type of daemons on all nodes, or deploy multiple DaemonSets for the same type of daemons. In the second case, DaemonSets have different flags and different requirements on memory and CPU for different hardware types.
                                                                                                                                        
+
                                                                                                                                        A DaemonSet is a Kubernetes workload type that ensures a pod runs on all or selected nodes in a cluster. When a new node is added to the cluster, the DaemonSet controller automatically creates a pod on the node. Conversely, when a node is removed, its pods are deleted.
                                                                                                                                        
+
                                                                                                                                        DaemonSets are ideal for maintaining consistent services across a cluster. Common application scenarios include:
                                                                                                                                        
+
                                                                                                                                        • Cluster storage process: It needs to be deployed on each node in a cluster to ensure that all nodes can access the storage backend. Such processes include GlusterFS and Ceph.
                                                                                                                                        
+
                                                                                                                                        • Log collection process: It needs to be deployed on each node in a cluster to collect node logs and forward the logs to a unified log system. Such processes include Fluentd and Logstash.
                                                                                                                                        • Monitoring process: It needs to be deployed on each node in a cluster to collect node performance data. Such processes include Prometheus node exporter.
                                                                                                                                        
+
                                                                                                                                        Prerequisites
                                                                                                                                        
 
                                                                                                                                        
-
                                                                                                                                        Prerequisites
                                                                                                                                        Before creating a DaemonSet, you must have an available cluster. For details on how to create a cluster, see Creating a CCE Standard/Turbo Cluster.
                                                                                                                                        
-
                                                                                                                                        
-
                                                                                                                                        Using the CCE Console
                                                                                                                                        1. Log in to the CCE console.
                                                                                                                                        2. Click the cluster name to go to the cluster console, choose Workloads in the navigation pane, and click the Create Workload in the upper right corner.
                                                                                                                                        3. Set basic information about the workload.
                                                                                                                                          Basic Info
                                                                                                                                          • Workload Type: Select DaemonSet. For details about workload types, see Overview.
                                                                                                                                          • Workload Name: Enter the name of the workload. Enter 1 to 63 characters starting with a lowercase letter and ending with a lowercase letter or digit. Only lowercase letters, digits, and hyphens (-) are allowed.
                                                                                                                                          • Namespace: Select the namespace of the workload. The default value is default. You can also click Create Namespace to create one. For details, see Creating a Namespace.
                                                                                                                                          • Container Runtime: A CCE standard cluster uses a common runtime by default, whereas a CCE Turbo cluster supports both common and secure runtimes. For details about the differences, see Secure Runtime and Common Runtime.
                                                                                                                                          • Time Zone Synchronization: Specify whether to enable time zone synchronization. After time zone synchronization is enabled, the container and node use the same time zone. The time zone synchronization function depends on the local disk mounted to the container. Do not modify or delete the time zone. For details, see Configuring Time Zone Synchronization.
                                                                                                                                          
-
                                                                                                                                          
-
                                                                                                                                          Container Settings
                                                                                                                                          • Container Information
                                                                                                                                            Multiple containers can be configured in a pod. You can click Add Container on the right to configure multiple containers for the pod.
                                                                                                                                            • Basic Info: Configure basic information about the container.
-
                                                                                                                                              Parameter
                                                                                                                                              
+
                                                                                                                                              Using the CCE Console
                                                                                                                                              1. Log in to the CCE console.
                                                                                                                                              2. Click the cluster name to go to the cluster console, choose Workloads in the navigation pane, and click the Create Workload in the upper right corner.
                                                                                                                                              3. Configure basic information about the workload.
                                                                                                                                                
+
                                                                                                                                                
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
                                                                                                                                                Parameter
                                                                                                                                                
 
                                                                                                                                                Description
                                                                                                                                                
+
                                                                                                                                                Description
                                                                                                                                                
                                                                                                                                                 		
 
                                                                                                                                                
 
                                                                                                                                                Container Name
                                                                                                                                                
+
                                                                                                                                                Workload Type
                                                                                                                                                
 
                                                                                                                                                Name the container.
                                                                                                                                                
+
                                                                                                                                                Select DaemonSet. For details about different workload types, see Workload Overview.
                                                                                                                                                
                                                                                                                                                 		
 
                                                                                                                                                Pull Policy
                                                                                                                                                
+
                                                                                                                                                Workload Name
                                                                                                                                                
 
                                                                                                                                                Image update or pull policy. If you select Always, the image is pulled from the image repository each time. If you do not select Always, the existing image of the node is preferentially used. If the image does not exist, the image is pulled from the image repository.
                                                                                                                                                
+
                                                                                                                                                Enter a name for the workload. Enter 1 to 63 characters starting with a lowercase letter and ending with a lowercase letter or digit. Only lowercase letters, digits, and hyphens (-) are allowed.
                                                                                                                                                
                                                                                                                                                 		
 
                                                                                                                                                Image Name
                                                                                                                                                
+
                                                                                                                                                Namespace
                                                                                                                                                
 
                                                                                                                                                Click Select Image and select the image used by the container.
                                                                                                                                                
+
                                                                                                                                                Select a namespace for the workload. The default value is default. You can also click Create Namespace to create one. For details, see Creating a Namespace.
                                                                                                                                                
+
                                                                                                                                                Container Runtime
                                                                                                                                                
+
                                                                                                                                                A CCE standard cluster uses a common runtime by default, whereas a CCE Turbo cluster supports both common and secure runtimes. For details about their differences, see Secure Runtime and Common Runtime.
                                                                                                                                                
+
                                                                                                                                                Time Zone Synchronization
                                                                                                                                                
+
                                                                                                                                                Configure whether to enable time zone synchronization. After this function is enabled, the container and node will share the same time zone. Time zone synchronization relies on the local disk mounted to the container. Do not modify or delete the local disk. For details, see Configuring Time Zone Synchronization.
                                                                                                                                                
+
                                                                                                                                                
+
                                                                                                                                                
+
                                                                                                                                              4. Configure container settings for the workload.
                                                                                                                                                • Container Information: Click Add Container on the right to configure multiple containers for the pod.
                                                                                                                                                   
                                                                                                                                                  If you configured multiple containers for a pod, ensure that the ports used by each container do not conflict with each other, or the workload cannot be deployed.
                                                                                                                                                  
+
                                                                                                                                                  
+
                                                                                                                                                  • Basic Info: Configure basic information about the container.
+
                                                                                                                                                    
+
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@@ -81,28 +114,60 @@
 
                                                                                                                                                    Parameter
                                                                                                                                                    
+
                                                                                                                                                    Description
                                                                                                                                                    
+
                                                                                                                                                    Container Name
                                                                                                                                                    
+
                                                                                                                                                    Enter a name for the container.
                                                                                                                                                    
+
                                                                                                                                                    Pull Policy
                                                                                                                                                    
+
                                                                                                                                                    Image update or pull policy. If you select Always, the image is pulled from the image repository each time. If you do not select Always, the existing image of the node is preferentially used. If the image does not exist, the image is pulled from the image repository.
                                                                                                                                                    
+
                                                                                                                                                    Image Name
                                                                                                                                                    
+
                                                                                                                                                    Click Select Image and select the image used by the container.
                                                                                                                                                    
 
                                                                                                                                                    To use a third-party image, directly enter image path. Ensure that the image access credential can be used to access the image repository. For details, see Using Third-Party Images.
                                                                                                                                                    
                                                                                                                                                     		
 
                                                                                                                                                    Image Tag
                                                                                                                                                    
+
                                                                                                                                                    Image Tag
                                                                                                                                                    
 
                                                                                                                                                    Select the image tag to be deployed.
                                                                                                                                                    
+
                                                                                                                                                    Select the image tag to be deployed.
                                                                                                                                                    
                                                                                                                                                     		
 
                                                                                                                                                    CPU Quota
                                                                                                                                                    
+
                                                                                                                                                    CPU Quota
                                                                                                                                                    
 
                                                                                                                                                    • Request: minimum number of CPU cores required by a container. The default value is 0.25 cores.
                                                                                                                                                    • Limit: maximum number of CPU cores that can be used by a container. This prevents containers from using excessive resources.
                                                                                                                                                    
+
                                                                                                                                                    • Request: minimum number of CPU cores required by a container. The default value is 0.25 cores.
                                                                                                                                                    • Limit: maximum number of CPU cores that can be used by a container. This prevents containers from using excessive resources.
                                                                                                                                                    
 
                                                                                                                                                    If Request and Limit are not specified, the quota is not limited. For more information and suggestions about Request and Limit, see Configuring Container Specifications.
                                                                                                                                                    
                                                                                                                                                     		
 
                                                                                                                                                    Memory Quota
                                                                                                                                                    
+
                                                                                                                                                    Memory Quota
                                                                                                                                                    
 
                                                                                                                                                    • Request: minimum amount of memory required by a container. The default value is 512 MiB.
                                                                                                                                                    • Limit: maximum amount of memory available for a container. When memory usage exceeds the specified memory limit, the container will be terminated.
                                                                                                                                                    
+
                                                                                                                                                    • Request: minimum amount of memory required by a container. The default value is 512 MiB.
                                                                                                                                                    • Limit: maximum amount of memory available for a container. When memory usage exceeds the specified memory limit, the container will be terminated.
                                                                                                                                                    
 
                                                                                                                                                    If Request and Limit are not specified, the quota is not limited. For more information and suggestions about Request and Limit, see Configuring Container Specifications.
                                                                                                                                                    
                                                                                                                                                     		
 
                                                                                                                                                    (Optional) GPU Quota
                                                                                                                                                    
+
                                                                                                                                                    (Optional) GPU Quota
                                                                                                                                                    
 
                                                                                                                                                    Configurable only when the cluster contains GPU nodes and the CCE AI Suite (NVIDIA GPU) add-on has been installed.
                                                                                                                                                    
+
                                                                                                                                                    Configurable only when the cluster contains GPU nodes and the CCE AI Suite (NVIDIA GPU) add-on has been installed.
                                                                                                                                                    
 
                                                                                                                                                    • Do not use: No GPU will be used.
                                                                                                                                                    • GPU card: The GPU is dedicated for the container.
                                                                                                                                                    • GPU Virtualization: percentage of GPU resources used by the container. For example, if this parameter is set to 10%, the container will use 10% of GPU resources.
                                                                                                                                                    
-
                                                                                                                                                    For details about how to use GPUs in the cluster, see Default GPU Scheduling in Kubernetes.
                                                                                                                                                    
+
                                                                                                                                                    For details about how to use GPUs in a cluster, see Default GPU Scheduling in Kubernetes.
                                                                                                                                                    
                                                                                                                                                     		
 
                                                                                                                                                    (Optional) Privileged Container
                                                                                                                                                    
+
                                                                                                                                                    (Optional) Privileged Container
                                                                                                                                                    
 
                                                                                                                                                    Programs in a privileged container have certain privileges.
                                                                                                                                                    
-
                                                                                                                                                    If Privileged Container is enabled, the container is assigned privileges. For example, privileged containers can manipulate network devices on the host machine and modify kernel parameters.
                                                                                                                                                    
+
                                                                                                                                                    Programs in a privileged container have certain privileges. If this option is enabled, the container will be assigned privileges. For example, privileged containers can manipulate network devices on the host machine, modify kernel parameters, access all devices on the node.
                                                                                                                                                    
+
                                                                                                                                                    For more information, see Pod Security Standards.
                                                                                                                                                    
                                                                                                                                                     		
 
                                                                                                                                                    (Optional) Init Container
                                                                                                                                                    
+
                                                                                                                                                    (Optional) Init Container
                                                                                                                                                    
 
                                                                                                                                                    Whether to use the container as an init container. An init container does not support health check.
                                                                                                                                                    
+
                                                                                                                                                    Whether to use the container as an init container. An init container does not support health check.
                                                                                                                                                    
 
                                                                                                                                                    An init container is a special container that runs before other app containers in a pod are started. Each pod can contain multiple containers. In addition, a pod can contain one or more init containers. Application containers in a pod are started and run only after the running of all init containers completes. For details, see Init Containers.
                                                                                                                                                    
                                                                                                                                                     		
 
                                                                                                                                                    (Optional) Run Option
                                                                                                                                                    
+
                                                                                                                                                    (Optional) Run Option
                                                                                                                                                    
 
                                                                                                                                                    Add run options for the container. For details, see Pod. CCE supports the following run options:
                                                                                                                                                    
+
                                                                                                                                                    Add run options for the container. For details, see Pod. CCE supports the following run options:
                                                                                                                                                    
 
                                                                                                                                                    • stdin: allows containers to receive input from external sources, such as terminals or other input streams.
                                                                                                                                                    • tty: allocates a pseudo terminal to containers, allowing you to send commands to them as if you were using a local terminal.
                                                                                                                                                      In most cases, tty is enabled along with stdin, indicating that the terminal (tty) is associated with the standard input (stdin) of the container. This allows for interactive operations, similar to the kubectl exec -i -t command. The difference is that this parameter has been configured when the pod is launched.
                                                                                                                                                      
 
                                                                                                                                                    
 
                                                                                                                                                    
 
                                                                                                                                                    
 
                                                                                                                                                  
-
                                                                                                                                                  • (Optional) Lifecycle: Configure operations to be performed in a specific phase of the container lifecycle, such as Startup Command, Post-Start, and Pre-Stop. For details, see Configuring Container Lifecycle Parameters.
                                                                                                                                                  • (Optional) Health Check: Set the liveness probe, ready probe, and startup probe as required. For details, see Configuring Container Health Check.
                                                                                                                                                  • (Optional) Environment Variables: Configure variables for the container running environment using key-value pairs. These variables transfer external information to containers running in pods and can be flexibly modified after application deployment. For details, see Configuring Environment Variables.
                                                                                                                                                  • (Optional) Data Storage: Mount local storage or cloud storage to the container. The application scenarios and mounting modes vary with the storage type. For details, see Storage.
                                                                                                                                                  • (Optional) Security Context: Assign container permissions to protect the system and other containers from being affected. Enter the user ID to assign container permissions and prevent systems and other containers from being affected.
                                                                                                                                                  • (Optional) Logging: Report standard container output logs to AOM by default, without requiring manual settings. You can manually configure the log collection path. For details, see Collecting Container Logs Using ICAgent.
                                                                                                                                                    To disable the standard output of the current workload, add the annotation kubernetes.AOM.log.stdout: [] in Labels and Annotations. For details about how to use this annotation, see Table 1.
                                                                                                                                                    
+
                                                                                                                                                    • (Optional) Lifecycle: Configure operations to be performed in a specific phase of the container lifecycle, such as Startup Command, Post-Start, and Pre-Stop. For details, see Configuring the Container Lifecycle.
                                                                                                                                                    • (Optional) Health Check: Set the liveness probe, ready probe, and startup probe as required. For details, see Configuring Container Health Check.
                                                                                                                                                    • (Optional) Environment Variables: Configure variables for the container running environment using key-value pairs. These variables transfer external information to containers running in pods and can be flexibly modified after application deployment. For details, see Configuring Environment Variables.
                                                                                                                                                    • (Optional) Data Storage: Mount local storage or cloud storage to the container. The application scenarios and mounting modes vary with the StorageClass. For details, see Storage.
                                                                                                                                                    • (Optional) Security Context: Assign container permissions to protect the system and other containers from being affected. Enter the user ID to assign container permissions and prevent systems and other containers from being affected.
                                                                                                                                                    • (Optional) Logging: Report standard container output logs to AOM by default, without requiring manual settings. You can manually configure the log collection path. For details, see Collecting Container Logs Using ICAgent.
                                                                                                                                                      To disable the collection of the standard output logs of the current workload, add the annotation kubernetes.AOM.log.stdout: [] in Labels and Annotations in the Advanced Settings area. For details about how to use this annotation, see Table 1.
                                                                                                                                                      
 
                                                                                                                                                    
+
                                                                                                                                                  • Image Access Credential: Select the credential used for accessing the image repository. The default value is default-secret. You can use default-secret to access images in SWR Shared Edition. For details about default-secret, see default-secret.
                                                                                                                                                  • (Optional) GPU: All is selected by default. The workload instance will be scheduled to the node of the specified GPU type.
                                                                                                                                                  
+
                                                                                                                                                • (Optional) Configure the settings of the Service associated with the workload.
                                                                                                                                                  A Service provides external access for pods. With a static IP address, a Service forwards access traffic to pods and automatically balances load for these pods.
                                                                                                                                                  
+
                                                                                                                                                  You can also create a Service after creating a workload. For details about Services of different types, see Service Overview.
                                                                                                                                                  
+
                                                                                                                                                • (Optional) Configure advanced settings for the workload.
                                                                                                                                                  
+
                                                                                                                                                  
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                  Parameter
                                                                                                                                                  
+
                                                                                                                                                  Description
                                                                                                                                                  
+
                                                                                                                                                  Upgrade
                                                                                                                                                  
+
                                                                                                                                                  Specify the upgrade mode and parameters of the workload. Rolling upgrade and Replace upgrade are available. For details, see Upgrading and Rolling Back a Workload.
                                                                                                                                                  
+
                                                                                                                                                  Scheduling
                                                                                                                                                  
+
                                                                                                                                                  Configure affinity and anti-affinity policies for flexible workload scheduling. Node affinity is provided.
                                                                                                                                                  
+
                                                                                                                                                  • Node Affinity: Common load affinity policies are offered for quick load affinity deployment.
                                                                                                                                                    • Not configured: No node affinity policy is configured.
                                                                                                                                                    • Specify node: Workload pods can be deployed on specified nodes through node affinity (nodeAffinity). If no node is specified, the pods will be randomly scheduled based on the default scheduling policy of the cluster.
                                                                                                                                                    • Specify node pool: Workload pods can be deployed in a specified node pool through node affinity (nodeAffinity). If no node pool is specified, the pods will be randomly scheduled based on the default scheduling policy of the cluster.
                                                                                                                                                    • Customize affinity: Affinity and anti-affinity policies can be customized. For details, see Configuring Node Affinity Scheduling (nodeAffinity).
                                                                                                                                                    
+
                                                                                                                                                  
+
                                                                                                                                                  Toleration
                                                                                                                                                  
+
                                                                                                                                                  Using both taints and tolerations allows (not forcibly) the pod to be scheduled to a node with the matching taints, and controls the pod eviction policies after the node where the pod is located is tainted. For details, see Configuring Tolerance Policies.
                                                                                                                                                  
+
                                                                                                                                                  Labels and Annotations
                                                                                                                                                  
+
                                                                                                                                                  Add labels or annotations for pods using key-value pairs. After the setting, click Confirm. For details about labels and annotations, see Configuring Labels and Annotations.
                                                                                                                                                  
+
                                                                                                                                                  DNS
                                                                                                                                                  
+
                                                                                                                                                  Configure a separate DNS policy for the workload. For details, see DNS Configuration.
                                                                                                                                                  
+
                                                                                                                                                  Network Configuration
                                                                                                                                                  
+                                                                                                                                                  		
+
                                                                                                                                                  
 
                                                                                                                                                  
-
                                                                                                                                                • Image Access Credential: Select the credential used for accessing the image repository. The default value is default-secret. You can use default-secret to access images in SWR Shared Edition. For details about default-secret, see default-secret.
                                                                                                                                                • (Optional) GPU: All is selected by default. The workload instance will be scheduled to the node of the specified GPU type.
                                                                                                                                                
-
                                                                                                                                              
-
                                                                                                                                              (Optional) Service Settings
                                                                                                                                              
-
                                                                                                                                              A Service provides external access for pods. With a static IP address, a Service forwards access traffic to pods and automatically balances load for these pods.
                                                                                                                                              
-
                                                                                                                                              You can also create a Service after creating a workload. For details about Services of different types, see Overview.
                                                                                                                                              
-
                                                                                                                                              (Optional) Advanced Settings
-
                                                                                                                                              • Scheduling: Configure affinity and anti-affinity policies for flexible workload scheduling. Node affinity is provided.
                                                                                                                                                • Node Affinity: Common load affinity policies are offered for quick load affinity deployment.
                                                                                                                                                  • Not configured: No node affinity policy is configured.
                                                                                                                                                  • Specified node scheduling: Workload pods can be deployed on specified nodes through node affinity (nodeAffinity). If no node is specified, the pods will be randomly scheduled based on the default scheduling policy of the cluster.
                                                                                                                                                  • Specified node pool scheduling: Workload pods can be deployed in a specified node pool through node affinity (nodeAffinity). If no node pool is specified, the pods will be randomly scheduled based on the default scheduling policy of the cluster.
                                                                                                                                                  • Customize affinity: Affinity and anti-affinity policies can be customized. For details, see Configuring Node Affinity Scheduling (nodeAffinity).
                                                                                                                                                  
-
                                                                                                                                                
-
                                                                                                                                              
-
                                                                                                                                              • Toleration: Using both taints and tolerations allows (not forcibly) the pod to be scheduled to a node with the matching taints, and controls the pod eviction policies after the node where the pod is located is tainted. For details, see Configuring Tolerance Policies.
                                                                                                                                              • Labels and Annotations: Add labels or annotations for pods using key-value pairs. After entering the key and value, click Confirm. For details about how to use and configure labels and annotations, see Configuring Labels and Annotations.
                                                                                                                                              • DNS: Configure a separate DNS policy for the workload. For details, see DNS Configuration.
                                                                                                                                              • Network Configuration
                                                                                                                                                • Pod ingress/egress bandwidth limitation: You can set ingress/egress bandwidth limitation for pods. For details, see Configuring QoS for a Pod.
                                                                                                                                                • Whether to enable a specified container network configuration: available only for clusters that support this function. After you enable a specified container network configuration, the workload will be created using the container subnet and security group in the configuration. For details, see Binding a Subnet and Security Group to a Namespace or Workload Using a Container Network Configuration.
                                                                                                                                                • Specify the container network configuration name: Only the custom container network configuration whose associated resource type is workload can be selected.
                                                                                                                                                • IPv6 shared bandwidth: available only for clusters that support this function. After this function is enabled, you can configure a shared bandwidth for a pod with IPv6 dual-stack ENIs. For details, see Configuring Shared Bandwidth for a Pod with IPv6 Dual-Stack ENIs.
                                                                                                                                                
-
                                                                                                                                              
-
                                                                                                                                              
-
                                                                                                                                            • Click Create Workload in the lower right corner. After a period of time, the workload enters the Running state.
                                                                                                                                              
+
                                                                                                                                            • Click Create Workload in the lower right corner. After a period of time, the workload enters the Running state.
                                                                                                                                              
 
                                                                                                                                              
 
                                                                                                                                              • 
 
 
                                                                                                                                              Using kubectl
                                                                                                                                              The following procedure uses Nginx as an example to describe how to create a workload using kubectl.
                                                                                                                                              
 
                                                                                                                                              1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                              2. Create and edit the nginx-daemonset.yaml file. nginx-daemonset.yaml is an example file name, and you can change it as required.
                                                                                                                                                vi nginx-daemonset.yaml
                                                                                                                                                
-
                                                                                                                                                The content of the description file is as follows: The following provides an example. For more information on DaemonSets, see Kubernetes documentation.
                                                                                                                                                
+
                                                                                                                                                Below shows the content of the description file. It is only an example. For details about DaemonSets, see the Kubernetes official documentation.
                                                                                                                                                
 
                                                                                                                                                apiVersion: apps/v1
 kind: DaemonSet
 metadata:
@@ -138,10 +203,10 @@ spec:
 
                                                                                                                                                If the following information is displayed, the DaemonSet is being created.
                                                                                                                                                
 
                                                                                                                                                daemonset.apps/nginx-daemonset created
                                                                                                                                                
 
                                                                                                                                              3. Obtain the DaemonSet status.
                                                                                                                                                kubectl get ds
                                                                                                                                                
-
                                                                                                                                                The command output is as follows:
                                                                                                                                                
+
                                                                                                                                                Command output:
                                                                                                                                                
 
                                                                                                                                                NAME              DESIRED   CURRENT   READY   UP-TO-DATE   AVAILABLE   NODE SELECTOR   AGE
 nginx-daemonset   1         1         0       1            0           daemon=need     116s
                                                                                                                                                
-
                                                                                                                                              4. If the workload will be accessed through a ClusterIP or NodePort Service, configure the access mode. For details, see Network.
                                                                                                                                              
+
                                                                                                                                            • If the workload will be accessed through a ClusterIP or NodePort Service, configure the access mode. For details, see Networking.
                                                                                                                                              • 
 
                                                                                                                                              
 
 
                                                                                                                                              
diff --git a/docs/cce/umn/cce_10_0222.html b/docs/cce/umn/cce_10_0222.html
index 194c7d97b..f90f629a3 100644
--- a/docs/cce/umn/cce_10_0222.html
+++ b/docs/cce/umn/cce_10_0222.html
@@ -1,6 +1,6 @@
 
 
-
                                                                                                                                              Managing a Node Pool
                                                                                                                                              
+
                                                                                                                                              Managing Node Pools
                                                                                                                                              
 
                                                                                                                                              
 
                                                                                                                                              
 
                                                                                                                                                
diff --git a/docs/cce/umn/cce_10_0240.html b/docs/cce/umn/cce_10_0240.html
index 870e7eac0..789ede063 100644
--- a/docs/cce/umn/cce_10_0240.html
+++ b/docs/cce/umn/cce_10_0240.html
@@ -4,11 +4,11 @@
 
                                                                                                                                                The CCE Advanced HPA add-on (formerly cce-hpa-controller) is developed by CCE. It can be used to flexibly scale in or out Deployments based on metrics such as CPU usage and memory usage.
                                                                                                                                                
 
                                                                                                                                                Main Functions
                                                                                                                                                • Scaling can be performed based on the percentage of the current number of pods.
                                                                                                                                                • The minimum scaling step can be set.
                                                                                                                                                • Different scaling operations can be performed based on the actual metric values.
                                                                                                                                                
 
                                                                                                                                                
-
                                                                                                                                                Notes and Constraints
                                                                                                                                                • If the add-on version is 1.2.11 or later, the add-ons that can provide metrics API must be installed.
                                                                                                                                                  • Kubernetes Metrics Server: provides basic resource usage metrics, such as container CPU and memory usage. It is supported by all cluster versions.
                                                                                                                                                  • Cloud Native Cluster Monitoring: available only in clusters of v1.17 or later.
+
                                                                                                                                                    Notes and Constraints
                                                                                                                                                    • If the add-on version is 1.2.11 or later, the add-ons that can provide metrics API must be installed.
 
                                                                                                                                                    
 
                                                                                                                                                    
-
                                                                                                                                                    Installing the Add-on
                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Add-ons, locate CCE Advanced HPA on the right, and click Install.
                                                                                                                                                    2. On the Install Add-on page, configure the specifications as needed.
                                                                                                                                                      • If you selected Preset, the add-on specifications will be automatically configured based on the recommended values by CCE. These values are suitable for most scenarios and can be viewed on the console.
                                                                                                                                                      • If you selected Custom, you can modify the number of replicas, CPUs, and memory of each add-on component as required.
                                                                                                                                                         
                                                                                                                                                        Replicas: HA is not possible with just one replica, so one replica is used only for verification. In commercial scenarios, you can configure multiple replicas based on the cluster specifications.
                                                                                                                                                        
+
                                                                                                                                                        Installing the Add-on
                                                                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                        2. In the navigation pane, choose Add-ons. Locate CCE Advanced HPA on the right and click Install.
                                                                                                                                                        3. On the Install Add-on page, configure the specifications as needed.
                                                                                                                                                          • If you selected Preset, the add-on specifications will be automatically configured based on the recommended values by CCE. These values are suitable for most scenarios and can be viewed on the console.
                                                                                                                                                          • If you selected Custom, you can modify the number of replicas, vCPUs, and memory of each add-on component as required.
                                                                                                                                                             
                                                                                                                                                            Replicas: HA is not possible with just one replica, so one replica is used only for verification. In commercial scenarios, you can configure multiple replicas based on the cluster specifications.
                                                                                                                                                            
 
                                                                                                                                                            CPU Quota and Memory Quota: The resource quotas of a component are affected by how many containers and scaling policies in a cluster. For typical situations, it is recommended that you configure 500m CPU cores and 1,000 MiB of memory for every 5,000 containers in a cluster. As for scaling policies, 100m CPU cores and 500 MiB of memory should be configured for every 1,000 of them.
                                                                                                                                                            
 
                                                                                                                                                            
 
                                                                                                                                                          
@@ -17,26 +17,26 @@
 
                                                                                                                                                        4. Configure deployment policies for the add-on pods.
                                                                                                                                                           
                                                                                                                                                          • Scheduling policies do not take effect on add-on pods of the DaemonSet type.
                                                                                                                                                          • When configuring multi-AZ deployment or node affinity, ensure that there are nodes meeting the scheduling policy and that resources are sufficient in the cluster. Otherwise, the add-on cannot run.
                                                                                                                                                          
 
                                                                                                                                                          
 
-
                                                                                                                                                          Table 1 Configurations for add-on scheduling
                                                                                                                                                          Parameter
                                                                                                                                                          
+
                                                                                                                                                          
-
-
-
-
-
-
-
@@ -66,8 +66,8 @@
 
                                                                                                                                                          Table 1 Configurations for add-on scheduling
                                                                                                                                                          Parameter
                                                                                                                                                          
 
                                                                                                                                                          Description
                                                                                                                                                          
+
                                                                                                                                                          Description
                                                                                                                                                          
                                                                                                                                                           		
 
                                                                                                                                                          
 
                                                                                                                                                          Multi-AZ Deployment
                                                                                                                                                          
+
                                                                                                                                                          Multi-AZ Deployment
                                                                                                                                                          
 
                                                                                                                                                          • Preferred: Deployment pods of the add-on will be preferentially scheduled to nodes in different AZs. If all the nodes in the cluster are deployed in the same AZ, the pods will be scheduled to different nodes in that AZ.
                                                                                                                                                          • Equivalent mode: Deployment pods of the add-on are evenly scheduled to the nodes in the cluster in each AZ. If a new AZ is added, you are advised to increase add-on pods for cross-AZ HA deployment. With the Equivalent multi-AZ deployment, the difference between the number of add-on pods in different AZs will be less than or equal to 1. If resources in one of the AZs are insufficient, pods cannot be scheduled to that AZ.
                                                                                                                                                          • Forcible: Deployment pods of the add-on are forcibly scheduled to nodes in different AZs. There can be at most one pod in each AZ. If nodes in a cluster are not in different AZs, some add-on pods cannot run properly. If a node is faulty, add-on pods on it may fail to be migrated.
                                                                                                                                                          
+
                                                                                                                                                          • Preferred: Deployment pods of the add-on will be preferentially scheduled to nodes in different AZs. If all the nodes in the cluster are deployed in the same AZ, the pods will be scheduled to different nodes in that AZ.
                                                                                                                                                          • Equivalent mode: Deployment pods of the add-on are evenly scheduled to the nodes in the cluster in each AZ. If a new AZ is added, you are advised to increase add-on pods for cross-AZ HA deployment. With the Equivalent multi-AZ deployment, the difference between the number of add-on pods in different AZs will be less than or equal to 1. If resources in one of the AZs are insufficient, pods cannot be scheduled to that AZ.
                                                                                                                                                          • Forcible: Deployment pods of the add-on are forcibly scheduled to nodes in different AZs. There can be at most one pod in each AZ. If nodes in a cluster are not in different AZs, some add-on pods cannot run properly. If a node is faulty, add-on pods on it may fail to be migrated.
                                                                                                                                                          
                                                                                                                                                           		
 
                                                                                                                                                          Node Affinity
                                                                                                                                                          
+
                                                                                                                                                          Node Affinity
                                                                                                                                                          
 
                                                                                                                                                          • Not configured: Node affinity is disabled for the add-on.
                                                                                                                                                          • Specify node: Specify the nodes where the add-on is deployed. If you do not specify the nodes, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                                                                                          • Specify node pool: Specify the node pool where the add-on is deployed. If you do not specify the node pools, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                                                                                          • Customize affinity: Enter the labels of the nodes where the add-on is to be deployed for more flexible scheduling policies. If you do not specify node labels, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                                                                                            If multiple custom affinity policies are configured, ensure that there are nodes that meet all the affinity policies in the cluster. Otherwise, the add-on cannot run.
                                                                                                                                                            
+
                                                                                                                                                          • Not configured: Node affinity is disabled for the add-on.
                                                                                                                                                          • Specify node: Specify the nodes where the add-on is deployed. If you do not specify the nodes, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                                                                                          • Specify node pool: Specify the node pool where the add-on is deployed. If you do not specify the node pools, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                                                                                          • Customize affinity: Enter the labels of the nodes where the add-on is to be deployed for more flexible scheduling policies. If you do not specify node labels, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                                                                                            If multiple custom affinity policies are configured, ensure that there are nodes that meet all the affinity policies in the cluster. Otherwise, the add-on cannot run.
                                                                                                                                                            
 
                                                                                                                                                          
                                                                                                                                                           		
 
                                                                                                                                                          Toleration
                                                                                                                                                          
+
                                                                                                                                                          Toleration
                                                                                                                                                          
 
                                                                                                                                                          Using both taints and tolerations allows (not forcibly) the add-on Deployment to be scheduled to a node with the matching taints, and controls the Deployment eviction policies after the node where the Deployment is located is tainted.
                                                                                                                                                          
+
                                                                                                                                                          Using both taints and tolerations allows (not forcibly) the add-on Deployment to be scheduled to a node with the matching taints, and controls the Deployment eviction policies after the node where the Deployment is located is tainted.
                                                                                                                                                          
 
                                                                                                                                                          The add-on adds the default tolerance policy for the node.kubernetes.io/not-ready and node.kubernetes.io/unreachable taints, respectively. The tolerance time window is 60s.
                                                                                                                                                          
 
                                                                                                                                                          For details, see Configuring Tolerance Policies.
                                                                                                                                                          
 
                                                                                                                                                          
 
                                                                                                                                                          
 
-
                                                                                                                                                          Change History
                                                                                                                                                          
-
                                                                                                                                                          Table 3 Release history
                                                                                                                                                          Add-on Version
                                                                                                                                                          
+
                                                                                                                                                          Release History
                                                                                                                                                          
+
                                                                                                                                                          
@@ -75,7 +75,20 @@
 
-
+
+
+
+
                                                                                                                                                          Table 3 CCE Advanced HPA add-on
                                                                                                                                                          Add-on Version
                                                                                                                                                          
                                                                                                                                                           		
 
                                                                                                                                                          Supported Cluster Version
                                                                                                                                                          
                                                                                                                                                           		
 
                                                                                                                                                          
 
                                                                                                                                                          1.5.24
                                                                                                                                                          
+
                                                                                                                                                          1.5.32
                                                                                                                                                          
+
                                                                                                                                                          v1.25
                                                                                                                                                          
+
                                                                                                                                                          v1.27
                                                                                                                                                          
+
                                                                                                                                                          v1.28
                                                                                                                                                          
+
                                                                                                                                                          v1.29
                                                                                                                                                          
+
                                                                                                                                                          v1.30
                                                                                                                                                          
+
                                                                                                                                                          v1.31
                                                                                                                                                          
+
                                                                                                                                                          v1.32
                                                                                                                                                          
+
                                                                                                                                                          CCE clusters v1.32 are supported.
                                                                                                                                                          
+
                                                                                                                                                          1.5.24
                                                                                                                                                          
                                                                                                                                                           		
 
                                                                                                                                                          v1.25
                                                                                                                                                          
 
                                                                                                                                                          v1.27
                                                                                                                                                          
diff --git a/docs/cce/umn/cce_10_0245.html b/docs/cce/umn/cce_10_0245.html
index 99ad14014..adfa62625 100644
--- a/docs/cce/umn/cce_10_0245.html
+++ b/docs/cce/umn/cce_10_0245.html
@@ -1,7 +1,7 @@
 
 
 
                                                                                                                                                          Example: Designing and Configuring Permissions for Users in a Department
                                                                                                                                                          
-
                                                                                                                                                          Overview
                                                                                                                                                          The conventional distributed task scheduling mode is being replaced by Kubernetes. CCE allows you to easily deploy, manage, and scale containerized applications in the cloud by providing support for you to use Kubernetes.
                                                                                                                                                          
+
                                                                                                                                                          Overview
                                                                                                                                                          The conventional distributed task scheduling mode is being replaced by Kubernetes. CCE is a highly scalable, high-performance, enterprise-class Kubernetes service that provides full compatibility with native Kubernetes applications and tools. It enables you to efficiently deploy, manage, and scale containerized workloads on the cloud and facilitates rapid, reliable deployment of microservices.
                                                                                                                                                          
 
                                                                                                                                                          To help enterprise administrators manage resource permissions in clusters, CCE provides multi-dimensional, fine-grained permission policies and management measures. CCE permissions are described as follows:
                                                                                                                                                          
 
                                                                                                                                                          • Cluster-level permissions: allowing a user group to perform operations on clusters, nodes, charts, and add-ons. These permissions are assigned based on IAM system policies.
                                                                                                                                                          • Namespace-level permissions: allowing a user or user group to perform operations on Kubernetes resources, such as workloads, Services, storage, and namespaces. These permissions are assigned based on Kubernetes RBAC.
                                                                                                                                                          
 
                                                                                                                                                          Cluster permissions and namespace permissions are independent of each other but must be used together. The permissions set for a user group apply to all users in the user group. When multiple permissions are added to a user or user group, they take effect at the same time (the union set is used).
                                                                                                                                                          
@@ -9,7 +9,7 @@
 
                                                                                                                                                          Permission Design
                                                                                                                                                          The following uses company X as an example.
                                                                                                                                                          
 
                                                                                                                                                          Generally, a company has multiple departments or projects, and each department has multiple members. Design how permissions are to be assigned to different groups and projects, and set a user name for each member to facilitate subsequent user group and permissions configuration.
                                                                                                                                                          
 
                                                                                                                                                          The following figure shows the organizational structure of a department in a company and the permissions to be assigned to each member:
                                                                                                                                                          
-
                                                                                                                                                          
+
                                                                                                                                                          
 
                                                                                                                                                          
 
                                                                                                                                                          Director: David
                                                                                                                                                          David is a department director of company X. To assign him all CCE permissions (both cluster and namespace permissions), create the cce-admin user group for David on the IAM console and assign the CCE Administrator role.
                                                                                                                                                          
 
                                                                                                                                                           
                                                                                                                                                          CCE Administrator: This role has all CCE permissions. You do not need to assign other permissions.
                                                                                                                                                          
@@ -24,7 +24,7 @@
 
                                                                                                                                                          Users James, Robert, William, Linda, and Peter are added to the read_only user group.
                                                                                                                                                          
 
                                                                                                                                                          Assign the read-only permission on clusters to the user group read_only.
                                                                                                                                                          
 
                                                                                                                                                          Return to the CCE console, and add the read-only permission on namespaces to the user group read_only to which the five users belong. Choose Permissions on the CCE console, and assign the read-only policy to the user group read_only for each cluster.
                                                                                                                                                          
-
                                                                                                                                                          After the setting is complete, James has the cluster management permissions for all projects and the read-only permissions on all namespaces, and the Robert, William, Linda, and Peter have the read-only permission on all clusters and namespaces.
                                                                                                                                                          
+
                                                                                                                                                          After the setting is complete, James has the cluster management permissions for all projects and the read-only permissions on all namespaces, and Robert, William, Linda, and Peter have the read-only permissions on all clusters and namespaces.
                                                                                                                                                          
 
                                                                                                                                                          
 
                                                                                                                                                          Development Team Leader: Robert
                                                                                                                                                          In the previous steps, Robert has been assigned the read-only permission on all clusters and namespaces. Now, assign the administrator permissions on all namespaces to Robert.
                                                                                                                                                          
 
                                                                                                                                                          Therefore, assign the administrator permissions on all namespaces in all clusters to Robert.
                                                                                                                                                          
diff --git a/docs/cce/umn/cce_10_0247.html b/docs/cce/umn/cce_10_0247.html
index ce64c7d77..e46a73ed5 100644
--- a/docs/cce/umn/cce_10_0247.html
+++ b/docs/cce/umn/cce_10_0247.html
@@ -1,14 +1,14 @@
 
 
 
-  
                                                                                                                                                          Service
                                                                                                                                                          
+  
                                                                                                                                                          Services
                                                                                                                                                          
 
   
                                                                                                                                                          
 
                                                                                                                                                          
 
 
 
diff --git a/docs/cce/umn/cce_10_0248.html b/docs/cce/umn/cce_10_0248.html
index 9d275f3d3..09b226037 100644
--- a/docs/cce/umn/cce_10_0248.html
+++ b/docs/cce/umn/cce_10_0248.html
@@ -4,7 +4,7 @@
 
                                                                                                                                                          
 
                                                                                                                                                          
 
 
 
                                                                                                                                                          
-
                                                                                                                                                          Parent topic: Network
                                                                                                                                                          
+
                                                                                                                                                          Parent topic: Networking
                                                                                                                                                          
 
                                                                                                                                                          
 
                                                                                                                                                          
 
diff --git a/docs/cce/umn/cce_10_0249.html b/docs/cce/umn/cce_10_0249.html
index 17b0de3b4..d02e0f79e 100644
--- a/docs/cce/umn/cce_10_0249.html
+++ b/docs/cce/umn/cce_10_0249.html
@@ -1,30 +1,117 @@
 
 
-
                                                                                                                                                          Overview
                                                                                                                                                          
-
                                                                                                                                                          Direct Access to a Pod
                                                                                                                                                          After a pod is created, accessing it directly can result in certain problems:
                                                                                                                                                          
-
                                                                                                                                                          • The pod can be deleted and recreated at any time by a controller such as a Deployment. If the pod is recreated, access to it may fail.
                                                                                                                                                          • An IP address cannot be assigned to a pod until the pod is started. Before the pod is started, its IP address is unknown.
                                                                                                                                                          • Applications usually run on multiple pods that use the same image. Accessing pods one by one is not efficient.
                                                                                                                                                          
-
                                                                                                                                                          For example, Deployments are used to deploy the frontend and backend of an application. The frontend calls the backend for computing, as shown in Figure 1. Three pods are running in the backend, and they are independent and replaceable. When a backend pod is recreated, the new pod is assigned a new IP address, but the frontend pod is unaware of this change.
                                                                                                                                                          
-
                                                                                                                                                          Figure 1 Inter-pod access
                                                                                                                                                          
-
                                                                                                                                                          
-
                                                                                                                                                          Using Services for Pod Access
                                                                                                                                                          Kubernetes Services are used to solve the preceding pod access problems. A Service has a fixed IP address. (When you create a CCE cluster, you need to specify a Service CIDR block, which is used to allocate IP addresses to Services.) A Service distributes requests across pods based on labels and balances the loads for these pods.
                                                                                                                                                          
-
                                                                                                                                                          In the preceding example, a Service is created for the frontend pod to access the backend pods. In this way, the frontend pod does not need to be aware of the changes on backend pods, as shown in Figure 2.
                                                                                                                                                          
-
                                                                                                                                                          Figure 2 Accessing pods through a Service
                                                                                                                                                          
-
                                                                                                                                                          
-
                                                                                                                                                          Service Types
                                                                                                                                                          Kubernetes allows you to specify a Service of a required type. The values and actions of different types of Services are as follows:
                                                                                                                                                          
-
                                                                                                                                                          • ClusterIP
                                                                                                                                                            ClusterIP Services allow workloads in the same cluster to use their cluster-internal domain names to access each other.
                                                                                                                                                            
-
                                                                                                                                                          
-
                                                                                                                                                          • NodePort
                                                                                                                                                            A Service is exposed on each node's IP address at a static port (NodePort). A ClusterIP Service, to which the NodePort Service will route, is automatically created. By requesting <NodeIP>:<NodePort>, you can access a NodePort Service from outside the cluster.
                                                                                                                                                            
-
                                                                                                                                                          • LoadBalancer
                                                                                                                                                            LoadBalancer Services can access workloads from the public network through a load balancer, which is more reliable than EIP-based access. LoadBalancer Services are recommended for accessing workloads from outside the cluster.
                                                                                                                                                            
+
                                                                                                                                                            Service Overview
                                                                                                                                                            
+
                                                                                                                                                            In Kubernetes, a Service makes an application running on a set of pods network-accessible. It provides a consistent DNS name for these pods and distributes traffic across them for load balancing. This section describes the basic concepts of Kubernetes Services and provides a comparison of various Service types.
                                                                                                                                                            
+
                                                                                                                                                            Service
                                                                                                                                                            After a pod is created, accessing it directly can result in certain problems:
                                                                                                                                                            
+
                                                                                                                                                            • The pod can be deleted and recreated at any time by a controller such as a Deployment. If the pod is recreated, access to it may fail.
                                                                                                                                                            • An IP address cannot be assigned to a pod until the pod is started. Before the pod is started, its IP address is unknown.
                                                                                                                                                            • Applications usually run on multiple pods that use the same image. Accessing pods one by one is not efficient.
                                                                                                                                                            
+
                                                                                                                                                            For example, a Deployment is used to deploy the frontend and backend of an application. The frontend calls the backend for computing, as shown in Figure 1. Three pods are running in the backend, and they are independent and replaceable. When a backend pod is recreated, the new pod is assigned with a new IP address, but the frontend pod is unaware of this change.
                                                                                                                                                            
+
                                                                                                                                                            Figure 1 Inter-pod access
                                                                                                                                                            
+
                                                                                                                                                            To solve these problems, Kubernetes introduces Services, which provide stable network interfaces and persistent IP addresses for pods. You can set these IP addresses using Service CIDR blocks during cluster creation. The Service CIDR blocks are used to assign IP addresses to Services. A Service uses a label selector to identify its target pods and uses load balancing to evenly distribute traffic among them. This abstraction eliminates the complexity of directly accessing individual pods and enhances both the availability and efficiency of workloads.
                                                                                                                                                            
+
                                                                                                                                                            For the example above, a Service is created for the backend pods and used for the frontend pod to access these backend pods. In this way, the frontend pod remains unaffected by any changes to the backend pods, as shown in Figure 2.
                                                                                                                                                            
+
                                                                                                                                                            Figure 2 Accessing pods through a Service
                                                                                                                                                            
+
                                                                                                                                                            
+
                                                                                                                                                            Endpoint and EndpointSlice
                                                                                                                                                            In Kubernetes, both Endpoints and EndpointSlices are resource objects used to manage the network endpoints of service backend pods.
                                                                                                                                                            
+
                                                                                                                                                            • Endpoints are a traditional resource object for service discovery. An Endpoint is a collection of endpoints of all pods associated with a Service. An Endpoint is automatically created for each Service with a selector defined. It records a list of IP addresses and ports for all matching pods. After a pod is deleted or recreated, its IP address may change. The Endpoint updates the pod IP address and port accordingly to ensure that the Service continues to route traffic to the correct pods.
                                                                                                                                                              Key features of Endpoints include:
                                                                                                                                                              
+
                                                                                                                                                              • Each Endpoint object corresponds to a single Service.
                                                                                                                                                              • Each Endpoint stores the IP addresses and ports of all backend pods associated with the Service.
                                                                                                                                                              • Any change to a pod's status triggers an update to the corresponding Endpoint object.
                                                                                                                                                              • By default, an Endpoint object can hold up to 1000 endpoints. If this limit is exceeded, additional endpoints are truncated and not included in the object.
                                                                                                                                                              
+
                                                                                                                                                            • EndpointSlices are an alternative to the traditional Endpoints API, introduced as an alpha feature in Kubernetes v1.16 and promoted to stable in v1.21. They address the performance limitations of Endpoints in large clusters and manage network endpoints using sharding.
                                                                                                                                                              • Each Service is associated with one or more EndpointSlices.
                                                                                                                                                              • By default, each EndpointSlice can hold up to 100 endpoints. When this limit is exceeded, Kubernetes creates additional EndpointSlices to accommodate the remaining endpoints.
                                                                                                                                                              • Endpoints are grouped by protocol, port, and Service name.
                                                                                                                                                              • EndpointSlices support IPv4, IPv6, and fully qualified domain name (FQDN) address types.
                                                                                                                                                              
 
                                                                                                                                                            
+
                                                                                                                                                            The differences between Endpoint and EndpointSlice objects are listed in the table below.
                                                                                                                                                            
+
+
                                                                                                                                                            
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                            Category
                                                                                                                                                            
+
                                                                                                                                                            Endpoint
                                                                                                                                                            
+
                                                                                                                                                            EndpointSlice
                                                                                                                                                            
+
                                                                                                                                                            Difference
                                                                                                                                                            
+
                                                                                                                                                            Architecture
                                                                                                                                                            
+
                                                                                                                                                            All endpoints are stored in a single object.
                                                                                                                                                            
+
                                                                                                                                                            Endpoints are stored in different shards.
                                                                                                                                                            
+
                                                                                                                                                            An EndpointSlice distributes endpoints in multiple objects.
                                                                                                                                                            
+
                                                                                                                                                            Maximum number of endpoints per object
                                                                                                                                                            
+
                                                                                                                                                            1000
                                                                                                                                                            
+
                                                                                                                                                            100
                                                                                                                                                            
+
                                                                                                                                                            An EndpointSlice supports more endpoints through shards.
                                                                                                                                                            
+
                                                                                                                                                            
+
                                                                                                                                                            Update granularity
                                                                                                                                                            
+
                                                                                                                                                            Full object update required on any change
                                                                                                                                                            
+
                                                                                                                                                            Only affected shards updated
                                                                                                                                                            
+
                                                                                                                                                            When a pod is changed, the EndpointSlice only updates the affected shards.
                                                                                                                                                            
+
                                                                                                                                                            Network traffic
                                                                                                                                                            
+
                                                                                                                                                            High (entire object transmitted on any change)
                                                                                                                                                            
+
                                                                                                                                                            Low (only changed shards transmitted)
                                                                                                                                                            
+
                                                                                                                                                            They have significant differences in large clusters.
                                                                                                                                                            
+
                                                                                                                                                            API resource consumption
                                                                                                                                                            
+
                                                                                                                                                            High
                                                                                                                                                            
+
                                                                                                                                                            Low
                                                                                                                                                            
+
                                                                                                                                                            EndpointSlices reduce etcd pressure.
                                                                                                                                                            
+
                                                                                                                                                            Kubernetes version
                                                                                                                                                            
+
                                                                                                                                                            Supported in all versions
                                                                                                                                                            
+
                                                                                                                                                            (Endpoints will be deprecated in v1.33 and replaced by EndpointSlices.)
                                                                                                                                                            
+
                                                                                                                                                            Introduced in v1.16, stable since v1.21
                                                                                                                                                            
+
                                                                                                                                                            Clusters of earlier versions may not support EndpointSlices.
                                                                                                                                                            
+
                                                                                                                                                            Application scenario
                                                                                                                                                            
+
                                                                                                                                                            Small clusters
                                                                                                                                                            
+
                                                                                                                                                            Large clusters
                                                                                                                                                            
+
                                                                                                                                                            EndpointSlices are designed for high-performance environments.
                                                                                                                                                            
+
                                                                                                                                                            
 
                                                                                                                                                            
-
                                                                                                                                                            externalTrafficPolicy (Service Affinity)
                                                                                                                                                            For a NodePort and LoadBalancer Service, requests are first sent to the node port, then the Service, and finally the pod backing the Service. The backing pod may be not located in the node receiving the requests. By default, the backend workload can be accessed from any node IP address and service port. If the pod is not on the node that receives the request, the request will be redirected to the node where the pod is located, which may cause performance loss.
                                                                                                                                                            
-
                                                                                                                                                            The externalTrafficPolicy parameter in a Service is used to determine whether the external traffic can be routed to the local nodes or cluster-wide endpoints. The following is an example:
                                                                                                                                                            
-
                                                                                                                                                            apiVersion: v1
+
                                                                                                                                                            
+
                                                                                                                                                            Request Forwarding (iptables and IPVS)
                                                                                                                                                            kube-proxy is a key component of a Kubernetes cluster. It is used for load balancing and forwarding data between a Service and its backend pods. CCE supports two iptables and IPVS request forwarding.
                                                                                                                                                            
+
                                                                                                                                                            • iptables is a Linux kernel function for processing and filtering a large number of data packets. It allows flexible sequences of rules to be attached to various hooks in the packet processing pipeline. When iptables is used, kube-proxy implements NAT and load balancing in the NAT pre-routing hook. For each Service, kube-proxy installs an iptables rule which captures the traffic destined for the Service's ClusterIP and ports and redirects the traffic to one of the backend pods. By default, iptables randomly selects a backend pod. For details, see iptables proxy mode.
                                                                                                                                                            • IPVS is constructed on top of Netfilter and balances transport-layer loads as part of the Linux kernel. IPVS can direct requests for TCP- or UDP-based services to the real servers, and make services of the real servers appear as virtual services on a single IP address.
                                                                                                                                                              In the IPVS mode, kube-proxy uses IPVS load balancing instead of iptables. IPVS is designed to balance loads for a large number of Services. It has a set of optimized APIs and uses optimized search algorithms instead of simply searching for rules from a list. For details, see IPVS proxy mode.
                                                                                                                                                              
+
                                                                                                                                                            
+
                                                                                                                                                            For details about the comparison between the iptables and IPVS, see Comparing iptables and IPVS.
                                                                                                                                                            
+
                                                                                                                                                            
+
                                                                                                                                                            Service Affinity (externalTrafficPolicy)
                                                                                                                                                            For a NodePort and LoadBalancer Service, requests are first sent to the node port, then the Service, and finally the pod backing the Service. The backing pod may not be located in the node receiving the requests. By default, the backend workload can be accessed from any node IP address and service port. If the pod is not on the node that receives the request, the request will be redirected to the node where the pod is located, which may cause performance loss.
                                                                                                                                                            
+
                                                                                                                                                            You can configure service affinity using the console or YAML.
                                                                                                                                                            
+
                                                                                                                                                            • Using the console: When creating the NodePort and LoadBalancer Services on the CCE console, you can configure service affinity using the Service Affinity option.
                                                                                                                                                              
+
                                                                                                                                                              
+
                                                                                                                                                            
+
                                                                                                                                                            • Using YAML: The externalTrafficPolicy parameter in a Service is used to determine whether the external traffic can be routed to the local nodes or cluster-wide endpoints. The following is an example:
                                                                                                                                                              apiVersion: v1
 kind: Service
 metadata:
   name: nginx-nodeport
 spec:
-  externalTrafficPolicy: Local
+  externalTrafficPolicy: Local #  Service affinity
   ports:
   - name: service
     nodePort: 30000
@@ -34,63 +121,104 @@ spec:
   selector:
     app: nginx
   type: NodePort
                                                                                                                                                              
-
                                                                                                                                                              If the value of externalTrafficPolicy is Local, requests sent from Node IP address:Service port will be forwarded only to the pod on the local node. If the node does not have a pod, the requests are suspended.
                                                                                                                                                              
-
                                                                                                                                                              If the value of externalTrafficPolicy is Cluster, requests are forwarded within the cluster and the backend workload can be accessed from any node IP address and service port.
                                                                                                                                                              
-
                                                                                                                                                              If externalTrafficPolicy is not set, the default value Cluster will be used.
                                                                                                                                                              
-
                                                                                                                                                              When creating a NodePort on the CCE console, you can configure this parameter using the Service Affinity option.
                                                                                                                                                              
-
                                                                                                                                                              The following table compares the two options of externalTrafficPolicy.
                                                                                                                                                              
+
                                                                                                                                                              • If the value of externalTrafficPolicy is Local, requests sent from Node IP address:Service port will be forwarded only to the pod on the local node. If the node does not have a pod, the requests are suspended.
                                                                                                                                                              • If the value of externalTrafficPolicy is Cluster, requests are forwarded within the cluster and the backend workload can be accessed from any node IP address and service port.
                                                                                                                                                              • If externalTrafficPolicy is not set, the default value Cluster will be used.
                                                                                                                                                              
+
                                                                                                                                                            
+
                                                                                                                                                            The table below compares the two options of service affinity (externalTrafficPolicy).
                                                                                                                                                            
 
-
                                                                                                                                                            Table 1 Comparison of the two types of service affinity
                                                                                                                                                            Dimension
                                                                                                                                                            
+
                                                                                                                                                            
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
                                                                                                                                                            Table 1 Comparison of the two types of service affinity
                                                                                                                                                            Category
                                                                                                                                                            
 
                                                                                                                                                            externalTrafficPolicy (Service Affinity)
                                                                                                                                                            
+
                                                                                                                                                            Cluster-level (Cluster)
                                                                                                                                                            
 
                                                                                                                                                            Cluster-level (Cluster)
                                                                                                                                                            
-
                                                                                                                                                            Node-level (Local)
                                                                                                                                                            
+
                                                                                                                                                            Node-level (Local)
                                                                                                                                                            
                                                                                                                                                             		
 
                                                                                                                                                            
 
                                                                                                                                                            Application scenario
                                                                                                                                                            
+
                                                                                                                                                            Application scenario
                                                                                                                                                            
 
                                                                                                                                                            This mode applies to scenarios where high performance is not required and the source IP address of the client does not need to be retained. This mode brings more balanced load to each node in the cluster.
                                                                                                                                                            
+
                                                                                                                                                            This mode applies to scenarios where high performance is not required and the source IP address of the client does not need to be retained. This mode brings more balanced load to each node in the cluster.
                                                                                                                                                            
 
                                                                                                                                                            This mode applies to scenarios where high performance is required and the source IP address of the client needs to be retained. However, traffic is forwarded only to the node where the container resides, and source IP address translation is not performed.
                                                                                                                                                            
+
                                                                                                                                                            This mode applies to scenarios where high performance is required and the source IP address of the client needs to be retained. However, traffic is forwarded only to the node where the container resides, and source IP address translation is not performed.
                                                                                                                                                            
                                                                                                                                                             		
 
                                                                                                                                                            Access mode
                                                                                                                                                            
+
                                                                                                                                                            Access mode
                                                                                                                                                            
 
                                                                                                                                                            The IP addresses and access ports of all nodes in a cluster can access the workload associated with the Service.
                                                                                                                                                            
+
                                                                                                                                                            The IP addresses and access ports of all nodes in a cluster can access the workload associated with the Service.
                                                                                                                                                            
 
                                                                                                                                                            Only the IP address and access port of the node where the workload is located can access the workload associated with the Service.
                                                                                                                                                            
+
                                                                                                                                                            Only the IP address and access port of the node where the workload is located can access the workload associated with the Service.
                                                                                                                                                            
                                                                                                                                                             		
 
                                                                                                                                                            Obtaining client source IP address
                                                                                                                                                            
+
                                                                                                                                                            Obtaining client source IP address
                                                                                                                                                            
 
                                                                                                                                                            The source IP address of the client cannot be obtained.
                                                                                                                                                            
+
                                                                                                                                                            The source IP address of the client cannot be obtained.
                                                                                                                                                            
 
                                                                                                                                                            The source IP address of the client can be obtained.
                                                                                                                                                            
+
                                                                                                                                                            The source IP address of the client can be obtained.
                                                                                                                                                            
                                                                                                                                                             		
 
                                                                                                                                                            Access performance
                                                                                                                                                            
+
                                                                                                                                                            Access performance
                                                                                                                                                            
 
                                                                                                                                                            Service access will cause performance loss due to route redirection, and the next hop for a data packet may be another node.
                                                                                                                                                            
+
                                                                                                                                                            Service access will cause performance loss due to route redirection, and the next hop for a data packet may be another node.
                                                                                                                                                            
 
                                                                                                                                                            Service access will not cause performance loss due to route redirection.
                                                                                                                                                            
+
                                                                                                                                                            Service access will not cause performance loss due to route redirection.
                                                                                                                                                            
                                                                                                                                                             		
 
                                                                                                                                                            Load balancing
                                                                                                                                                            
+
                                                                                                                                                            Load balancing
                                                                                                                                                            
 
                                                                                                                                                            Traffic propagation has good overall load balancing.
                                                                                                                                                            
+
                                                                                                                                                            Traffic propagation has good overall load balancing.
                                                                                                                                                            
 
                                                                                                                                                            There is a potential risk of unbalanced traffic propagation.
                                                                                                                                                            
+
                                                                                                                                                            There is a potential risk of unbalanced traffic propagation.
                                                                                                                                                            
                                                                                                                                                             		
 
                                                                                                                                                            Other special case
                                                                                                                                                            
+
                                                                                                                                                            Other special case
                                                                                                                                                            
 
                                                                                                                                                            None
                                                                                                                                                            
+
                                                                                                                                                            None
                                                                                                                                                            
 
                                                                                                                                                            In different container network models and service forwarding modes, accessing Services from within the cluster may fail. For details, see Why a Service Fail to Be Accessed from Within the Cluster.
                                                                                                                                                            
+
                                                                                                                                                            In different container network models and service forwarding modes, accessing Services from within the cluster may fail. For details, see Why a Service Fail to Be Accessed from Within the Cluster.
                                                                                                                                                            
+
                                                                                                                                                            
+
                                                                                                                                                            
+
+
                                                                                                                                                            Service Types
                                                                                                                                                            You can create a specified type of Service in a cluster. The description and application scenarios of different types of Services are listed in the table below.
                                                                                                                                                            
+
+
                                                                                                                                                            
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
@@ -108,132 +236,132 @@ nginx   LoadBalancer   10.247.76.156   
 
                                                                                                                                                            When the value of externalTrafficPolicy is Local, the access failures in different container network models and service forwarding modes are as follows:
                                                                                                                                                             
                                                                                                                                                            • For a multi-pod workload, ensure that all pods are accessible. Otherwise, there is a possibility that the access to the workload fails.
                                                                                                                                                            • In a CCE Turbo cluster that utilizes Cloud Native Network 2.0, node-level affinity is supported only when the Service backend is connected to a hostNetwork pod.
                                                                                                                                                            • The table lists only the scenarios where the access may fail. Other scenarios that are not listed in the table indicate that the access is normal.
                                                                                                                                                            
 
                                                                                                                                                            
 
-
                                                                                                                                                            Service Type
                                                                                                                                                            
+
                                                                                                                                                            Description
                                                                                                                                                            
+
                                                                                                                                                            Application Scenario
                                                                                                                                                            
+
                                                                                                                                                            ClusterIP
                                                                                                                                                            
+
                                                                                                                                                            ClusterIP Services are the default type of Kubernetes Services. They assign a virtual IP address, accessible only with the cluster, from the cluster's Service CIDR block.
                                                                                                                                                            
+
                                                                                                                                                            Services that only need to communicate with each other within a cluster and do not need to be exposed outside the cluster.
                                                                                                                                                            
+
                                                                                                                                                            For example, if a frontend application pod in a cluster needs to access a backend database in the same cluster, you can create a ClusterIP Service for the backend database to ensure that the backend database can be accessed only within the cluster.
                                                                                                                                                            
+
                                                                                                                                                            NodePort
                                                                                                                                                            
+
                                                                                                                                                            A NodePort Service opens a port on each node in a cluster to allow external traffic to access the Service through <node-IP-address>:<node-port>.
                                                                                                                                                            
+
                                                                                                                                                            Scenarios where temporary or low-traffic access is required.
                                                                                                                                                            
+
                                                                                                                                                            For example, in a testing environment, you can use a NodePort Service when deploying and debugging a web application.
                                                                                                                                                            
+
                                                                                                                                                            LoadBalancer
                                                                                                                                                            
+
                                                                                                                                                            A LoadBalancer Service adds an external load balancer on the top of a NodePort Service and distributes external traffic to multiple pods within a cluster. It automatically assigns an external IP address to allow clients to access the Service through this IP address. LoadBalancer Services process TCP and UDP traffic at Layer 4 (transport layer) of the OSI model. They can be extended to support Layer 7 (application layer) capabilities to manage HTTP and HTTPS traffic.
                                                                                                                                                            
+
                                                                                                                                                            Cloud applications that require a stable, easy-to-manage entry for external access.
                                                                                                                                                            
+
                                                                                                                                                            For example, in a production environment, you can use LoadBalancer Services to expose public-facing services such as web applications and API services to the Internet. These services often need to handle high volumes of external traffic while maintaining high availability.
                                                                                                                                                            
+
                                                                                                                                                            Headless Service
                                                                                                                                                            
+
                                                                                                                                                            For headless Services, no cluster IP address is allocated. When a client attempts to access a backend pod and performs a DNS query for the Service, it receives a list of the IP addresses of the backend pods. This allows the client to communicate directly with individual pods.
                                                                                                                                                            
+
                                                                                                                                                            Applications that require direct communication with specific backend pods instead of using proxies or load balancers.
                                                                                                                                                            
+
                                                                                                                                                            For example, when you deploy a stateful application (such as a ClickHouse database), you can use a headless Service. It allows application pods to directly access each ClickHouse pod and enables targeted read and write operations. This enhances overall data processing efficiency.
                                                                                                                                                            
                                                                                                                                                             		
 
                                                                                                                                                            
 
                                                                                                                                                            Service Type Released on the Server
                                                                                                                                                            
+
                                                                                                                                                            
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@@ -241,53 +369,16 @@ nginx   LoadBalancer   10.247.76.156   
 
 
 
                                                                                                                                                            The following methods can be used to solve this problem:
                                                                                                                                                            
-
                                                                                                                                                            • (Recommended) In the cluster, use the ClusterIP Service or service domain name for access.
                                                                                                                                                            • Set externalTrafficPolicy of the Service to Cluster, which means cluster-level service affinity. Note that this affects source address persistence.
                                                                                                                                                              apiVersion: v1 
-kind: Service
-metadata: 
-  annotations:   
-    kubernetes.io/elb.class: union
-    kubernetes.io/elb.autocreate: '{"type":"public","bandwidth_name":"cce-bandwidth","bandwidth_chargemode":"traffic","bandwidth_size":5,"bandwidth_sharetype":"PER","eip_type":"5_bgp","name":"james"}'
-  labels: 
-    app: nginx 
-  name: nginx 
-spec: 
-  externalTrafficPolicy: Cluster
-  ports: 
-  - name: service0 
-    port: 80
-    protocol: TCP 
-    targetPort: 80
-  selector: 
-    app: nginx 
-  type: LoadBalancer
                                                                                                                                                              
-
                                                                                                                                                            • Leveraging the pass-through feature of the Service, kube-proxy is bypassed when the ELB address is used for access. The ELB load balancer is accessed first, and then the workload. For details, see Configuring Passthrough Networking for a LoadBalancer Service.
                                                                                                                                                               
                                                                                                                                                              • In a CCE standard cluster, after passthrough networking is configured for a dedicated load balancer, the private IP address of the load balancer cannot be accessed from the node where the workload pod resides or other containers on the same node as the workload.
                                                                                                                                                              • Passthrough networking is not supported for clusters of  or earlier.
                                                                                                                                                              • In IPVS network mode, the passthrough settings of Services connected to the same load balancer must be the same.
                                                                                                                                                              • If node-level (local) service affinity is used, kubernetes.io/elb.pass-through is automatically set to onlyLocal to enable pass-through.
                                                                                                                                                              
+
                                                                                                                                                              • (Recommended) In the cluster, use the ClusterIP Service or service domain name for access.
                                                                                                                                                              • Set externalTrafficPolicy of the Service to Cluster, which means cluster-level service affinity. Note that this affects source address persistence.
                                                                                                                                                                Assume that the Service name is my-service and it is in the default namespace. The kubectl command example is as follows:
                                                                                                                                                                
+
                                                                                                                                                                kubectl patch service my-service -n default --type='merge' -p '{"spec":{"externalTrafficPolicy":"Cluster"}}'
                                                                                                                                                                
+
                                                                                                                                                              • Leveraging the pass-through feature of the Service, kube-proxy is bypassed when the ELB address is used for access. The ELB load balancer is accessed first, and then the workload. For details, see Configuring Passthrough Networking for a LoadBalancer Service.
                                                                                                                                                                 
                                                                                                                                                                • In a CCE standard cluster, after passthrough networking is configured using a dedicated load balancer, the private IP address of the load balancer cannot be accessed from the node where the workload pod resides or other pods on the same node as the workload.
                                                                                                                                                                • Passthrough networking is not supported for clusters of v1.15 or earlier.
                                                                                                                                                                • In IPVS network mode, the passthrough settings of Services connected to the same load balancer must be the same.
                                                                                                                                                                • If node-level (local) service affinity is used, kubernetes.io/elb.pass-through is automatically set to onlyLocal to enable pass-through.
                                                                                                                                                                
 
                                                                                                                                                                
-
                                                                                                                                                                apiVersion: v1 
-kind: Service 
-metadata: 
-  annotations:   
-    kubernetes.io/elb.pass-through: "true"
-    kubernetes.io/elb.class: union
-    kubernetes.io/elb.autocreate: '{"type":"public","bandwidth_name":"cce-bandwidth","bandwidth_chargemode":"traffic","bandwidth_size":5,"bandwidth_sharetype":"PER","eip_type":"5_bgp","name":"james"}'
-  labels: 
-    app: nginx 
-  name: nginx 
-spec: 
-  externalTrafficPolicy: Local
-  ports: 
-  - name: service0 
-    port: 80
-    protocol: TCP 
-    targetPort: 80
-  selector: 
-    app: nginx 
-  type: LoadBalancer
                                                                                                                                                                
 
                                                                                                                                                              
 
                                                                                                                                                              
 
                                                                                                                                                              
 
                                                                                                                                                              
 
                                                                                                                                                              
-
                                                                                                                                                              Parent topic: Service
                                                                                                                                                              
+
                                                                                                                                                              Parent topic: Services
                                                                                                                                                              
 
                                                                                                                                                              
 
                                                                                                                                                              
 
diff --git a/docs/cce/umn/cce_10_0251.html b/docs/cce/umn/cce_10_0251.html
index 44722b38d..833bf530f 100644
--- a/docs/cce/umn/cce_10_0251.html
+++ b/docs/cce/umn/cce_10_0251.html
@@ -4,12 +4,12 @@
 
                                                                                                                                                              In Kubernetes, an ingress is a resource object that controls how Services within a cluster can be accessed from outside the cluster. You can use ingresses to configure different forwarding rules to access pods in a cluster. The following uses an Nginx workload as an example to describe how to create a LoadBalancer ingress on the console.
                                                                                                                                                              
 
                                                                                                                                                              Prerequisites
                                                                                                                                                              
 
                                                                                                                                                              
-
                                                                                                                                                              Notes and Constraints
                                                                                                                                                              • It is recommended that other resources not use the load balancer automatically created by an ingress. Otherwise, the load balancer will be occupied when the ingress is deleted, resulting in residual resources.
                                                                                                                                                              • After an ingress is created, upgrade and maintain the configuration of the selected load balancers on the CCE console. Do not modify the configuration on the ELB console. Otherwise, the ingress service may be abnormal.
                                                                                                                                                              • The URL registered in an ingress forwarding policy must be the same as the URL used to access the backend Service. Otherwise, a 404 error will be returned.
                                                                                                                                                              • If you have an IPVS-backed cluster and use the same ELB load balancer for both the ingress and Service in the same cluster or for the Service ports in different clusters, you will not be able to access the ingress from the nodes or containers in the cluster, or the Service ports in other clusters. This is because kube-proxy mounts the LoadBalancer Service address to the ipvs-0 bridge, which intercepts the load balancer traffic. Use separate load balancers for these ingresses and Services.
                                                                                                                                                              • A dedicated load balancer must be of the application type (HTTP/HTTPS) and support private networks (with a private IP address).
                                                                                                                                                              • If multiple ingresses access the same ELB port in a cluster, the listener configuration items (such as the certificate associated with the listener and the HTTP/2 attribute of the listener) are subject to the configuration of the first ingress.
                                                                                                                                                              
+
                                                                                                                                                              Notes and Constraints
                                                                                                                                                              • Only clusters of v1.17 or later support dedicated load balancers.
                                                                                                                                                              • It is recommended that other resources not use the load balancer automatically created by an ingress. Otherwise, the load balancer will be occupied when the ingress is deleted, resulting in residual resources.
                                                                                                                                                              • After an ingress is created, upgrade and maintain the configuration of the selected load balancers on the CCE console. Do not modify the configuration on the ELB console. Otherwise, the ingress service may be abnormal.
                                                                                                                                                              • The URL registered in an ingress forwarding policy must be the same as the URL used to access the backend Service. Otherwise, a 404 error will be returned.
                                                                                                                                                              • In an IPVS cluster, if the LoadBalancer ingress and Service share the same load balancer, the ingress cannot be accessed from within the cluster's nodes and containers. This is because kube-proxy binds the LoadBalancer Service address to the ipvs-0 bridge, which intercepts the ELB traffic. Use different load balancers for the LoadBalancer ingress and Service.
                                                                                                                                                              • A dedicated load balancer must be of the application type (HTTP/HTTPS) and support private networks (with a private IP address).
                                                                                                                                                              • If multiple ingresses access the same ELB port in a cluster, the listener configuration items (such as the certificate associated with the listener and the HTTP/2 attribute of the listener) are subject to the configuration of the first ingress.
                                                                                                                                                              
 
                                                                                                                                                              
 
                                                                                                                                                              Adding a LoadBalancer Ingress
                                                                                                                                                              This section uses an Nginx workload as an example to describe how to add a LoadBalancer ingress.
                                                                                                                                                              
-
                                                                                                                                                              1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                              2. Choose Services & Ingresses in the navigation pane, click the Ingresses tab, and click Create Ingress in the upper right corner.
                                                                                                                                                              3. Configure ingress parameters.
                                                                                                                                                                • Name: Customize the name of an ingress, for example, ingress-demo.
                                                                                                                                                                • Interconnect with Nginx: This option is displayed only after the NGINX Ingress Controller add-on is installed. If this option is available, the NGINX Ingress Controller add-on has been installed. Enabling this option will create an Nginx ingress. Disable it if you want to create a LoadBalancer ingress. For details, see Creating an Nginx Ingress on the Console.
                                                                                                                                                                • Protocol Version: Select a protocol version of the LoadBalancer ingress. This parameter is only available for IPv4/IPv6 dual-stack clusters.
                                                                                                                                                                • Load Balancer: Select a load balancer type and creation mode.
                                                                                                                                                                  A load balancer can be dedicated or shared. A dedicated load balancer must be of the application type (HTTP/HTTPS) and support private networks.
                                                                                                                                                                  
+
                                                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                  2. Choose Services & Ingresses in the navigation pane, click the Ingresses tab, and click Create Ingress in the upper right corner.
                                                                                                                                                                  3. Configure ingress parameters.
                                                                                                                                                                    • Name: Customize the name of an ingress, for example, ingress-demo.
                                                                                                                                                                    • Interconnect with Nginx: This option is displayed only after the NGINX Ingress Controller add-on is installed. If this option is available, the NGINX Ingress Controller add-on has been installed. Enabling this option will create an Nginx ingress. Disable it if you want to create a LoadBalancer ingress. For details, see Creating an Nginx Ingress on the Console.
                                                                                                                                                                    • Protocol Version: Select a protocol version of the LoadBalancer ingress. This parameter is only available for IPv4/IPv6 dual-stack clusters.
                                                                                                                                                                    • Load Balancer: Select a load balancer type and creation mode.
                                                                                                                                                                      A load balancer can be dedicated or shared. A dedicated load balancer must be of the application type (HTTP/HTTPS) and support private networks.
                                                                                                                                                                      
 
                                                                                                                                                                      You can select Use existing or Auto create to obtain a load balancer. For details about the configuration of different creation modes, see Table 1.
-
                                                                                                                                                            Service Type Released on the Server
                                                                                                                                                            
 
                                                                                                                                                            Access Type
                                                                                                                                                            
+
                                                                                                                                                            Access Type
                                                                                                                                                            
 
                                                                                                                                                            Request Initiation Location on the Client
                                                                                                                                                            
+
                                                                                                                                                            Request Initiation Location on the Client
                                                                                                                                                            
 
                                                                                                                                                            Tunnel Network Cluster (IPVS)
                                                                                                                                                            
+
                                                                                                                                                            Tunnel Network Cluster (IPVS)
                                                                                                                                                            
 
                                                                                                                                                            VPC Network Cluster (IPVS)
                                                                                                                                                            
+
                                                                                                                                                            VPC Network Cluster (IPVS)
                                                                                                                                                            
 
                                                                                                                                                            Tunnel Network Cluster (iptables)
                                                                                                                                                            
+
                                                                                                                                                            Tunnel Network Cluster (iptables)
                                                                                                                                                            
 
                                                                                                                                                            VPC Network Cluster (iptables)
                                                                                                                                                            
+
                                                                                                                                                            VPC Network Cluster (iptables)
                                                                                                                                                            
                                                                                                                                                             		
 
                                                                                                                                                            
 
                                                                                                                                                            NodePort Service
                                                                                                                                                            
+
                                                                                                                                                            NodePort Service
                                                                                                                                                            
 
                                                                                                                                                            Public/Private network
                                                                                                                                                            
+
                                                                                                                                                            Public/Private network
                                                                                                                                                            
 
                                                                                                                                                            Same node as the service pod
                                                                                                                                                            
+
                                                                                                                                                            Same node as the service pod
                                                                                                                                                            
 
                                                                                                                                                            Access the IP address and NodePort on the node where the server is located: The access is successful.
                                                                                                                                                            
+
                                                                                                                                                            Access the IP address and NodePort on the node where the server is located: The access is successful.
                                                                                                                                                            
 
                                                                                                                                                            Access the IP address and NodePort on a node other than the node where the server is located: The access failed.
                                                                                                                                                            
 
                                                                                                                                                            Access the IP address and NodePort on the node where the server is located: The access is successful.
                                                                                                                                                            
+
                                                                                                                                                            Access the IP address and NodePort on the node where the server is located: The access is successful.
                                                                                                                                                            
 
                                                                                                                                                            Access the IP address and NodePort on a node other than the node where the server is located: The access failed.
                                                                                                                                                            
 
                                                                                                                                                            Access the IP address and NodePort on the node where the server is located: The access is successful.
                                                                                                                                                            
+
                                                                                                                                                            Access the IP address and NodePort on the node where the server is located: The access is successful.
                                                                                                                                                            
 
                                                                                                                                                            Access the IP address and NodePort on a node other than the node where the server is located: The access failed.
                                                                                                                                                            
 
                                                                                                                                                            Access the IP address and NodePort on the node where the server is located: The access is successful.
                                                                                                                                                            
+
                                                                                                                                                            Access the IP address and NodePort on the node where the server is located: The access is successful.
                                                                                                                                                            
 
                                                                                                                                                            Access the IP address and NodePort on a node other than the node where the server is located: The access failed.
                                                                                                                                                            
                                                                                                                                                             		
 
                                                                                                                                                            Different nodes from the service pod
                                                                                                                                                            
+
                                                                                                                                                            Different nodes from the service pod
                                                                                                                                                            
 
                                                                                                                                                            Access the IP address and NodePort on the node where the server is located: The access is successful.
                                                                                                                                                            
+
                                                                                                                                                            Access the IP address and NodePort on the node where the server is located: The access is successful.
                                                                                                                                                            
 
                                                                                                                                                            Access the IP address and NodePort on a node other than the node where the server is located: The access failed.
                                                                                                                                                            
 
                                                                                                                                                            Access the IP address and NodePort on the node where the server is located: The access is successful.
                                                                                                                                                            
+
                                                                                                                                                            Access the IP address and NodePort on the node where the server is located: The access is successful.
                                                                                                                                                            
 
                                                                                                                                                            Access the IP address and NodePort on a node other than the node where the server is located: The access failed.
                                                                                                                                                            
 
                                                                                                                                                            The access is successful.
                                                                                                                                                            
+
                                                                                                                                                            The access is successful.
                                                                                                                                                            
 
                                                                                                                                                            The access is successful.
                                                                                                                                                            
+
                                                                                                                                                            The access is successful.
                                                                                                                                                            
                                                                                                                                                             		
 
                                                                                                                                                            Other containers on the same node as the service pod
                                                                                                                                                            
+
                                                                                                                                                            Other containers on the same node as the service pod
                                                                                                                                                            
 
                                                                                                                                                            Access the IP address and NodePort on the node where the server is located: The access is successful.
                                                                                                                                                            
+
                                                                                                                                                            Access the IP address and NodePort on the node where the server is located: The access is successful.
                                                                                                                                                            
 
                                                                                                                                                            Access the IP address and NodePort on a node other than the node where the server is located: The access failed.
                                                                                                                                                            
 
                                                                                                                                                            The access failed.
                                                                                                                                                            
+
                                                                                                                                                            The access failed.
                                                                                                                                                            
 
                                                                                                                                                            Access the IP address and NodePort on the node where the server is located: The access is successful.
                                                                                                                                                            
+
                                                                                                                                                            Access the IP address and NodePort on the node where the server is located: The access is successful.
                                                                                                                                                            
 
                                                                                                                                                            Access the IP address and NodePort on a node other than the node where the server is located: The access failed.
                                                                                                                                                            
 
                                                                                                                                                            The access failed.
                                                                                                                                                            
+
                                                                                                                                                            The access failed.
                                                                                                                                                            
                                                                                                                                                             		
 
                                                                                                                                                            Other containers on different nodes from the service pod
                                                                                                                                                            
+
                                                                                                                                                            Other containers on different nodes from the service pod
                                                                                                                                                            
 
                                                                                                                                                            Access the IP address and NodePort on the node where the server is located: The access is successful.
                                                                                                                                                            
+
                                                                                                                                                            Access the IP address and NodePort on the node where the server is located: The access is successful.
                                                                                                                                                            
 
                                                                                                                                                            Access the IP address and NodePort on a node other than the node where the server is located: The access failed.
                                                                                                                                                            
 
                                                                                                                                                            Access the IP address and NodePort on the node where the server is located: The access is successful.
                                                                                                                                                            
+
                                                                                                                                                            Access the IP address and NodePort on the node where the server is located: The access is successful.
                                                                                                                                                            
 
                                                                                                                                                            Access the IP address and NodePort on a node other than the node where the server is located: The access failed.
                                                                                                                                                            
 
                                                                                                                                                            Access the IP address and NodePort on the node where the server is located: The access is successful.
                                                                                                                                                            
+
                                                                                                                                                            Access the IP address and NodePort on the node where the server is located: The access is successful.
                                                                                                                                                            
 
                                                                                                                                                            Access the IP address and NodePort on a node other than the node where the server is located: The access failed.
                                                                                                                                                            
 
                                                                                                                                                            Access the IP address and NodePort on the node where the server is located: The access is successful.
                                                                                                                                                            
+
                                                                                                                                                            Access the IP address and NodePort on the node where the server is located: The access is successful.
                                                                                                                                                            
 
                                                                                                                                                            Access the IP address and NodePort on a node other than the node where the server is located: The access failed.
                                                                                                                                                            
                                                                                                                                                             		
 
                                                                                                                                                            LoadBalancer Service using a dedicated load balancer
                                                                                                                                                            
+
                                                                                                                                                            LoadBalancer Service using a shared load balancer
                                                                                                                                                            
 
                                                                                                                                                            Private network
                                                                                                                                                            
+
                                                                                                                                                            Private network
                                                                                                                                                            
 
                                                                                                                                                            Same node as the service pod
                                                                                                                                                            
+
                                                                                                                                                            Same node as the service pod
                                                                                                                                                            
 
                                                                                                                                                            The access failed.
                                                                                                                                                            
+
                                                                                                                                                            The access failed.
                                                                                                                                                            
 
                                                                                                                                                            The access failed.
                                                                                                                                                            
+
                                                                                                                                                            The access failed.
                                                                                                                                                            
 
                                                                                                                                                            The access failed.
                                                                                                                                                            
+
                                                                                                                                                            The access failed.
                                                                                                                                                            
 
                                                                                                                                                            The access failed.
                                                                                                                                                            
+
                                                                                                                                                            The access failed.
                                                                                                                                                            
                                                                                                                                                             		
 
                                                                                                                                                            Other containers on the same node as the service pod
                                                                                                                                                            
+
                                                                                                                                                            Other containers on the same node as the service pod
                                                                                                                                                            
 
                                                                                                                                                            The access failed.
                                                                                                                                                            
+
                                                                                                                                                            The access failed.
                                                                                                                                                            
 
                                                                                                                                                            The access failed.
                                                                                                                                                            
+
                                                                                                                                                            The access failed.
                                                                                                                                                            
 
                                                                                                                                                            The access failed.
                                                                                                                                                            
+
                                                                                                                                                            The access failed.
                                                                                                                                                            
 
                                                                                                                                                            The access failed.
                                                                                                                                                            
+
                                                                                                                                                            The access failed.
                                                                                                                                                            
                                                                                                                                                             		
 
                                                                                                                                                            LoadBalancer Service using a Dedicated load balancer (Local) for interconnection with NGINX Ingress Controller
                                                                                                                                                            
+
                                                                                                                                                            LoadBalancer Service using a Dedicated load balancer (Local) for interconnection with NGINX Ingress Controller
                                                                                                                                                            
 
                                                                                                                                                            Private network
                                                                                                                                                            
+
                                                                                                                                                            Private network
                                                                                                                                                            
 
                                                                                                                                                            Same node as cceaddon-nginx-ingress-controller pod
                                                                                                                                                            
+
                                                                                                                                                            Same node as cceaddon-nginx-ingress-controller pod
                                                                                                                                                            
 
                                                                                                                                                            The access failed.
                                                                                                                                                            
+
                                                                                                                                                            The access failed.
                                                                                                                                                            
 
                                                                                                                                                            The access failed.
                                                                                                                                                            
+
                                                                                                                                                            The access failed.
                                                                                                                                                            
 
                                                                                                                                                            The access failed.
                                                                                                                                                            
+
                                                                                                                                                            The access failed.
                                                                                                                                                            
 
                                                                                                                                                            The access failed.
                                                                                                                                                            
+
                                                                                                                                                            The access failed.
                                                                                                                                                            
                                                                                                                                                             		
 
                                                                                                                                                            Other containers on the same node as the cceaddon-nginx-ingress-controller pod
                                                                                                                                                            
+
                                                                                                                                                            Other containers on the same node as the cceaddon-nginx-ingress-controller pod
                                                                                                                                                            
 
                                                                                                                                                            The access failed.
                                                                                                                                                            
+
                                                                                                                                                            The access failed.
                                                                                                                                                            
 
                                                                                                                                                            The access failed.
                                                                                                                                                            
+
                                                                                                                                                            The access failed.
                                                                                                                                                            
 
                                                                                                                                                            The access failed.
                                                                                                                                                            
+
                                                                                                                                                            The access failed.
                                                                                                                                                            
 
                                                                                                                                                            The access failed.
                                                                                                                                                            
+
                                                                                                                                                            The access failed.
                                                                                                                                                            
                                                                                                                                                             		
 
                                                                                                                                                            
 
                                                                                                                                                            
-
-
-
-
-
-
@@ -86,11 +86,11 @@
 
                                                                                                                                                            Table 1 Load balancer configurations
                                                                                                                                                            How to Create
                                                                                                                                                            
+
                                                                                                                                                            
@@ -22,15 +22,15 @@
 
-
                                                                                                                                                            Table 1 Load balancer configuration
                                                                                                                                                            How to Create
                                                                                                                                                            
                                                                                                                                                             		
 
                                                                                                                                                            Configuration
                                                                                                                                                            
 
                                                                                                                                                            
 
                                                                                                                                                            Auto create
                                                                                                                                                            
 
                                                                                                                                                            • Instance Name: Enter a load balancer name.
                                                                                                                                                            • AZ: available only to dedicated load balancers. You can create load balancers in multiple AZs to improve service availability. You can deploy a load balancer in multiple AZs for high availability.
                                                                                                                                                            • Frontend Subnet: available only to dedicated load balancers. It is used to allocate IP addresses for load balancers to provide services externally.
                                                                                                                                                            • Backend Subnet: available only to dedicated load balancers. It is used to allocate IP addresses for load balancers to access the backend service.
                                                                                                                                                            • Network Specifications, Application-oriented Specifications, or Specifications (available only to dedicated load balancers)
                                                                                                                                                              • Elastic: applies to fluctuating traffic, billed based on total traffic. Clusters of v1.21.10-r10, v1.23.8-r10, v1.25.3-r10, and later versions support elastic specifications.
                                                                                                                                                              • Fixed: applies to stable traffic, billed based on specifications.
                                                                                                                                                              
-
                                                                                                                                                            • EIP: If you select Auto create, you can configure the size of the public network bandwidth.
                                                                                                                                                            • Resource Tag: You can add resource tags to classify resources. You can create predefined tags on the TMS console. These tags are available to all resources that support tags. You can use these tags to improve the tag creation and resource migration efficiency.
                                                                                                                                                            
+
                                                                                                                                                            • Instance Name: Enter a load balancer name.
                                                                                                                                                            • AZ: available only to dedicated load balancers. You can create load balancers in multiple AZs to improve service availability. If diaster recovery is required, you are advised to select multiple AZs.
                                                                                                                                                            • Frontend Subnet: available only to dedicated load balancers. It is used to allocate IP addresses for load balancers to provide services externally.
                                                                                                                                                            • Backend Subnet: available only to dedicated load balancers. It is used to allocate IP addresses for load balancers to access the backend service.
                                                                                                                                                            • Network Specifications, Application-oriented Specifications, or Specifications (available only to dedicated load balancers)
                                                                                                                                                              • Elastic: applies to fluctuating traffic, billed based on total traffic. Clusters of v1.21.10-r10, v1.23.8-r10, v1.25.3-r10, and later versions support elastic specifications.
                                                                                                                                                              • Fixed: applies to stable traffic, billed based on specifications.
                                                                                                                                                              
+
                                                                                                                                                            • EIP: If you select Auto assign, you can configure the size of the public network bandwidth.
                                                                                                                                                            • Resource Tag: You can add resource tags to classify resources. You can create predefined tags on the TMS console. These tags are available to all resources that support tags. You can use these tags to improve the tag creation and resource migration efficiency.
                                                                                                                                                            
                                                                                                                                                             		
 
                                                                                                                                                            
 
 
                                                                                                                                                            
 
                                                                                                                                                            
 
-
                                                                                                                                                          • Listener: An ingress configures a listener for the load balancer, which listens to requests from the load balancer and distributes traffic. After the configuration is complete, a listener is created on the load balancer. The default listener name is k8s_<Protocol type>_<Port number>, for example, k8s_HTTP_80.
                                                                                                                                                            • External Protocol: HTTP and HTTPS are available.
                                                                                                                                                            • External Port: port number that is open to the ELB service address. The port number is configurable.
                                                                                                                                                            • Access Control
                                                                                                                                                              • Inherit ELB Configurations: CCE does not modify the existing access control configurations on the ELB console.
                                                                                                                                                              • Allow all IP addresses: No access control is configured.
                                                                                                                                                              • Trustlist: Only the selected IP address group can access the load balancer.
                                                                                                                                                              • Blocklist: The selected IP address group cannot access the load balancer.
                                                                                                                                                              
+
                                                                                                                                                            • Listener: An ingress configures a listener for the load balancer, which listens to requests from the load balancer and distributes traffic. After the configuration is complete, a listener is created on the load balancer. The default listener name is k8s_<Protocol type>_<Port number>, for example, k8s_HTTP_80.
                                                                                                                                                              • Frontend Protocol: HTTP and HTTPS are available.
                                                                                                                                                              • External Port: port number that is open to the ELB service address. The port number is configurable.
                                                                                                                                                              • Access Control
                                                                                                                                                                • Inherit ELB Configurations: CCE does not modify the existing access control configurations on the ELB console.
                                                                                                                                                                • Allow all IP addresses: No access control is configured.
                                                                                                                                                                • Trustlist: Only the selected IP address group can access the load balancer.
                                                                                                                                                                • Blocklist: The selected IP address group cannot access the load balancer.
                                                                                                                                                                
 
                                                                                                                                                                 
                                                                                                                                                                For clusters of v1.25.16-r10, v1.27.16-r10, v1.28.15-r0, v1.29.10-r0, v1.30.6-r0, v1.31.1-r0, or later, when using a dedicated load balancer, you can select a maximum of five IP address groups at a time for access control.
                                                                                                                                                                
 
                                                                                                                                                                
 
                                                                                                                                                              • Certificate Source: TLS secret and ELB server certificates are supported.
                                                                                                                                                                • TLS secret: For details about how to create a secret certificate, see Creating a Secret.
                                                                                                                                                                • ELB server certificate: Use a certificate created on ELB.
                                                                                                                                                                
@@ -39,7 +39,7 @@
 
                                                                                                                                                              • SNI: stands for Server Name Indication (SNI), which is an extended protocol of TLS. SNI allows multiple TLS-compliant domain names for external access using the same IP address and port number, and different domain names can use different security certificates. After SNI is enabled, the client is allowed to submit the requested domain name when initiating a TLS handshake request. After receiving the TLS request, the load balancer searches for the certificate based on the domain name in the request. If the certificate corresponding to the domain name is found, the load balancer returns the certificate for authorization. Otherwise, the default certificate (server certificate) is returned for authorization.
                                                                                                                                                                 
                                                                                                                                                                • The SNI option is available only when HTTPS is used.
                                                                                                                                                                
 
                                                                                                                                                                • This function is supported only in clusters of v1.15.11 or later.
                                                                                                                                                                • Only one domain name can be specified for each SNI certificate. Wildcard-domain certificates are supported.
                                                                                                                                                                • For ingresses connected to the same ELB port, do not configure SNIs with the same domain name but different certificates. Otherwise, the SNIs will be overwritten.
                                                                                                                                                                
 
                                                                                                                                                                
-
                                                                                                                                                              • Security Policy: combinations of different TLS versions and supported cipher suites available to HTTPS listeners.
                                                                                                                                                                For details about security policies, see Elastic Load Balance User Guide.
                                                                                                                                                                
+
                                                                                                                                                              • Security Policy: combinations of different TLS versions and supported cipher suites available to HTTPS listeners. The default value is TLS-1-2.
                                                                                                                                                                For details about security policies, see Elastic Load Balance User Guide.
                                                                                                                                                                
 
                                                                                                                                                                 
                                                                                                                                                                • Security Policy is available only when HTTPS is selected.
                                                                                                                                                                • This function is supported only in clusters of v1.17.9 or later.
                                                                                                                                                                
 
                                                                                                                                                                
 
                                                                                                                                                              • Backend Protocol:
                                                                                                                                                                When the listener is HTTP-compliant, only HTTP can be selected.
                                                                                                                                                                
@@ -49,35 +49,35 @@
 
                                                                                                                                                            		• 
 
                                                                                                                                                            Description
                                                                                                                                                            
 
                                                                                                                                                            Restrictions
                                                                                                                                                            
+
                                                                                                                                                            Constraint
                                                                                                                                                            
                                                                                                                                                             		
 
                                                                                                                                                            
                                                                                                                                                             
 
                                                                                                                                                            Idle Timeout
                                                                                                                                                            
 
                                                                                                                                                            Timeout for an idle client connection. If there are no requests reaching the load balancer during the timeout duration, the load balancer will disconnect the connection from the client and establish a new connection when there is a new request.
                                                                                                                                                            
+
                                                                                                                                                            The duration for which a client connection can remain idle before being terminated. If there are no requests reaching the load balancer during this period, the load balancer will disconnect the connection from the client and establish a new connection when there is a new request.
                                                                                                                                                            
                                                                                                                                                             		
 
                                                                                                                                                            None
                                                                                                                                                            
                                                                                                                                                             		
 
                                                                                                                                                            
 
                                                                                                                                                            Request Timeout
                                                                                                                                                            
 
                                                                                                                                                            Timeout for waiting for a request from a client. There are two cases:
                                                                                                                                                            
-
                                                                                                                                                            • If the client fails to send a request header to the load balancer during the timeout duration, the request will be interrupted.
                                                                                                                                                            • If the interval between two consecutive request bodies reaching the load balancer is greater than the timeout duration, the connection will be disconnected.
                                                                                                                                                            
+
                                                                                                                                                            The duration within which a request from a client must be received. There are two cases:
                                                                                                                                                            
+
                                                                                                                                                            • If the client fails to send a request header to the load balancer during this period, the request will be interrupted.
                                                                                                                                                            • If the interval between two consecutive request bodies exceeds the timeout duration, the connection will be disconnected.
                                                                                                                                                            
                                                                                                                                                             		
 
                                                                                                                                                            This function is available only for HTTP and HTTPS listeners.
                                                                                                                                                            
                                                                                                                                                             		
 
                                                                                                                                                            
 
                                                                                                                                                            Response Timeout
                                                                                                                                                            
 
                                                                                                                                                            Timeout for waiting for a response from a backend server. After a request is forwarded to the backend server, if the backend server does not respond during the timeout duration, the load balancer will stop waiting and return HTTP 504 Gateway Timeout.
                                                                                                                                                            
+
                                                                                                                                                            The duration within which a response from the backend server is expected. If the backend server does not respond within this period after receiving a request, the load balancer will stop waiting and return an HTTP 504 error.
                                                                                                                                                            
                                                                                                                                                             		
 
                                                                                                                                                            This function is available only for HTTP and HTTPS listeners.
                                                                                                                                                            
                                                                                                                                                             		
 
                                                                                                                                                            HTTP2
                                                                                                                                                            
+
                                                                                                                                                            Enable HTTP/2
                                                                                                                                                            
 
                                                                                                                                                            Whether to use HTTP/2 for a client to communicate with a load balancer. Request forwarding using HTTP/2 improves the access performance between your application and the load balancer. However, the load balancer still uses HTTP/1.x to forward requests to the backend server.
                                                                                                                                                            
+
                                                                                                                                                            Whether to enable HTTP/2 for HTTPS requests between the client and the load balancer. Request forwarding using HTTP/2 improves access performance between your application and the load balancer. However, the load balancer still uses HTTP/1.x to forward requests to the backend server.
                                                                                                                                                            
                                                                                                                                                             		
 
                                                                                                                                                            This function is available only when the listener is HTTPS-compliant.
                                                                                                                                                            
 
                                                                                                                                                            
 
                                                                                                                                                            
 
-
                                                                                                                                                          • Forwarding Policy: When a request's access address matches the forwarding policy (which consists of a domain name, port, and URL, for example, 10.117.117.117:80/helloworld), the request is forwarded to the target Service for processing. You can click  to add multiple forwarding policies.
                                                                                                                                                            • Domain Name: Enter an actual domain name to be accessed. If it is left blank, the ingress can be accessed through the IP address. Ensure that the domain name has been registered and licensed. Once a forwarding policy is configured with a domain name specified, you must use the domain name for access.
                                                                                                                                                            • Path Matching Rule:
                                                                                                                                                              • Prefix match: If the URL is set to /healthz, the URL that meets the prefix can be accessed, for example, /healthz/v1 and /healthz/v2.
                                                                                                                                                              • Exact match: The URL can be accessed only when it is fully matched. For example, if the URL is set to /healthz, only /healthz can be accessed.
                                                                                                                                                              • RegEX match: The URL is matched based on the regular expression. For example, if the regular expression is /[A-Za-z0-9_.-]+/test, all URLs that comply with this rule can be accessed, for example, /abcA9/test and /v1-Ab/test. Two regular expression standards are supported: POSIX and Perl.
                                                                                                                                                              
+
                                                                                                                                                            • Forwarding Policy: When a request's access address matches the forwarding policy (which consists of a domain name, port, and URL, for example, 10.117.117.117:80/helloworld), the request is forwarded to the target Service for processing. You can click  to add multiple forwarding policies.
                                                                                                                                                              • Domain Name: Enter an actual domain name to be accessed. If it is left blank, the ingress can be accessed through the IP address. Ensure that the domain name has been registered and licensed. Once a forwarding policy is configured with a domain name specified, you must use the domain name for access.
                                                                                                                                                              • Path Matching Rule:
                                                                                                                                                                • Prefix match: If the URL is set to /healthz, the URL that meets the prefix can be accessed, for example, /healthz/v1 and /healthz/v2.
                                                                                                                                                                • Exact match: The URL can be accessed only when it is fully matched. For example, if the URL is set to /healthz, only /healthz can be accessed.
                                                                                                                                                                • RegEx match: The URL is matched based on the regular expression. For example, if the regular expression is /[A-Za-z0-9_.-]+/test, all URLs that comply with this rule can be accessed, for example, /abcA9/test and /v1-Ab/test. Two regular expression standards are supported: POSIX and Perl.
                                                                                                                                                                
 
                                                                                                                                                              • Path: access path, for example, /healthz
                                                                                                                                                                 
                                                                                                                                                                The access path added here must exist in the backend application. Otherwise, the forwarding fails.
                                                                                                                                                                
 
                                                                                                                                                                For example, the default access URL of the Nginx application is /usr/share/nginx/html. When adding /test to the ingress forwarding policy, ensure the access URL of your Nginx application contains /usr/share/nginx/html/test. Otherwise, error 404 will be returned.
                                                                                                                                                                
 
                                                                                                                                                                
-
                                                                                                                                                              • Destination Service: Select an existing Service. Only Services that meet the requirements are automatically displayed in the Service list. 
                                                                                                                                                              • Destination Service Port: Select the access port of the destination Service.
                                                                                                                                                              • Set ELB:
                                                                                                                                                                • Algorithm: Three algorithms are available: weighted round robin, weighted least connections algorithm, or source IP hash.
                                                                                                                                                                   
                                                                                                                                                                  • Weighted round robin: Requests are forwarded to different servers based on their weights, which indicate server processing performance. Backend servers with higher weights receive proportionately more requests, whereas equal-weighted servers receive the same number of requests. This algorithm is often used for short connections, such as HTTP services.
                                                                                                                                                                  • Weighted least connections: In addition to the weight assigned to each server, the number of connections processed by each backend server is considered. Requests are forwarded to the server with the lowest connections-to-weight ratio. Building on least connections, the weighted least connections algorithm assigns a weight to each server based on their processing capability. This algorithm is often used for persistent connections, such as database connections.
                                                                                                                                                                  • Source IP hash: The source IP address of each request is calculated using the hash algorithm to obtain a unique hash key, and all backend servers are numbered. The generated key allocates the client to a particular server. This enables requests from different clients to be distributed in load balancing mode and ensures that requests from the same client are forwarded to the same server. This algorithm applies to TCP connections without cookies.
                                                                                                                                                                  
+
                                                                                                                                                                • Destination Service: Select an existing Service. Only Services that meet the requirements are automatically displayed in the Service list. 
                                                                                                                                                                • Destination Service Port: Select the access port of the destination Service.
                                                                                                                                                                • Set ELB:
                                                                                                                                                                  • Algorithm: Three algorithms are available: weighted round robin, weighted least connections algorithm, or source IP hash.
                                                                                                                                                                     
                                                                                                                                                                    • Weighted round robin: Requests are forwarded to different servers based on their weights, which indicate server processing performance. Backend servers with higher weights receive proportionately more requests, whereas equal-weighted servers receive the same number of requests. This algorithm is often used for short connections, such as HTTP services.
                                                                                                                                                                    • Weighted least connections: In addition to the weight assigned to each server, the number of connections processed by each backend server is considered. Requests are forwarded to the server with the lowest connections-to-weight ratio. This algorithm is based on the least connections algorithm and assigns a weight to each server based on their processing capability. This algorithm is often used for persistent connections, such as database connections.
                                                                                                                                                                    • Source IP hash: The source IP address of each request is calculated using the hash algorithm to obtain a unique hash key, and all backend servers are numbered. The generated key allocates the client to a particular server. This enables requests from different clients to be distributed in load balancing mode and ensures that requests from the same client are forwarded to the same server. This algorithm applies to TCP connections without cookies.
                                                                                                                                                                    
 
                                                                                                                                                                    
 
                                                                                                                                                                  • Sticky Session: This function is disabled by default. Options are as follows:
                                                                                                                                                                    • Load balancer cookie: Enter the Stickiness Duration, which ranges from 1 to 1440 minutes.
                                                                                                                                                                    
 
                                                                                                                                                                     
                                                                                                                                                                    • When the distribution policy uses the source IP hash, sticky session cannot be set.
                                                                                                                                                                    • Dedicated load balancers in the clusters of a version earlier than v1.21 do not support sticky sessions. If sticky sessions are required, use shared load balancers.
                                                                                                                                                                    
@@ -138,7 +138,7 @@
 
                                                                                                                                                                  • Click OK. After the ingress is created, it is displayed in the ingress list.
                                                                                                                                                                    On the ELB console, you can check the load balancer automatically created through CCE. The default name is cce-lb-<ingress.UID>. Click the load balancer name to go to the details page. On the Listeners tab page, check the listener and forwarding policy of the target ingress.
                                                                                                                                                                    
 
                                                                                                                                                                     
                                                                                                                                                                    After an ingress is created, upgrade and maintain the selected load balancer on the CCE console. Do not modify the configuration on the ELB console. Otherwise, the ingress service may be abnormal.
                                                                                                                                                                    
 
                                                                                                                                                                    
-
                                                                                                                                                                  • Access the /healthz interface of the workload, for example, workload defaultbackend.
                                                                                                                                                                    1. Obtain the access address of the /healthz interface of the workload. The access address consists of the load balancer IP address, external port, and mapping URL, for example, 10.**.**.**:80/healthz.
                                                                                                                                                                    2. Enter the URL of the /healthz interface, for example, http://10.**.**.**:80/healthz, in the address box of the browser to access the workload, as shown in Figure 1.
                                                                                                                                                                      Figure 1 Accessing the /healthz interface of defaultbackend
                                                                                                                                                                      
+
                                                                                                                                                                    3. Access the /healthz interface of the workload, for example, workload defaultbackend.
                                                                                                                                                                      1. Obtain the access address of the /healthz interface of the workload. The access address consists of the load balancer IP address, external port, and mapping URL, for example, 10.**.**.**:80/healthz.
                                                                                                                                                                      2. Enter the URL of the /healthz interface, for example, http://10.**.**.**:80/healthz, in the address box of the browser to access the workload, as shown in Figure 1.
                                                                                                                                                                        Figure 1 Accessing the /healthz interface of defaultbackend
                                                                                                                                                                        
 
                                                                                                                                                                      
 
                                                                                                                                                                    
 
diff --git a/docs/cce/umn/cce_10_0252.html b/docs/cce/umn/cce_10_0252.html
index ab4068f2b..b491e716c 100644
--- a/docs/cce/umn/cce_10_0252.html
+++ b/docs/cce/umn/cce_10_0252.html
@@ -7,9 +7,11 @@
 
                                                                                                                                                                    Compared with v1beta1, v1 has the following differences in parameters:
                                                                                                                                                                    
 
                                                                                                                                                                    • The ingress type is specified by spec.ingressClassName instead of kubernetes.io/ingress.class in annotations.
                                                                                                                                                                    • The format of backend has changed.
                                                                                                                                                                    • The pathType parameter must be specified for each path. The options are as follows:
                                                                                                                                                                      • ImplementationSpecific: The matching method depends on Ingress Controller. The matching method defined by ingress.beta.kubernetes.io/url-match-mode is used in CCE, which is the same as v1beta1.
                                                                                                                                                                      • Exact: exact matching of the URL, which is case-sensitive.
                                                                                                                                                                      • Prefix: matching based on the URL prefix separated by a slash (/). The match is case-sensitive, and elements in the path are matched one by one. A path element refers to a list of labels in the path separated by a slash (/).
                                                                                                                                                                      
 
                                                                                                                                                                    
-
                                                                                                                                                                    
+
                                                                                                                                                                    
 
-
                                                                                                                                                                    Prerequisites
                                                                                                                                                                    
+
                                                                                                                                                                    Prerequisites
                                                                                                                                                                    
+
                                                                                                                                                                    
+
                                                                                                                                                                    Notes and Constraints
                                                                                                                                                                    • Only clusters of v1.17 or later support dedicated load balancers.
                                                                                                                                                                    • It is recommended that other resources not use the load balancer automatically created by an ingress. Otherwise, the load balancer will be occupied when the ingress is deleted, resulting in residual resources.
                                                                                                                                                                    • After an ingress is created, upgrade and maintain the configuration of the selected load balancers on the CCE console. Do not modify the configuration on the ELB console. Otherwise, the ingress service may be abnormal.
                                                                                                                                                                    • The URL registered in an ingress forwarding policy must be the same as the URL used to access the backend Service. Otherwise, a 404 error will be returned.
                                                                                                                                                                    • In an IPVS cluster, if the LoadBalancer ingress and Service share the same load balancer, the ingress cannot be accessed from within the cluster's nodes and containers. This is because kube-proxy binds the LoadBalancer Service address to the ipvs-0 bridge, which intercepts the ELB traffic. Use different load balancers for the LoadBalancer ingress and Service.
                                                                                                                                                                    • A dedicated load balancer must be of the application type (HTTP/HTTPS) and support private networks (with a private IP address).
                                                                                                                                                                    • If multiple ingresses access the same ELB port in a cluster, the listener configuration items (such as the certificate associated with the listener and the HTTP/2 attribute of the listener) are subject to the configuration of the first ingress.
                                                                                                                                                                    
 
                                                                                                                                                                    
 
                                                                                                                                                                    Automatically Creating a Load Balancer While Creating an Ingress
                                                                                                                                                                    The following describes how to run the kubectl command to automatically create a load balancer when creating an ingress.
                                                                                                                                                                    
 
                                                                                                                                                                    1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                    2. Create a YAML file named ingress-test.yaml. The file name can be customized.
                                                                                                                                                                      vi ingress-test.yaml
                                                                                                                                                                      
@@ -34,7 +36,6 @@ metadata:
           "eip_type":"5_bgp"
         }'
     kubernetes.io/elb.tags: key1=value1,key2=value2           # ELB resource tags
-
 spec:
   rules: 
   - host: ''
@@ -69,7 +70,6 @@ metadata:
           "eip_type":"5_bgp"
         }'
     kubernetes.io/elb.tags: key1=value1,key2=value2           # ELB resource tags
-
 spec:
   rules: 
   - host: ''
@@ -107,7 +107,6 @@ metadata:
           "l7_flavor_name": "L7_flavor.elb.s1.small"
        }'
     kubernetes.io/elb.tags: key1=value1,key2=value2           # ELB resource tags
-
 spec:
   rules: 
   - host: ''
@@ -148,7 +147,6 @@ metadata:
           "l7_flavor_name": "L7_flavor.elb.s1.small"
        }'
     kubernetes.io/elb.tags: key1=value1,key2=value2           # ELB resource tags
-
 spec:
   rules:
   - host: ''
@@ -162,135 +160,135 @@ spec:
           ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
 
                                                                                                                                                                    
 
-
                                                                                                                                                                    Table 1 Key parameters
                                                                                                                                                                    Parameter
                                                                                                                                                                    
+
                                                                                                                                                                    
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                                                                                                                                    Table 1 Key parameters
                                                                                                                                                                    Parameter
                                                                                                                                                                    
 
                                                                                                                                                                    Mandatory
                                                                                                                                                                    
+
                                                                                                                                                                    Mandatory
                                                                                                                                                                    
 
                                                                                                                                                                    Type
                                                                                                                                                                    
+
                                                                                                                                                                    Type
                                                                                                                                                                    
 
                                                                                                                                                                    Description
                                                                                                                                                                    
+
                                                                                                                                                                    Description
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    
 
                                                                                                                                                                    kubernetes.io/elb.class
                                                                                                                                                                    
+
                                                                                                                                                                    kubernetes.io/elb.class
                                                                                                                                                                    
 
                                                                                                                                                                    Yes
                                                                                                                                                                    
+
                                                                                                                                                                    Yes
                                                                                                                                                                    
 
                                                                                                                                                                    String
                                                                                                                                                                    
+
                                                                                                                                                                    String
                                                                                                                                                                    
 
                                                                                                                                                                    Select a proper load balancer type.
                                                                                                                                                                    
+
                                                                                                                                                                    Select a proper load balancer type.
                                                                                                                                                                    
 
                                                                                                                                                                    • union: shared load balancer
                                                                                                                                                                    • performance: dedicated load balancer
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    kubernetes.io/ingress.class
                                                                                                                                                                    
+
                                                                                                                                                                    kubernetes.io/ingress.class
                                                                                                                                                                    
 
                                                                                                                                                                    Yes
                                                                                                                                                                    
+
                                                                                                                                                                    Yes
                                                                                                                                                                    
 
                                                                                                                                                                    (only for clusters of v1.21 or earlier)
                                                                                                                                                                    
 
                                                                                                                                                                    String
                                                                                                                                                                    
+
                                                                                                                                                                    String
                                                                                                                                                                    
 
                                                                                                                                                                    cce: A proprietary LoadBalancer ingress is used.
                                                                                                                                                                    
-
                                                                                                                                                                    This parameter is mandatory when an ingress is created by calling the API.
                                                                                                                                                                    
+
                                                                                                                                                                    cce: A proprietary LoadBalancer ingress is used.
                                                                                                                                                                    
+
                                                                                                                                                                    This parameter is mandatory when you create an ingress.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    ingressClassName
                                                                                                                                                                    
+
                                                                                                                                                                    ingressClassName
                                                                                                                                                                    
 
                                                                                                                                                                    Yes
                                                                                                                                                                    
+
                                                                                                                                                                    Yes
                                                                                                                                                                    
 
                                                                                                                                                                    (only for clusters of v1.23 or later)
                                                                                                                                                                    
 
                                                                                                                                                                    String
                                                                                                                                                                    
+
                                                                                                                                                                    String
                                                                                                                                                                    
 
                                                                                                                                                                    cce: A proprietary LoadBalancer ingress is used.
                                                                                                                                                                    
-
                                                                                                                                                                    This parameter is mandatory when an ingress is created by calling the API.
                                                                                                                                                                    
+
                                                                                                                                                                    cce: A proprietary LoadBalancer ingress is used.
                                                                                                                                                                    
+
                                                                                                                                                                    This parameter is mandatory when you create an ingress.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    kubernetes.io/elb.port
                                                                                                                                                                    
+
                                                                                                                                                                    kubernetes.io/elb.port
                                                                                                                                                                    
 
                                                                                                                                                                    No
                                                                                                                                                                    
+
                                                                                                                                                                    No
                                                                                                                                                                    
 
                                                                                                                                                                    String
                                                                                                                                                                    
+
                                                                                                                                                                    String
                                                                                                                                                                    
 
                                                                                                                                                                    This parameter indicates the external port registered with the address of the LoadBalancer Service.
                                                                                                                                                                    
+
                                                                                                                                                                    This parameter indicates the external port registered with the address of the LoadBalancer Service.
                                                                                                                                                                    
 
                                                                                                                                                                    The value ranges from 1 to 65535. The default value is 80 for HTTP and 443 for HTTPS.
                                                                                                                                                                    
 
                                                                                                                                                                     NOTE: 
                                                                                                                                                                    Some ports on a shared load balancer are highly risky and blocked by default, for example, port 21.
                                                                                                                                                                    
 
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    kubernetes.io/elb.subnet-id
                                                                                                                                                                    
+
                                                                                                                                                                    kubernetes.io/elb.subnet-id
                                                                                                                                                                    
 
                                                                                                                                                                    None
                                                                                                                                                                    
+
                                                                                                                                                                    None
                                                                                                                                                                    
 
                                                                                                                                                                    String
                                                                                                                                                                    
+
                                                                                                                                                                    String
                                                                                                                                                                    
 
                                                                                                                                                                    ID of the subnet where the cluster is located. The value can contain 1 to 100 characters.
                                                                                                                                                                    
-
                                                                                                                                                                    • Mandatory when a cluster of v1.11.7-r0 or earlier is to be automatically created.
                                                                                                                                                                    • Optional for clusters later than v1.11.7-r0. It is left blank by default.
                                                                                                                                                                    
+
                                                                                                                                                                    ID of the subnet where the cluster is located. The value can contain 1 to 100 characters.
                                                                                                                                                                    
+
                                                                                                                                                                    • Mandatory when a cluster of v1.11.7-r0 or earlier is to be automatically created.
                                                                                                                                                                    • Optional for clusters of a version later than v1.11.7-r0. It is left blank by default.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    kubernetes.io/elb.autocreate
                                                                                                                                                                    
+
                                                                                                                                                                    kubernetes.io/elb.autocreate
                                                                                                                                                                    
 
                                                                                                                                                                    Yes
                                                                                                                                                                    
+
                                                                                                                                                                    Yes
                                                                                                                                                                    
 
                                                                                                                                                                    elb.autocreate object
                                                                                                                                                                    
+
                                                                                                                                                                    elb.autocreate object
                                                                                                                                                                    
 
                                                                                                                                                                    Whether to automatically create a load balancer associated with an ingress. For details about the field description, see Table 2.
                                                                                                                                                                    
+
                                                                                                                                                                    Whether to automatically create a load balancer associated with an ingress. For details about the field description, see Table 2.
                                                                                                                                                                    
 
                                                                                                                                                                    Example
                                                                                                                                                                    
 
                                                                                                                                                                    • Automatically created dedicated load balancer with an EIP bound:
                                                                                                                                                                      '{"type":"public","bandwidth_name":"cce-bandwidth-1741230802502","bandwidth_chargemode":"traffic","bandwidth_size":5,"bandwidth_sharetype":"PER","eip_type":"5_bgp","available_zone":["*****"],"elb_virsubnet_ids":["*****"],"l7_flavor_name":"L7_flavor.elb.pro.max","l4_flavor_name":"","vip_subnet_cidr_id":"*****"}'
                                                                                                                                                                      
 
                                                                                                                                                                    • Automatically created dedicated load balancer with no EIP bound:
                                                                                                                                                                      '{"type":"inner","available_zone":["*****"],"elb_virsubnet_ids":["*****"],"l7_flavor_name":"L7_flavor.elb.pro.max","l4_flavor_name":"","vip_subnet_cidr_id":"*****"}'
                                                                                                                                                                      
 
                                                                                                                                                                    • Automatically created shared load balancer with an EIP bound:
                                                                                                                                                                      '{"type":"public","bandwidth_name":"cce-bandwidth-1551163379627","bandwidth_chargemode":"traffic,"bandwidth_size":5,"bandwidth_sharetype":"PER","eip_type":"5_bgp","name":"james"}'
                                                                                                                                                                      
-
                                                                                                                                                                    • Automatically created shared load balancer with no EIP bound:
                                                                                                                                                                      {"type":"inner","name":"A-location-d-test"}
                                                                                                                                                                      
+
                                                                                                                                                                    • Automatically created shared load balancer with no EIP bound:
                                                                                                                                                                      '{"type":"inner", "name": "A-location-d-test"}'
                                                                                                                                                                      
 
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    kubernetes.io/elb.tags
                                                                                                                                                                    
+
                                                                                                                                                                    kubernetes.io/elb.tags
                                                                                                                                                                    
 
                                                                                                                                                                    No
                                                                                                                                                                    
+
                                                                                                                                                                    No
                                                                                                                                                                    
 
                                                                                                                                                                    String
                                                                                                                                                                    
+
                                                                                                                                                                    String
                                                                                                                                                                    
 
                                                                                                                                                                    Whether to add resource tags to a load balancer. This function is available only when the load balancer is automatically created, and the cluster is of v1.23.11-r0, v1.25.6-r0, v1.27.3-r0, or later.
                                                                                                                                                                    
-
                                                                                                                                                                    A tag is in the format of "key=value". Use commas (,) to separate multiple tags.
                                                                                                                                                                    
+
                                                                                                                                                                    Whether to add resource tags to a load balancer. This function is available only when the load balancer is automatically created, and the cluster is of v1.23.11-r0, v1.25.6-r0, v1.27.3-r0, or later.
                                                                                                                                                                    
+
                                                                                                                                                                    A tag is in the format of "key=value". Use commas (,) to separate multiple tags. A load balancer supports a maximum of 20 resource tags. CCE automatically adds one tag, reducing the available quota to 19.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    host
                                                                                                                                                                    
+
                                                                                                                                                                    host
                                                                                                                                                                    
 
                                                                                                                                                                    No
                                                                                                                                                                    
+
                                                                                                                                                                    No
                                                                                                                                                                    
 
                                                                                                                                                                    String
                                                                                                                                                                    
+
                                                                                                                                                                    String
                                                                                                                                                                    
 
                                                                                                                                                                    Domain name for accessing the Service. By default, this parameter is left blank, and the domain name needs to be fully matched. Ensure that the domain name has been registered and licensed. Once a forwarding policy is configured with a domain name specified, you must use the domain name for access.
                                                                                                                                                                    
+
                                                                                                                                                                    Domain name for accessing the Service. By default, this parameter is left blank, and the domain name needs to be fully matched. Ensure that the domain name has been registered and licensed. Once a forwarding policy is configured with a domain name specified, you must use the domain name for access.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    path
                                                                                                                                                                    
+
                                                                                                                                                                    path
                                                                                                                                                                    
 
                                                                                                                                                                    Yes
                                                                                                                                                                    
+
                                                                                                                                                                    Yes
                                                                                                                                                                    
 
                                                                                                                                                                    String
                                                                                                                                                                    
+
                                                                                                                                                                    String
                                                                                                                                                                    
 
                                                                                                                                                                    User-defined route path. All external access requests must match host and path.
                                                                                                                                                                    
+
                                                                                                                                                                    User-defined route path. All external access requests must match host and path.
                                                                                                                                                                    
 
                                                                                                                                                                     NOTE: 
                                                                                                                                                                    The access path added here must exist in the backend application. Otherwise, the forwarding fails.
                                                                                                                                                                    
 
                                                                                                                                                                    For example, the default access URL of the Nginx application is /usr/share/nginx/html. When adding /test to the ingress forwarding policy, ensure the access URL of your Nginx application contains /usr/share/nginx/html/test. Otherwise, error 404 will be returned.
                                                                                                                                                                    
 
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    ingress.beta.kubernetes.io/url-match-mode
                                                                                                                                                                    
+
                                                                                                                                                                    ingress.beta.kubernetes.io/url-match-mode
                                                                                                                                                                    
 
                                                                                                                                                                    No
                                                                                                                                                                    
+
                                                                                                                                                                    No
                                                                                                                                                                    
 
                                                                                                                                                                    String
                                                                                                                                                                    
+
                                                                                                                                                                    String
                                                                                                                                                                    
 
                                                                                                                                                                    Route matching policy.
                                                                                                                                                                    
+
                                                                                                                                                                    Route matching policy.
                                                                                                                                                                    
 
                                                                                                                                                                    Default: STARTS_WITH (prefix match)
                                                                                                                                                                    
 
                                                                                                                                                                    Options:
                                                                                                                                                                    
 
                                                                                                                                                                    • EQUAL_TO: exact match
                                                                                                                                                                    • STARTS_WITH: prefix match
                                                                                                                                                                    • REGEX: regular expression match
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    pathType
                                                                                                                                                                    
+
                                                                                                                                                                    pathType
                                                                                                                                                                    
 
                                                                                                                                                                    Yes
                                                                                                                                                                    
+
                                                                                                                                                                    Yes
                                                                                                                                                                    
 
                                                                                                                                                                    String
                                                                                                                                                                    
+
                                                                                                                                                                    String
                                                                                                                                                                    
 
                                                                                                                                                                    Path type. This field is supported only by clusters of v1.23 or later.
                                                                                                                                                                    • ImplementationSpecific: The matching method depends on Ingress Controller. The matching method defined by ingress.beta.kubernetes.io/url-match-mode is used in CCE.
                                                                                                                                                                    • Exact: exact matching of the URL, which is case-sensitive.
                                                                                                                                                                    • Prefix: prefix matching, which is case-sensitive. With this method, the URL path is separated into multiple elements by slashes (/) and the elements are matched one by one. If each element in the URL matches the path, the subpaths of the URL can be routed normally.
                                                                                                                                                                       NOTE: 
                                                                                                                                                                      • During prefix matching, each element must be exactly matched. If the last element of the URL is the substring of the last element in the request path, no matching is performed. For example, /foo/bar matches /foo/bar/baz but does not match /foo/barbaz.
                                                                                                                                                                      • When elements are separated by slashes (/), if the URL or request path ends with a slash (/), the slash (/) at the end is ignored. For example, /foo/bar matches /foo/bar/.
                                                                                                                                                                      
+
                                                                                                                                                                    Path type. This field is supported only by clusters of v1.23 or later.
                                                                                                                                                                    • ImplementationSpecific: The matching method depends on Ingress Controller. The matching method defined by ingress.beta.kubernetes.io/url-match-mode is used in CCE.
                                                                                                                                                                    • Exact: exact matching of the URL, which is case-sensitive.
                                                                                                                                                                    • Prefix: prefix matching, which is case-sensitive. With this method, the URL path is separated into multiple elements by slashes (/) and the elements are matched one by one. If each element in the URL matches the path, the subpaths of the URL can be routed normally.
                                                                                                                                                                       NOTE: 
                                                                                                                                                                      • During prefix matching, each element must be exactly matched. If the last element of the URL is the substring of the last element in the request path, no matching is performed. For example, /foo/bar matches /foo/bar/baz but does not match /foo/barbaz.
                                                                                                                                                                      • When elements are separated by slashes (/), if the URL or request path ends with a slash (/), the slash (/) at the end is ignored. For example, /foo/bar matches /foo/bar/.
                                                                                                                                                                      
 
                                                                                                                                                                      
 
                                                                                                                                                                    
 
                                                                                                                                                                    
@@ -301,172 +299,171 @@ spec:
 
                                                                                                                                                                    
 
                                                                                                                                                                    
 
-
                                                                                                                                                                    Table 2 elb.autocreate data structure
                                                                                                                                                                    Parameter
                                                                                                                                                                    
+
                                                                                                                                                                    
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@@ -485,7 +482,7 @@ ingress-test  cce      *         121.**.**.**     80      10s
                                                                                                                                                                    Associating an Existing Load Balancer to an Ingress While Creating the Ingress
                                                                                                                                                                    CCE allows you to connect to an existing load balancer when creating an ingress.
                                                                                                                                                                    
-
                                                                                                                                                                    1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                    2. Create a YAML file named ingress-test.yaml. The file name can be customized.
                                                                                                                                                                      vi ingress-test.yaml
                                                                                                                                                                      
+
                                                                                                                                                                      1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                      2. Create a YAML file named ingress-test.yaml. The file name can be customized.
                                                                                                                                                                        vi ingress-test.yaml
                                                                                                                                                                        
 
                                                                                                                                                                         
                                                                                                                                                                        • Starting from cluster v1.23, the ingress version is switched from networking.k8s.io/v1beta1 to networking.k8s.io/v1. For details about the differences between v1 and v1beta1, see Ingress API Version Upgrade in CCE Clusters v1.23.
                                                                                                                                                                        • An existing dedicated load balancer must be of the application type (HTTP/HTTPS) and support private networks (with a private IP address).
                                                                                                                                                                        
 
                                                                                                                                                                        
 
                                                                                                                                                                        If the cluster version is 1.23 or later, the YAML file configuration is as follows:
                                                                                                                                                                        apiVersion: networking.k8s.io/v1
@@ -536,45 +533,46 @@ spec:
         property:
           ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
                                                                                                                                                                        
 
-
                                                                                                                                                                    Table 2 elb.autocreate data structure
                                                                                                                                                                    Parameter
                                                                                                                                                                    
 
                                                                                                                                                                    Mandatory
                                                                                                                                                                    
+
                                                                                                                                                                    Mandatory
                                                                                                                                                                    
 
                                                                                                                                                                    Type
                                                                                                                                                                    
+
                                                                                                                                                                    Type
                                                                                                                                                                    
 
                                                                                                                                                                    Description
                                                                                                                                                                    
+
                                                                                                                                                                    Description
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    
 
                                                                                                                                                                    name
                                                                                                                                                                    
+
                                                                                                                                                                    name
                                                                                                                                                                    
 
                                                                                                                                                                    No
                                                                                                                                                                    
+
                                                                                                                                                                    No
                                                                                                                                                                    
 
                                                                                                                                                                    String
                                                                                                                                                                    
+
                                                                                                                                                                    String
                                                                                                                                                                    
 
                                                                                                                                                                    Name of the automatically created load balancer.
                                                                                                                                                                    
+
                                                                                                                                                                    Name of the automatically created load balancer.
                                                                                                                                                                    
 
                                                                                                                                                                    The value can contain 1 to 64 characters. Only letters, digits, underscores (_), hyphens (-), and periods (.) are allowed.
                                                                                                                                                                    
 
                                                                                                                                                                    Default: cce-lb+service.UID
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    type
                                                                                                                                                                    
+
                                                                                                                                                                    type
                                                                                                                                                                    
 
                                                                                                                                                                    No
                                                                                                                                                                    
+
                                                                                                                                                                    No
                                                                                                                                                                    
 
                                                                                                                                                                    String
                                                                                                                                                                    
+
                                                                                                                                                                    String
                                                                                                                                                                    
 
                                                                                                                                                                    Network type of the load balancer.
                                                                                                                                                                    
+
                                                                                                                                                                    Network type of the load balancer.
                                                                                                                                                                    
 
                                                                                                                                                                    • public: public network load balancer
                                                                                                                                                                    • inner: private network load balancer
                                                                                                                                                                    
 
                                                                                                                                                                    Default: inner
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    bandwidth_name
                                                                                                                                                                    
+
                                                                                                                                                                    bandwidth_name
                                                                                                                                                                    
 
                                                                                                                                                                    Yes for public network load balancers
                                                                                                                                                                    
+
                                                                                                                                                                    Yes for public network load balancers
                                                                                                                                                                    
 
                                                                                                                                                                    String
                                                                                                                                                                    
+
                                                                                                                                                                    String
                                                                                                                                                                    
 
                                                                                                                                                                    Bandwidth name. The default value is cce-bandwidth-******.
                                                                                                                                                                    
+
                                                                                                                                                                    Bandwidth name. The default value is cce-bandwidth-******.
                                                                                                                                                                    
 
                                                                                                                                                                    The value can contain 1 to 64 characters. Only letters, digits, underscores (_), hyphens (-), and periods (.) are allowed.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    bandwidth_chargemode
                                                                                                                                                                    
+
                                                                                                                                                                    bandwidth_chargemode
                                                                                                                                                                    
 
                                                                                                                                                                    No
                                                                                                                                                                    
+
                                                                                                                                                                    Yes for public network load balancers
                                                                                                                                                                    
 
                                                                                                                                                                    String
                                                                                                                                                                    
+
                                                                                                                                                                    String
                                                                                                                                                                    
 
                                                                                                                                                                    Bandwidth mode.
                                                                                                                                                                    
+
                                                                                                                                                                    Bandwidth mode.
                                                                                                                                                                    
 
                                                                                                                                                                    • traffic: billed by traffic
                                                                                                                                                                    
-
                                                                                                                                                                    Default: traffic
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    bandwidth_size
                                                                                                                                                                    
+
                                                                                                                                                                    bandwidth_size
                                                                                                                                                                    
 
                                                                                                                                                                    Yes for public network load balancers
                                                                                                                                                                    
+
                                                                                                                                                                    Yes for public network load balancers
                                                                                                                                                                    
 
                                                                                                                                                                    Integer
                                                                                                                                                                    
+
                                                                                                                                                                    Integer
                                                                                                                                                                    
 
                                                                                                                                                                    Bandwidth size. The value ranges from 1 Mbit/s to 2000 Mbit/s by default. Configure this parameter based on the bandwidth range allowed in your region.
                                                                                                                                                                    
+
                                                                                                                                                                    Bandwidth size. The value ranges from 1 Mbit/s to 2000 Mbit/s by default. Configure this parameter based on the bandwidth range allowed in your region.
                                                                                                                                                                    
 
                                                                                                                                                                    The minimum increment for bandwidth adjustment varies depending on the bandwidth range.
                                                                                                                                                                    • The minimum increment is 1 Mbit/s if the allowed bandwidth does not exceed 300 Mbit/s.
                                                                                                                                                                    • The minimum increment is 50 Mbit/s if the allowed bandwidth ranges from 300 Mbit/s to 1000 Mbit/s.
                                                                                                                                                                    • The minimum increment is 500 Mbit/s if the allowed bandwidth exceeds 1000 Mbit/s.
                                                                                                                                                                    
 
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    bandwidth_sharetype
                                                                                                                                                                    
+
                                                                                                                                                                    bandwidth_sharetype
                                                                                                                                                                    
 
                                                                                                                                                                    Yes for public network load balancers
                                                                                                                                                                    
+
                                                                                                                                                                    Yes for public network load balancers
                                                                                                                                                                    
 
                                                                                                                                                                    String
                                                                                                                                                                    
+
                                                                                                                                                                    String
                                                                                                                                                                    
 
                                                                                                                                                                    Bandwidth sharing mode.
                                                                                                                                                                    
+
                                                                                                                                                                    Bandwidth sharing mode.
                                                                                                                                                                    
 
                                                                                                                                                                    • PER: dedicated bandwidth
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    eip_type
                                                                                                                                                                    
+
                                                                                                                                                                    eip_type
                                                                                                                                                                    
 
                                                                                                                                                                    Yes for public network load balancers
                                                                                                                                                                    
+
                                                                                                                                                                    Yes for public network load balancers
                                                                                                                                                                    
 
                                                                                                                                                                    String
                                                                                                                                                                    
+
                                                                                                                                                                    String
                                                                                                                                                                    
 
                                                                                                                                                                    EIP type.
                                                                                                                                                                    
+
                                                                                                                                                                    EIP type.
                                                                                                                                                                    
 
                                                                                                                                                                    • 5_bgp: dynamic BGP
                                                                                                                                                                    
-
                                                                                                                                                                    The specific type varies with regions. For details, see the EIP console.
                                                                                                                                                                    
+
                                                                                                                                                                    The types vary by region. For details, see the EIP console.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    vip_subnet_cidr_id
                                                                                                                                                                    
+
                                                                                                                                                                    vip_subnet_cidr_id
                                                                                                                                                                    
 
                                                                                                                                                                    No
                                                                                                                                                                    
+
                                                                                                                                                                    No
                                                                                                                                                                    
 
                                                                                                                                                                    String
                                                                                                                                                                    
+
                                                                                                                                                                    String
                                                                                                                                                                    
 
                                                                                                                                                                    The ID of the IPv4 subnet where the load balancer resides. This subnet is used to allocate IP addresses for the load balancer to provide external services. The IPv4 subnet must belong to the cluster's VPC.
                                                                                                                                                                    
+
                                                                                                                                                                    The ID of the IPv4 subnet where the load balancer resides. This subnet is used to allocate IP addresses for the load balancer to provide external services. The IPv4 subnet must belong to the cluster's VPC.
                                                                                                                                                                    
 
                                                                                                                                                                    If this parameter is not specified, the load balancer and the cluster will be in the same subnet by default.
                                                                                                                                                                    
 
                                                                                                                                                                    This field can be specified only for clusters of v1.21 or later.
                                                                                                                                                                    
-
                                                                                                                                                                    How to Obtain
                                                                                                                                                                    
-
                                                                                                                                                                    Log in to the VPC console. In the navigation pane, choose Subnets. Filter the target subnet by the cluster's VPC name, click the subnet name, and copy the IPv4 Subnet ID on the Summary tab page.
                                                                                                                                                                    
+
                                                                                                                                                                    How to obtain:
                                                                                                                                                                    
+
                                                                                                                                                                    Log in to the VPC console. In the navigation pane, choose Subnets. Filter the target subnet by the cluster's VPC name, click the subnet name, and copy the IPv4 Subnet ID on the Summary tab.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    ipv6_vip_virsubnet_id
                                                                                                                                                                    
+
                                                                                                                                                                    ipv6_vip_virsubnet_id
                                                                                                                                                                    
 
                                                                                                                                                                    No
                                                                                                                                                                    
+
                                                                                                                                                                    No
                                                                                                                                                                    
 
                                                                                                                                                                    String
                                                                                                                                                                    
+
                                                                                                                                                                    String
                                                                                                                                                                    
 
                                                                                                                                                                    The ID of the IPv6 subnet where the load balancer is deployed. IPv6 must be enabled for the subnet.
                                                                                                                                                                    
+
                                                                                                                                                                    The ID of the IPv6 subnet where the load balancer is deployed. IPv6 must be enabled for the subnet.
                                                                                                                                                                    
 
                                                                                                                                                                    This parameter is available only for dedicated load balancers.
                                                                                                                                                                    
-
                                                                                                                                                                    How to Obtain
                                                                                                                                                                    
-
                                                                                                                                                                    Log in to the VPC console. In the navigation pane, choose Subnets. Filter the target subnet by the cluster's VPC name, click the subnet name, and copy the Network ID on the Summary tab page.
                                                                                                                                                                    
+
                                                                                                                                                                    How to obtain:
                                                                                                                                                                    
+
                                                                                                                                                                    Log in to the VPC console. In the navigation pane, choose Subnets. Filter the target subnet by the cluster's VPC name, click the subnet name, and copy the Network ID on the Summary tab.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    elb_virsubnet_ids
                                                                                                                                                                    
+
                                                                                                                                                                    elb_virsubnet_ids
                                                                                                                                                                    
 
                                                                                                                                                                    No
                                                                                                                                                                    
+
                                                                                                                                                                    No
                                                                                                                                                                    
 
                                                                                                                                                                    Array of strings
                                                                                                                                                                    
+
                                                                                                                                                                    Array of strings
                                                                                                                                                                    
 
                                                                                                                                                                    The network ID of the subnet where the load balancer is located. This subnet is used to allocate IP addresses for accessing the backend server. If this parameter is not specified, the subnet specified by vip_subnet_cidr_id will be used by default. Load balancers occupy varying numbers of subnet IP addresses based on their specifications. Do not use the subnet CIDR blocks of other resources (such as clusters or nodes) as the load balancer's CIDR block.
                                                                                                                                                                    
+
                                                                                                                                                                    The network ID of the subnet where the load balancer is located. This subnet is used to allocate IP addresses for accessing the backend server. If this parameter is not specified, the subnet specified by vip_subnet_cidr_id will be used by default. Load balancers occupy varying numbers of subnet IP addresses based on their specifications. Do not use the subnet CIDR blocks of other resources (such as clusters or nodes) as the load balancer's CIDR block.
                                                                                                                                                                    
 
                                                                                                                                                                    This parameter is available only for dedicated load balancers.
                                                                                                                                                                    
 
                                                                                                                                                                    Example:
                                                                                                                                                                    
 
                                                                                                                                                                    "elb_virsubnet_ids": [
    "14567f27-8ae4-42b8-ae47-9f847a4690dd"
  ]
                                                                                                                                                                    
-
                                                                                                                                                                    How to Obtain
                                                                                                                                                                    
-
                                                                                                                                                                    Log in to the VPC console. In the navigation pane, choose Subnets. Filter the target subnet by the cluster's VPC name, click the subnet name, and copy the Network ID on the Summary tab page.
                                                                                                                                                                    
+
                                                                                                                                                                    How to obtain:
                                                                                                                                                                    
+
                                                                                                                                                                    Log in to the VPC console. In the navigation pane, choose Subnets. Filter the target subnet by the cluster's VPC name, click the subnet name, and copy the Network ID on the Summary tab.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    vip_address
                                                                                                                                                                    
+
                                                                                                                                                                    vip_address
                                                                                                                                                                    
 
                                                                                                                                                                    No
                                                                                                                                                                    
+
                                                                                                                                                                    No
                                                                                                                                                                    
 
                                                                                                                                                                    String
                                                                                                                                                                    
+
                                                                                                                                                                    String
                                                                                                                                                                    
 
                                                                                                                                                                    Private IP address of the load balancer. Only IPv4 addresses are supported.
                                                                                                                                                                    
+
                                                                                                                                                                    Private IP address of the load balancer. Only IPv4 addresses are supported.
                                                                                                                                                                    
 
                                                                                                                                                                    The IP address must be in the ELB CIDR block. If this parameter is not specified, an IP address will be automatically assigned from the ELB CIDR block.
                                                                                                                                                                    
 
                                                                                                                                                                    This parameter is available only in clusters of v1.23.11-r0, v1.25.6-r0, v1.27.3-r0, or later versions.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    available_zone
                                                                                                                                                                    
+
                                                                                                                                                                    available_zone
                                                                                                                                                                    
 
                                                                                                                                                                    Yes
                                                                                                                                                                    
+
                                                                                                                                                                    Yes
                                                                                                                                                                    
 
                                                                                                                                                                    Array of strings
                                                                                                                                                                    
+
                                                                                                                                                                    Array of strings
                                                                                                                                                                    
 
                                                                                                                                                                    AZ where the load balancer is located.
                                                                                                                                                                    
+
                                                                                                                                                                    AZ where the load balancer is located.
                                                                                                                                                                    
 
                                                                                                                                                                    You can obtain all supported AZs by getting the AZ list.
                                                                                                                                                                    
 
                                                                                                                                                                    This parameter is available only for dedicated load balancers.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    l4_flavor_name
                                                                                                                                                                    
+
                                                                                                                                                                    l4_flavor_name
                                                                                                                                                                    
 
                                                                                                                                                                    No
                                                                                                                                                                    
+
                                                                                                                                                                    No
                                                                                                                                                                    
 
                                                                                                                                                                    String
                                                                                                                                                                    
+
                                                                                                                                                                    String
                                                                                                                                                                    
 
                                                                                                                                                                    Flavor name of the layer-4 load balancer. This parameter is mandatory when TCP or UDP is used.
                                                                                                                                                                    
+
                                                                                                                                                                    Flavor name of the Layer 4 load balancer. This parameter is mandatory when TCP or UDP is used.
                                                                                                                                                                    
 
                                                                                                                                                                    You can obtain all supported types by getting the flavor list.
                                                                                                                                                                    
 
                                                                                                                                                                    This parameter is available only for dedicated load balancers.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    l7_flavor_name
                                                                                                                                                                    
+
                                                                                                                                                                    l7_flavor_name
                                                                                                                                                                    
 
                                                                                                                                                                    No
                                                                                                                                                                    
+
                                                                                                                                                                    No
                                                                                                                                                                    
 
                                                                                                                                                                    String
                                                                                                                                                                    
+
                                                                                                                                                                    String
                                                                                                                                                                    
 
                                                                                                                                                                    Flavor name of the layer-7 load balancer. This parameter is mandatory when HTTP is used.
                                                                                                                                                                    
+
                                                                                                                                                                    Flavor name of the Layer 7 load balancer. This parameter is mandatory when HTTP is used.
                                                                                                                                                                    
 
                                                                                                                                                                    You can obtain all supported types by getting the flavor list.
                                                                                                                                                                    
 
                                                                                                                                                                    This parameter is available only for dedicated load balancers. Its value must match that of l4_flavor_name, meaning both must be either elastic specifications or fixed specifications.
                                                                                                                                                                    
                                                                                                                                                                     		
 
 
 
                                                                                                                                                                    Table 3 Key parameters
                                                                                                                                                                    Parameter
                                                                                                                                                                    
+
                                                                                                                                                                    
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                                                                                                                                    Table 3 Key parameters
                                                                                                                                                                    Parameter
                                                                                                                                                                    
 
                                                                                                                                                                    Mandatory
                                                                                                                                                                    
+
                                                                                                                                                                    Mandatory
                                                                                                                                                                    
 
                                                                                                                                                                    Type
                                                                                                                                                                    
+
                                                                                                                                                                    Type
                                                                                                                                                                    
 
                                                                                                                                                                    Description
                                                                                                                                                                    
+
                                                                                                                                                                    Description
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    
 
                                                                                                                                                                    kubernetes.io/elb.id
                                                                                                                                                                    
+
                                                                                                                                                                    kubernetes.io/elb.id
                                                                                                                                                                    
 
                                                                                                                                                                    No
                                                                                                                                                                    
+
                                                                                                                                                                    No
                                                                                                                                                                    
 
                                                                                                                                                                    String
                                                                                                                                                                    
+
                                                                                                                                                                    String
                                                                                                                                                                    
 
                                                                                                                                                                    ID of a load balancer. The value can contain 1 to 100 characters.
                                                                                                                                                                    
+
                                                                                                                                                                    ID of a load balancer. The value can contain 1 to 100 characters.
                                                                                                                                                                    
 
                                                                                                                                                                    Use either this parameter or kubernetes.io/elb.ip. If they conflict, kubernetes.io/elb.id will take precedence.
                                                                                                                                                                    
 
                                                                                                                                                                    How to obtain:
                                                                                                                                                                    
 
                                                                                                                                                                    On the management console, click Service List, and choose Networking > Elastic Load Balance. Click the name of the target load balancer. On the Summary tab page, find and copy the ID.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    kubernetes.io/elb.ip
                                                                                                                                                                    
+
                                                                                                                                                                    kubernetes.io/elb.ip
                                                                                                                                                                    
 
                                                                                                                                                                    No
                                                                                                                                                                    
+
                                                                                                                                                                    No
                                                                                                                                                                    
 
                                                                                                                                                                    String
                                                                                                                                                                    
+
                                                                                                                                                                    String
                                                                                                                                                                    
 
                                                                                                                                                                    Service address of a load balancer. The value can be the public IP address of a public network load balancer or the private IP address of a private network load balancer.
                                                                                                                                                                    
+
                                                                                                                                                                    IP address of a load balancer.
                                                                                                                                                                    
 
                                                                                                                                                                    Use either this parameter or kubernetes.io/elb.id. If they conflict, kubernetes.io/elb.id will take precedence.
                                                                                                                                                                    
+
                                                                                                                                                                    When creating an ingress, specify a public or private IP address for a shared load balancer. For a dedicated load balancer, only a private IP address can be specified.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    kubernetes.io/elb.class
                                                                                                                                                                    
+
                                                                                                                                                                    kubernetes.io/elb.class
                                                                                                                                                                    
 
                                                                                                                                                                    Yes
                                                                                                                                                                    
+
                                                                                                                                                                    Yes
                                                                                                                                                                    
 
                                                                                                                                                                    String
                                                                                                                                                                    
+
                                                                                                                                                                    String
                                                                                                                                                                    
 
                                                                                                                                                                    Load balancer type.
                                                                                                                                                                    
+
                                                                                                                                                                    Load balancer type.
                                                                                                                                                                    
 
                                                                                                                                                                    • union: shared load balancer
                                                                                                                                                                    • performance: dedicated load balancer, which can be used only in clusters of v1.17 and later.
                                                                                                                                                                    
 
                                                                                                                                                                     NOTE: 
                                                                                                                                                                    If a LoadBalancer ingress accesses an existing dedicated load balancer, the dedicated load balancer must be of the application load balancing (HTTP/HTTPS) type.
                                                                                                                                                                    
 
                                                                                                                                                                    
@@ -590,7 +588,7 @@ spec:
 
                                                                                                                                                                    If information similar to the following is displayed, the ingress has been created:
                                                                                                                                                                    
 
                                                                                                                                                                    NAME          CLASS    HOSTS     ADDRESS          PORTS   AGE
 ingress-test  cce      *         121.**.**.**     80      10s
                                                                                                                                                                    
-
                                                                                                                                                                  • Enter http://121.**.**.**:80 in the address box of the browser to access the workload (for example, Nginx workload).
                                                                                                                                                                    121.**.**.** indicates the IP address of the unified load balancer.
                                                                                                                                                                    
+
                                                                                                                                                                  • Enter http://121.**.**.**:80 in the address box of the browser to access the workload (for example, Nginx workload).
                                                                                                                                                                    121.**.**.** indicates the IP address of the unified load balancer.
                                                                                                                                                                    
 
                                                                                                                                                                    • 
 
 
diff --git a/docs/cce/umn/cce_10_0275.html b/docs/cce/umn/cce_10_0275.html
index d95938702..177a261f6 100644
--- a/docs/cce/umn/cce_10_0275.html
+++ b/docs/cce/umn/cce_10_0275.html
@@ -16,7 +16,8 @@
 
 
                                                                                                                                                                    privileged
                                                                                                                                                                    
 
                                                                                                                                                                    Starts the privileged container.
                                                                                                                                                                    
+
                                                                                                                                                                    Starts the privileged container. Privileged containers can access all devices on the node. Enable this option only when necessary. For example, in the GPU scenario, even if a container applies for only some GPUs, resource constraints are bypassed after this option is enabled, and all GPUs on the node where the container is located can be used.
                                                                                                                                                                    
+
                                                                                                                                                                    For more information, see Pod Security Standards.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    
 
                                                                                                                                                                    hostPID
                                                                                                                                                                    
diff --git a/docs/cce/umn/cce_10_0276.html b/docs/cce/umn/cce_10_0276.html
index b99c68e9d..ce4cf905c 100644
--- a/docs/cce/umn/cce_10_0276.html
+++ b/docs/cce/umn/cce_10_0276.html
@@ -2,7 +2,7 @@
 
 
                                                                                                                                                                    Performing Rolling Upgrade for Nodes
                                                                                                                                                                    
 
                                                                                                                                                                    Scenario
                                                                                                                                                                    In a rolling upgrade, a new node is created, existing workloads are migrated to the new node, and then the old node is deleted. Figure 1 shows the migration process.
                                                                                                                                                                    
-
                                                                                                                                                                    Figure 1 Workload migration
                                                                                                                                                                    
+
                                                                                                                                                                    Figure 1 Workload migration
                                                                                                                                                                    
 
                                                                                                                                                                    
 
                                                                                                                                                                    Notes and Constraints
                                                                                                                                                                    • The original node and the target node to which the workload is to be migrated must be in the same cluster.
                                                                                                                                                                    • The cluster must be of v1.13.10 or later.
                                                                                                                                                                    • The default node pool does not support this configuration.
                                                                                                                                                                    
 
                                                                                                                                                                    
diff --git a/docs/cce/umn/cce_10_0277.html b/docs/cce/umn/cce_10_0277.html
index 219d30075..31352a53d 100644
--- a/docs/cce/umn/cce_10_0277.html
+++ b/docs/cce/umn/cce_10_0277.html
@@ -1,30 +1,32 @@
 
 
 
                                                                                                                                                                    Overview
                                                                                                                                                                    
-
                                                                                                                                                                    CCE provides multiple types of add-ons to extend cluster functions and meet feature requirements. You can install add-ons as required.
                                                                                                                                                                    
-
                                                                                                                                                                     
                                                                                                                                                                    CCE uses Helm charts to deploy add-ons. To modify or upgrade an add-on, perform operations on the Add-ons page or use open add-on management APIs. Do not directly modify resources related to add-ons in the background. Otherwise, add-on exceptions or other unexpected problems may occur.
                                                                                                                                                                    
+
                                                                                                                                                                    CCE provides multiple types of add-ons to manage extended cluster functions. You can select add-ons as required to enhance the functions and flexibility of containerized applications.
                                                                                                                                                                    
+
                                                                                                                                                                    These add-ons include CCE-developed and enhanced add-ons and widely used open-source add-ons.
                                                                                                                                                                    
+
                                                                                                                                                                    • CCE-developed and enhanced add-ons are deeply integrated into CCE and optimized for specific service requirements and scenarios. They can better support complex enterprise applications and ensure high performance and reliability.
                                                                                                                                                                    • Open-source add-ons leverage extensive community support and mature technologies to provide users with various functions and flexible solutions to meet ever-changing service requirements.
                                                                                                                                                                    
+
                                                                                                                                                                     
                                                                                                                                                                    CCE uses Helm charts to deploy add-ons. To modify or upgrade an add-on, perform operations on the Add-ons page or use open add-on management APIs. Avoid making changes to add-on resources in the backend, as this may lead to abnormal add-on behavior or unexpected issues. For example, parameter settings could be overwritten after an upgrade.
                                                                                                                                                                    
 
                                                                                                                                                                    Add-on pods are prioritized over service pods. When cluster resources are limited, the add-on pods can use resources that would otherwise be allocated to service pods. This may result in the eviction of service pods.
                                                                                                                                                                    
 
                                                                                                                                                                    
 
                                                                                                                                                                    Scheduling and Elasticity Add-ons
                                                                                                                                                                    
-
                                                                                                                                                                    Add-on Name
                                                                                                                                                                    
+
                                                                                                                                                                    
-
-
-
-
-
-
-
@@ -32,30 +34,35 @@
 
                                                                                                                                                                    Cloud Native Observability Add-ons
                                                                                                                                                                    
-
                                                                                                                                                                    Add-on Name
                                                                                                                                                                    
 
                                                                                                                                                                    Description
                                                                                                                                                                    
+
                                                                                                                                                                    Description
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    
 
                                                                                                                                                                    Volcano Scheduler
                                                                                                                                                                    
+
                                                                                                                                                                    Volcano Scheduler
                                                                                                                                                                    
 
                                                                                                                                                                    This add-on is a scheduler for general-purpose, high-performance computing such as job scheduling, heterogeneous chip management, and job running management, serving end users through computing frameworks for different industries such as AI, big data, gene sequencing, and rendering.
                                                                                                                                                                    
+
                                                                                                                                                                    This add-on is a scheduler for general-purpose, high-performance computing such as job scheduling, heterogeneous chip management, and job running management, serving end users through computing frameworks for different industries such as AI, big data, gene sequencing, and rendering.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    CCE Cluster Autoscaler
                                                                                                                                                                    
+
                                                                                                                                                                    CCE Cluster Autoscaler
                                                                                                                                                                    
 
                                                                                                                                                                    This add-on scales in or out the workload nodes in a cluster based on pod scheduling status and resource usage.
                                                                                                                                                                    
+
                                                                                                                                                                    This add-on scales in or out the workload nodes in a cluster based on pod scheduling status and resource usage.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    CCE Advanced HPA
                                                                                                                                                                    
+
                                                                                                                                                                    CCE Advanced HPA
                                                                                                                                                                    
 
                                                                                                                                                                    This add-on is developed by CCE. It can be used to flexibly scale in or out Deployments based on metrics such as CPU usage and memory usage.
                                                                                                                                                                    
+
                                                                                                                                                                    This add-on is developed by CCE. It can be used to flexibly scale in or out Deployments based on metrics such as CPU usage and memory usage.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    
                                                                                                                                                                     
 
 
                                                                                                                                                                    Add-on Name
                                                                                                                                                                    
+
                                                                                                                                                                    
-
-
-
-
-
-
-
-
-
+
+
+
@@ -63,15 +70,15 @@
 
                                                                                                                                                                    Cloud Native Heterogeneous Computing Add-ons
                                                                                                                                                                    
-
                                                                                                                                                                    Add-on Name
                                                                                                                                                                    
 
                                                                                                                                                                    Description
                                                                                                                                                                    
+
                                                                                                                                                                    Description
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    
 
                                                                                                                                                                    Cloud Native Cluster Monitoring
                                                                                                                                                                    
+
                                                                                                                                                                    Cloud Native Cluster Monitoring
                                                                                                                                                                    
 
                                                                                                                                                                    This add-on includes the Prometheus-operator and Prometheus components and provides easy-to-use, end-to-end Kubernetes cluster monitoring.
                                                                                                                                                                    
+
                                                                                                                                                                    This add-on includes the Prometheus-operator and Prometheus components and provides easy-to-use, end-to-end Kubernetes cluster monitoring.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    Cloud Native Log Collection
                                                                                                                                                                    
+
                                                                                                                                                                    Cloud Native Log Collection
                                                                                                                                                                    
 
                                                                                                                                                                    This add-on is developed based on Fluent Bit and OpenTelemetry for collecting logs. It supports CRD-based log collection policies, and collects and forwards standard output logs, container file logs, node logs, and Kubernetes events in a cluster.
                                                                                                                                                                    
+
                                                                                                                                                                    This add-on is developed based on Fluent Bit and OpenTelemetry for collecting logs. It supports CRD-based log collection policies, and collects and forwards standard output logs, container file logs, node logs, and Kubernetes events in a cluster.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    CCE Node Problem Detector
                                                                                                                                                                    
+
                                                                                                                                                                    CCE Node Problem Detector
                                                                                                                                                                    
 
                                                                                                                                                                    This add-on monitors abnormal events of cluster nodes and connects to a third-party monitoring platform. It is a daemon running on each node. It collects node issues from different daemons and reports them to the API server. It can run as a DaemonSet or a daemon.
                                                                                                                                                                    
+
                                                                                                                                                                    This add-on monitors abnormal events of cluster nodes and connects to a third-party monitoring platform. It is a daemon running on each node. It collects node issues from different daemons and reports them to the API server. It can run as a DaemonSet or a daemon.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    Kubernetes Metrics Server
                                                                                                                                                                    
+
                                                                                                                                                                    Kubernetes Metrics Server
                                                                                                                                                                    
 
                                                                                                                                                                    This add-on is an aggregator for monitoring data of core cluster resources.
                                                                                                                                                                    
+
                                                                                                                                                                    This add-on is an aggregator for monitoring data of core cluster resources.
                                                                                                                                                                    
+
                                                                                                                                                                    Grafana
                                                                                                                                                                    
+
                                                                                                                                                                    This add-on is an open-source visualized data monitoring platform. It provides you with various charts and panels for real-time monitoring, analysis, and visualization of various metrics and data sources.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    
                                                                                                                                                                     
 
 
                                                                                                                                                                    Add-on Name
                                                                                                                                                                    
+
                                                                                                                                                                    
-
-
-
@@ -79,36 +86,41 @@
 
                                                                                                                                                                    Container Network Add-ons
                                                                                                                                                                    
-
                                                                                                                                                                    Add-on Name
                                                                                                                                                                    
 
                                                                                                                                                                    Description
                                                                                                                                                                    
+
                                                                                                                                                                    Description
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    
 
                                                                                                                                                                    CCE AI Suite (NVIDIA GPU)
                                                                                                                                                                    
+
                                                                                                                                                                    CCE AI Suite (NVIDIA GPU)
                                                                                                                                                                    
 
                                                                                                                                                                    This add-on supports and manages GPUs in containers. Only NVIDIA drivers are supported.
                                                                                                                                                                    
+
                                                                                                                                                                    This add-on supports and manages GPUs in containers. Only NVIDIA drivers are supported.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    
                                                                                                                                                                     
 
 
                                                                                                                                                                    Add-on Name
                                                                                                                                                                    
+
                                                                                                                                                                    
-
-
-
-
-
+
+
+
                                                                                                                                                                    Add-on Name
                                                                                                                                                                    
 
                                                                                                                                                                    Description
                                                                                                                                                                    
+
                                                                                                                                                                    Description
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    
 
                                                                                                                                                                    CoreDNS
                                                                                                                                                                    
+
                                                                                                                                                                    CoreDNS
                                                                                                                                                                    
 
                                                                                                                                                                    This add-on is a DNS server that provides domain name resolution for Kubernetes clusters through a chain add-on.
                                                                                                                                                                    
+
                                                                                                                                                                    This add-on is a DNS server that provides domain name resolution for Kubernetes clusters through a chain add-on.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    NGINX Ingress Controller
                                                                                                                                                                    
+
                                                                                                                                                                    NGINX Ingress Controller
                                                                                                                                                                    
 
                                                                                                                                                                    This add-on forwards application data such as the data of virtual hosts, load balancers, SSL proxy, and HTTP routing for Services that can be directly accessed outside a cluster.
                                                                                                                                                                    
+
                                                                                                                                                                    This add-on provides application-layer forwarding functions, including load balancing, SSL proxies, and HTTP routing, for Services to support direct access from outside a cluster.
                                                                                                                                                                    
+
                                                                                                                                                                    NodeLocal DNSCache
                                                                                                                                                                    
+
                                                                                                                                                                    This add-on functions as a DaemonSet to run the DNS cache proxy on each cluster node to improve cluster DNS performance.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    
                                                                                                                                                                     
 
                                                                                                                                                                    
 
                                                                                                                                                                    
 
-
                                                                                                                                                                    Container Storage Add-on
                                                                                                                                                                    
-
                                                                                                                                                                    Add-on Name
                                                                                                                                                                    
+
                                                                                                                                                                    Container Storage Add-ons
                                                                                                                                                                    
+
                                                                                                                                                                    
-
-
-
@@ -117,98 +129,98 @@
 
                                                                                                                                                                    Add-on Lifecycle
                                                                                                                                                                    An add-on lifecycle involves all the statuses of the add-on from installation to uninstallation.
                                                                                                                                                                    
 
-
                                                                                                                                                                    Add-on Name
                                                                                                                                                                    
 
                                                                                                                                                                    Description
                                                                                                                                                                    
+
                                                                                                                                                                    Description
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    
 
                                                                                                                                                                    CCE Container Storage (Everest)
                                                                                                                                                                    
+
                                                                                                                                                                    CCE Container Storage (Everest)
                                                                                                                                                                    
 
                                                                                                                                                                    This add-on is a cloud native container storage system, which enables clusters of Kubernetes v1.15.6 or later to use cloud storage through the Container Storage Interface (CSI).
                                                                                                                                                                    
+
                                                                                                                                                                    This add-on is a cloud native container storage system, which enables clusters of Kubernetes v1.15.6 or later to use cloud storage through the Container Storage Interface (CSI).
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    
                                                                                                                                                                     
 
                                                                                                                                                                    Table 1 Add-on statuses
                                                                                                                                                                    Status
                                                                                                                                                                    
+
                                                                                                                                                                    
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@@ -219,53 +231,53 @@
 
                                                                                                                                                                    Related Operations
                                                                                                                                                                    You can perform the operations listed in Table 2 on the Add-ons page.
-
                                                                                                                                                                    Table 1 Add-on statuses
                                                                                                                                                                    Status
                                                                                                                                                                    
 
                                                                                                                                                                    Attribute
                                                                                                                                                                    
+
                                                                                                                                                                    Attribute
                                                                                                                                                                    
 
                                                                                                                                                                    Description
                                                                                                                                                                    
+
                                                                                                                                                                    Description
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    
 
                                                                                                                                                                    Running
                                                                                                                                                                    
+
                                                                                                                                                                    Running
                                                                                                                                                                    
 
                                                                                                                                                                    Stable state
                                                                                                                                                                    
+
                                                                                                                                                                    Stable state
                                                                                                                                                                    
 
                                                                                                                                                                    The add-on is running properly, all add-on instances are deployed properly, and the add-on can be used properly.
                                                                                                                                                                    
+
                                                                                                                                                                    The add-on is running properly, all add-on instances are deployed properly, and the add-on can be used properly.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    Partially ready
                                                                                                                                                                    
+
                                                                                                                                                                    Partially ready
                                                                                                                                                                    
 
                                                                                                                                                                    Stable state
                                                                                                                                                                    
+
                                                                                                                                                                    Stable state
                                                                                                                                                                    
 
                                                                                                                                                                    The add-on is running properly, but some add-on instances are not properly deployed. In this state, the add-on functions may be unavailable.
                                                                                                                                                                    
+
                                                                                                                                                                    The add-on is running properly, but some add-on instances are not properly deployed. In this state, the add-on functions may be unavailable.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    Unavailable
                                                                                                                                                                    
+
                                                                                                                                                                    Unavailable
                                                                                                                                                                    
 
                                                                                                                                                                    Stable state
                                                                                                                                                                    
+
                                                                                                                                                                    Stable state
                                                                                                                                                                    
 
                                                                                                                                                                    The add-on malfunctions, and all add-on instances are not properly deployed.
                                                                                                                                                                    
+
                                                                                                                                                                    The add-on malfunctions, and all add-on instances are not properly deployed.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    Installing
                                                                                                                                                                    
+
                                                                                                                                                                    Installing
                                                                                                                                                                    
 
                                                                                                                                                                    Intermediate state
                                                                                                                                                                    
+
                                                                                                                                                                    Intermediate state
                                                                                                                                                                    
 
                                                                                                                                                                    The add-on is being deployed.
                                                                                                                                                                    
+
                                                                                                                                                                    The add-on is being deployed.
                                                                                                                                                                    
 
                                                                                                                                                                    If all instances cannot be scheduled due to incorrect add-on configuration or insufficient resources, the system sets the add-on status to Unavailable 10 minutes later.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    Installation failed
                                                                                                                                                                    
+
                                                                                                                                                                    Installation failed
                                                                                                                                                                    
 
                                                                                                                                                                    Stable state
                                                                                                                                                                    
+
                                                                                                                                                                    Stable state
                                                                                                                                                                    
 
                                                                                                                                                                    Install add-on failed. Uninstall it and try again.
                                                                                                                                                                    
+
                                                                                                                                                                    Install add-on failed. Uninstall it and try again.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    Upgrading
                                                                                                                                                                    
+
                                                                                                                                                                    Upgrading
                                                                                                                                                                    
 
                                                                                                                                                                    Intermediate state
                                                                                                                                                                    
+
                                                                                                                                                                    Intermediate state
                                                                                                                                                                    
 
                                                                                                                                                                    The add-on is being upgraded.
                                                                                                                                                                    
+
                                                                                                                                                                    The add-on is being upgraded.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    Upgrade failed
                                                                                                                                                                    
+
                                                                                                                                                                    Upgrade failed
                                                                                                                                                                    
 
                                                                                                                                                                    Stable state
                                                                                                                                                                    
+
                                                                                                                                                                    Stable state
                                                                                                                                                                    
 
                                                                                                                                                                    Upgrade add-on failed. Upgrade it again, or uninstall it and try again.
                                                                                                                                                                    
+
                                                                                                                                                                    Upgrade add-on failed. Upgrade it again, or uninstall it and try again.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    Rolling back
                                                                                                                                                                    
+
                                                                                                                                                                    Rolling back
                                                                                                                                                                    
 
                                                                                                                                                                    Intermediate state
                                                                                                                                                                    
+
                                                                                                                                                                    Intermediate state
                                                                                                                                                                    
 
                                                                                                                                                                    The add-on is rolling back.
                                                                                                                                                                    
+
                                                                                                                                                                    The add-on is rolling back.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    Rollback failed
                                                                                                                                                                    
+
                                                                                                                                                                    Rollback failed
                                                                                                                                                                    
 
                                                                                                                                                                    Stable state
                                                                                                                                                                    
+
                                                                                                                                                                    Stable state
                                                                                                                                                                    
 
                                                                                                                                                                    The add-on rollback failed. Retry the rollback, or uninstall it and try again.
                                                                                                                                                                    
+
                                                                                                                                                                    The add-on rollback failed. Retry the rollback, or uninstall it and try again.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    Deleting
                                                                                                                                                                    
+
                                                                                                                                                                    Deleting
                                                                                                                                                                    
 
                                                                                                                                                                    Intermediate state
                                                                                                                                                                    
+
                                                                                                                                                                    Intermediate state
                                                                                                                                                                    
 
                                                                                                                                                                    The add-on is being deleted.
                                                                                                                                                                    
+
                                                                                                                                                                    The add-on is being deleted.
                                                                                                                                                                    
 
                                                                                                                                                                    If this state stays for a long time, an exception occurred.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    Deletion failed
                                                                                                                                                                    
+
                                                                                                                                                                    Deletion failed
                                                                                                                                                                    
 
                                                                                                                                                                    Stable state
                                                                                                                                                                    
+
                                                                                                                                                                    Stable state
                                                                                                                                                                    
 
                                                                                                                                                                    Delete add-on failed. Try again.
                                                                                                                                                                    
+
                                                                                                                                                                    Delete add-on failed. Try again.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    Unknown
                                                                                                                                                                    
+
                                                                                                                                                                    Unknown
                                                                                                                                                                    
 
                                                                                                                                                                    Stable state
                                                                                                                                                                    
+
                                                                                                                                                                    Stable state
                                                                                                                                                                    
 
                                                                                                                                                                    No add-on chart found.
                                                                                                                                                                    
+
                                                                                                                                                                    No add-on chart found.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    
                                                                                                                                                                     
 
 
                                                                                                                                                                    Table 2 Related operations
                                                                                                                                                                    Operation
                                                                                                                                                                    
+
                                                                                                                                                                    
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@@ -273,8 +285,9 @@
 
                                                                                                                                                                    Table 2 Related operations
                                                                                                                                                                    Operation
                                                                                                                                                                    
 
                                                                                                                                                                    Description
                                                                                                                                                                    
+
                                                                                                                                                                    Description
                                                                                                                                                                    
 
                                                                                                                                                                    Procedure
                                                                                                                                                                    
+
                                                                                                                                                                    Procedure
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    
 
                                                                                                                                                                    Install
                                                                                                                                                                    
+
                                                                                                                                                                    Install
                                                                                                                                                                    
 
                                                                                                                                                                    Install a specified add-on.
                                                                                                                                                                    
+
                                                                                                                                                                    Install a specified add-on.
                                                                                                                                                                    
 
                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Add-ons.
                                                                                                                                                                    2. Click Install under the target add-on.
                                                                                                                                                                      Each add-on has different configuration parameters. For details, see the corresponding chapter.
                                                                                                                                                                      
+
                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Add-ons.
                                                                                                                                                                    2. Click Install under the target add-on.
                                                                                                                                                                      Each add-on has different configuration parameters. For details, see the corresponding chapter.
                                                                                                                                                                      
 
                                                                                                                                                                    3. Click OK.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    Upgrade
                                                                                                                                                                    
+
                                                                                                                                                                    Upgrade
                                                                                                                                                                    
 
                                                                                                                                                                    Upgrade an add-on to the new version.
                                                                                                                                                                    
+
                                                                                                                                                                    Upgrade an add-on to the new version.
                                                                                                                                                                    
 
                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Add-ons.
                                                                                                                                                                    2. If an add-on can be upgraded, the Upgrade button is displayed under it.
                                                                                                                                                                      Click Upgrade. Each add-on has different configuration parameters. For details, see the corresponding chapter.
                                                                                                                                                                      
+
                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Add-ons.
                                                                                                                                                                    2. If an add-on can be upgraded, the Upgrade button is displayed under it.
                                                                                                                                                                      Click Upgrade. Each add-on has different configuration parameters. For details, see the corresponding chapter.
                                                                                                                                                                      
 
                                                                                                                                                                    3. Click OK.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    Edit
                                                                                                                                                                    
+
                                                                                                                                                                    Edit
                                                                                                                                                                    
 
                                                                                                                                                                    Edit add-on parameters.
                                                                                                                                                                    
+
                                                                                                                                                                    Edit add-on parameters.
                                                                                                                                                                    
 
                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Add-ons.
                                                                                                                                                                    2. Click Edit under the target add-on.
                                                                                                                                                                      Each add-on has different configuration parameters. For details, see the corresponding chapter.
                                                                                                                                                                      
+
                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Add-ons.
                                                                                                                                                                    2. Click Edit under the target add-on.
                                                                                                                                                                      Each add-on has different configuration parameters. For details, see the corresponding chapter.
                                                                                                                                                                      
 
                                                                                                                                                                    3. Click OK.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    Uninstall
                                                                                                                                                                    
+
                                                                                                                                                                    Uninstall
                                                                                                                                                                    
 
                                                                                                                                                                    Uninstall an add-on from the cluster.
                                                                                                                                                                    
+
                                                                                                                                                                    Uninstall an add-on from the cluster.
                                                                                                                                                                    
 
                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Add-ons.
                                                                                                                                                                    2. Click Uninstall under the target add-on.
                                                                                                                                                                    3. In the displayed dialog box, click Yes.
                                                                                                                                                                      This operation cannot be undone.
                                                                                                                                                                      
+
                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Add-ons.
                                                                                                                                                                    2. Click Uninstall under the target add-on.
                                                                                                                                                                    3. In the displayed dialog box, click Yes.
                                                                                                                                                                      This operation cannot be undone.
                                                                                                                                                                      
 
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    Roll back
                                                                                                                                                                    
+
                                                                                                                                                                    Roll back
                                                                                                                                                                    
 
                                                                                                                                                                    Roll back an add-on to the source version.
                                                                                                                                                                    
-
                                                                                                                                                                     NOTE: 
                                                                                                                                                                    • This function is used to roll back an upgraded add-on to the source version, not to undo the editing of add-on parameters.
                                                                                                                                                                    • An add-on cannot be rolled back repeatedly.
                                                                                                                                                                    
+
                                                                                                                                                                    Roll back an add-on to the source version.
                                                                                                                                                                    
+
                                                                                                                                                                     NOTE: 
                                                                                                                                                                    • If you have modified the add-on startup parameters, check and delete the custom parameters before the rollback. If you do not perform these operations, the rollback may fail because the target version may not support these parameters.
                                                                                                                                                                    • After the add-on is upgraded, you can roll back the add-on to the source version. If only the add-on parameters are updated, the add-on cannot be rolled back.
                                                                                                                                                                    • An add-on cannot be rolled back repeatedly.
                                                                                                                                                                    
 
                                                                                                                                                                    
 
                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Add-ons.
                                                                                                                                                                    2. If an add-on can be rolled back, the Roll Back button is displayed under it.
                                                                                                                                                                      Click Roll Back.
                                                                                                                                                                      
+
                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Add-ons.
                                                                                                                                                                    2. If an add-on can be rolled back, the Roll Back button is displayed under it.
                                                                                                                                                                      Click Roll Back.
                                                                                                                                                                      
 
                                                                                                                                                                    3. In the displayed dialog box, click Yes.
                                                                                                                                                                    
                                                                                                                                                                     		
 
                                                                                                                                                                    
 
                                                                                                                                                                    
 
                                                                                                                                                                     
                                                                                                                                                                    Rollback is supported by the following add-ons of certain versions:
                                                                                                                                                                    
-
                                                                                                                                                                    • CoreDNS: 1.25.11 and later versions
                                                                                                                                                                    • CCE Container Storage (Everest): 2.1.19 and later versions
                                                                                                                                                                    • CCE Cluster Autoscaler
                                                                                                                                                                      • v1.21 clusters: v1.21.22 and later versions
                                                                                                                                                                      • v1.23 clusters: v1.23.24 and later versions
                                                                                                                                                                      • v1.25 clusters: v1.25.14 and later versions
                                                                                                                                                                      
-
                                                                                                                                                                    • Volcano Scheduler: 1.11.4 and later versions
                                                                                                                                                                    • CCE Node Problem Detector: 1.18.22 and later versions
                                                                                                                                                                    
+
                                                                                                                                                                    • CoreDNS: 1.25.11 and later versions
                                                                                                                                                                    • CCE Container Storage (Everest): 2.1.19 and later versions
                                                                                                                                                                    • CCE Cluster Autoscaler
                                                                                                                                                                      • v1.21 clusters: 1.21.22 and later versions
                                                                                                                                                                      • v1.23 clusters: 1.23.24 and later versions
                                                                                                                                                                      • v1.25 clusters: 1.25.14 and later versions
                                                                                                                                                                      
+
                                                                                                                                                                    • Volcano Scheduler: 1.11.4 and later versions
                                                                                                                                                                    • CCE Node Problem Detector: 1.18.22 and later versions
                                                                                                                                                                    • CCE AI Suite (NVIDIA GPU)
                                                                                                                                                                      • v1.28 and later clusters: 2.7.35 and later versions (The source version must be later than 2.7.13).
                                                                                                                                                                      • v1.27 and earlier clusters: 2.1.19 and later versions (The source version must be later than 2.1.8).
                                                                                                                                                                      
+
                                                                                                                                                                    
 
                                                                                                                                                                    
 
 
diff --git a/docs/cce/umn/cce_10_0278.html b/docs/cce/umn/cce_10_0278.html
index 212446bd2..a96c3d839 100644
--- a/docs/cce/umn/cce_10_0278.html
+++ b/docs/cce/umn/cce_10_0278.html
@@ -12,7 +12,7 @@
 
                                                                                                                                                                    • Created automatically: When a cluster is up, the default, kube-public, kube-system, and kube-node-lease namespaces are created by default.
                                                                                                                                                                      • default: All objects for which no namespace is specified are allocated to this namespace.
                                                                                                                                                                      • kube-public: Resources in this namespace can be accessed by all users (including unauthenticated users) so that some resources in the cluster can be readable in the entire cluster. This is a reserved Kubernetes namespace. Its common attributes are only conventions but not requirements.
                                                                                                                                                                      • kube-system: All resources created by Kubernetes are in this namespace.
                                                                                                                                                                      • kube-node-lease: Each node has an associated Lease object in this namespace. The object is periodically updated by the node. Both NodeStatus and NodeLease are considered as heartbeats from a node. In versions earlier than v1.13, only NodeStatus is available. The NodeLease feature is introduced in v1.13. NodeLease is more lightweight than NodeStatus. This feature significantly improves the cluster scalability and performance.
                                                                                                                                                                      
 
                                                                                                                                                                    • Created manually: You can create namespaces to serve separate purposes. For example, you can create three namespaces, one for a development environment, one for joint debugging environment, and one for test environment. You can also create one namespace for login services and one for game services.
                                                                                                                                                                    • Service mesh namespace: When ASM is used, namespaces named istio-system, asm-system, istio-operator, and mantis-system will be automatically created. These namespaces do not support quota management. Manually creating namespaces with these names will also affect these namespaces.
                                                                                                                                                                    
 
-
                                                                                                                                                                    Creating a Namespace on the Console
                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                    2. Choose Namespaces in the navigation pane and click Create Namespace in the upper right corner.
                                                                                                                                                                    3. Set namespace parameters based on Table 1.
                                                                                                                                                                      
+
                                                                                                                                                                      Creating a Namespace on the Console
                                                                                                                                                                      1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                      2. Choose Namespaces in the navigation pane and click Create Namespace in the upper right corner.
                                                                                                                                                                      3. Set namespace parameters based on Table 1.
                                                                                                                                                                        
 
                                                                                                                                                                        
-
                                                                                                                                                                        Table 1 Parameters for creating a namespace
                                                                                                                                                                        Parameter
                                                                                                                                                                        
                                                                                                                                                                         		
 
                                                                                                                                                                        Description
                                                                                                                                                                        
@@ -31,7 +31,7 @@
 
                                                                                                                                                                        
 
                                                                                                                                                                        Quota Management
                                                                                                                                                                        
 
                                                                                                                                                                        Resource quotas can limit the amount of resources available in namespaces, achieving resource allocation by namespace.
                                                                                                                                                                        
+
                                                                                                                                                                        Resource quotas can limit the number of resources available in namespaces, achieving resource allocation by namespace.
                                                                                                                                                                        
 
                                                                                                                                                                         NOTICE: 
                                                                                                                                                                        Configure resource quotas for each namespace to prevent overloading the cluster or nodes with excessive resources.
                                                                                                                                                                        
 
                                                                                                                                                                        For example, if your cluster resources are limited but you need to use multiple namespaces to isolate resources of different services, you can configure resource quotas for each namespace to maintain cluster stability and proper resource allocation.
                                                                                                                                                                        
 
                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_10_0279.html b/docs/cce/umn/cce_10_0279.html
index 556c114a0..122b8c964 100644
--- a/docs/cce/umn/cce_10_0279.html
+++ b/docs/cce/umn/cce_10_0279.html
@@ -1,44 +1,49 @@
 
 
-
                                                                                                                                                                        Overview
                                                                                                                                                                        
-
                                                                                                                                                                        Auto scaling is a service that automatically and economically adjusts service resources based on your service requirements and configured policies.
                                                                                                                                                                        
-
                                                                                                                                                                        Context
                                                                                                                                                                        More and more applications run on Kubernetes. It becomes increasingly important to quickly scale out applications on Kubernetes to cope with service peaks and to scale in applications during off-peak hours to save resources and reduce costs.
                                                                                                                                                                        
-
                                                                                                                                                                        In a Kubernetes cluster, auto scaling involves pods and nodes. A pod is an application instance. Each pod contains one or more containers and runs on a node (VM or bare-metal server). If a cluster does not have sufficient nodes to run new pods, add nodes to the cluster to ensure service running.
                                                                                                                                                                        
-
                                                                                                                                                                        In CCE, auto scaling is used for online services, large-scale computing and training, deep learning GPU or shared GPU training and inference, periodic load changes, and many other scenarios.
                                                                                                                                                                        
-
                                                                                                                                                                        
+
                                                                                                                                                                        Auto Scaling Overview
                                                                                                                                                                        
+
                                                                                                                                                                        As applications increasingly run on Kubernetes, the ability to rapidly scale out during peak times and scale in during off-peak hours becomes crucial for efficiently managing resources and reducing costs.
                                                                                                                                                                        
+
                                                                                                                                                                        Auto scaling is widely used in CCE. Typical use cases are as follows:
                                                                                                                                                                        
+
                                                                                                                                                                        • Online service scaling: Pods and nodes are automatically scaled out during peak hours (for example, holidays and promotions) to handle increased user requests, and scaled in during off-peak hours to cut costs.
                                                                                                                                                                        • Large-scale computing training: The number of pods and nodes is dynamically adjusted according to the demands of computing tasks to accelerate execution.
                                                                                                                                                                        • Deep learning GPU training and inference: GPU resources are dynamically allocated to optimize the efficiency of training and inference tasks. GPU nodes are automatically added or removed as needed to enhance resource utilization.
                                                                                                                                                                        • Scheduled or periodic resource adjustment: Pods and nodes are automatically scaled at specific times to accommodate scheduled tasks. Resources are dynamically adjusted based on task requirements to ensure smooth execution.
                                                                                                                                                                        
 
                                                                                                                                                                        Auto Scaling in CCE
                                                                                                                                                                        CCE supports auto scaling for workloads and nodes.
                                                                                                                                                                        
-
                                                                                                                                                                        • Workload scaling: Auto scaling at the scheduling layer to change the scheduling capacity of workloads. For example, you can use the HPA, a scaling component at the scheduling layer, to adjust the number of replicas of an application. Adjusting the number of replicas changes the scheduling capacity occupied by the current workload, thereby enabling scaling at the scheduling layer.
                                                                                                                                                                        • Node scaling: Auto scaling at the resource layer. When the planned cluster nodes cannot allow workload scheduling, ECS resources are provided to support scheduling. 
                                                                                                                                                                        
+
                                                                                                                                                                        • Workload scaling involves adjusting the number or specifications of pods at the scheduling layer to adapt to changes in workload demands. For example, the number of pods can be automatically increased during peak hours to handle more user requests and then scaled down during off-peak hours to reduce costs.
                                                                                                                                                                        • Node scaling involves dynamically adding or reducing compute resources (such as ECSs) at the resource layer based on the scheduling status of pods. This approach ensures that clusters are well-resourced for high loads and minimizes waste during low demand.
                                                                                                                                                                        
 
                                                                                                                                                                        
-
                                                                                                                                                                        Components
                                                                                                                                                                        
-
                                                                                                                                                                        
-
                                                                                                                                                                        Workload Scaling Types
                                                                                                                                                                        
+
                                                                                                                                                                        Components
                                                                                                                                                                        Workload Scaling Types
                                                                                                                                                                        
 
-
                                                                                                                                                                        Table 1 Workload scaling types
                                                                                                                                                                        Type
                                                                                                                                                                        
+
                                                                                                                                                                        
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
@@ -46,23 +51,23 @@
 
                                                                                                                                                                        Node Scaling Types
                                                                                                                                                                        
 
-
                                                                                                                                                                        Table 1 Workload scaling types
                                                                                                                                                                        Type
                                                                                                                                                                        
 
                                                                                                                                                                        Component
                                                                                                                                                                        
+
                                                                                                                                                                        Component
                                                                                                                                                                        
 
                                                                                                                                                                        Description
                                                                                                                                                                        
+
                                                                                                                                                                        Description
                                                                                                                                                                        
 
                                                                                                                                                                        Reference
                                                                                                                                                                        
+
                                                                                                                                                                        Reference
                                                                                                                                                                        
                                                                                                                                                                         		
 
                                                                                                                                                                        
 
                                                                                                                                                                        HPA
                                                                                                                                                                        
+
                                                                                                                                                                        HPA
                                                                                                                                                                        
 
                                                                                                                                                                        HorizontalPodAutoscaler (built-in Kubernetes component)
                                                                                                                                                                        
+
                                                                                                                                                                        HorizontalPodAutoscaler (built-in Kubernetes component)
                                                                                                                                                                        
 
                                                                                                                                                                        HorizontalPodAutoscaler is a built-in component of Kubernetes for Horizontal Pod Autoscaling (HPA). CCE incorporates the application-level cooldown time window and scaling threshold functions into Kubernetes HPA.
                                                                                                                                                                        
+
                                                                                                                                                                        HorizontalPodAutoscaler is a built-in component of Kubernetes for Horizontal Pod Autoscaling (HPA). CCE incorporates the application-level cooldown time window and scaling threshold functions into Kubernetes HPA.
                                                                                                                                                                        
 
                                                                                                                                                                        Creating an HPA Policy
                                                                                                                                                                        
+
                                                                                                                                                                        Creating an HPA Policy
                                                                                                                                                                        
                                                                                                                                                                         		
 
                                                                                                                                                                        CronHPA
                                                                                                                                                                        
+
                                                                                                                                                                        CronHPA
                                                                                                                                                                        
 
                                                                                                                                                                        CCE Advanced HPA
                                                                                                                                                                        
+
                                                                                                                                                                        CCE Advanced HPA
                                                                                                                                                                        
 
                                                                                                                                                                        CronHPA can scale in or out a cluster at a fixed time. It can work with HPA policies to periodically adjust the HPA scaling scope, implementing workload scaling in complex scenarios.
                                                                                                                                                                        
+
                                                                                                                                                                        CronHPA can scale in or out a cluster at a fixed time. It can work with HPA policies to periodically adjust the HPA scaling scope, implementing workload scaling in complex scenarios.
                                                                                                                                                                        
 
                                                                                                                                                                        Creating a Scheduled CronHPA Policy
                                                                                                                                                                        
+
                                                                                                                                                                        Creating a Scheduled CronHPA Policy
                                                                                                                                                                        
+
                                                                                                                                                                        AHPA
                                                                                                                                                                        
+
                                                                                                                                                                        CCE Advanced HPA
                                                                                                                                                                        
+
                                                                                                                                                                        Advanced Horizontal Pod Autoscaler, which performs scaling beforehand based on historical data.
                                                                                                                                                                        
+
                                                                                                                                                                        Creating an AHPA Policy
                                                                                                                                                                        
                                                                                                                                                                         		
 
                                                                                                                                                                        
                                                                                                                                                                         
 
                                                                                                                                                                        Table 2 Node scaling types
                                                                                                                                                                        Component Name
                                                                                                                                                                        
+
                                                                                                                                                                        
-
-
-
-
-
-
-
diff --git a/docs/cce/umn/cce_10_0280.html b/docs/cce/umn/cce_10_0280.html
index a72650a0f..c47fdbd3a 100644
--- a/docs/cce/umn/cce_10_0280.html
+++ b/docs/cce/umn/cce_10_0280.html
@@ -1,6 +1,6 @@
 
 
-
                                                                                                                                                                        Container Network
                                                                                                                                                                        
+
                                                                                                                                                                        Container Networks
                                                                                                                                                                        
 
                                                                                                                                                                          
@@ -17,7 +17,7 @@
 
                                                                                                                                                                        
 
 
                                                                                                                                                                        
-
                                                                                                                                                                        Parent topic: Network
                                                                                                                                                                        
+
                                                                                                                                                                        Parent topic: Networking
                                                                                                                                                                        
 
                                                                                                                                                                        
 
                                                                                                                                                                        
 
diff --git a/docs/cce/umn/cce_10_0281.html b/docs/cce/umn/cce_10_0281.html
index 442eda7cf..ad147fb24 100644
--- a/docs/cce/umn/cce_10_0281.html
+++ b/docs/cce/umn/cce_10_0281.html
@@ -1,8 +1,10 @@
 
                                                                                                                                                                        Overview
                                                                                                                                                                        
-
                                                                                                                                                                        The container network assigns IP addresses to pods in a cluster and provides networking services. In CCE, you can select the following network models for your cluster:
                                                                                                                                                                        
-
+
                                                                                                                                                                        A container network assigns IP addresses to pods in a cluster and provides networking services. In CCE, you can select the following network models for your cluster:
                                                                                                                                                                        
+
                                                                                                                                                                        • Cloud Native Network 2.0 is a proprietary, next-generation model that combines the network interfaces and supplementary network interfaces of VPC. This allows you to bind network interfaces or supplementary network interfaces to pods, giving each pod unique IP address within the VPC. This model also has features like ELB passthrough networking and association of security groups and EIPs with pods. It is suitable for scenarios that have high requirements on the node scale, network performance, and security, such as high-performance computing and gaming.
                                                                                                                                                                        • The VPC network model seamlessly combines VPC routing with the underlying network, making it ideal for high-performance scenarios. However, the maximum number of nodes allowed in a cluster is determined by the VPC route quota. This model is suitable for small- and medium-scale networking.
                                                                                                                                                                          In the VPC network model, container CIDR blocks are separate from node CIDR blocks. To allocate IP addresses to pods running on a node in a cluster, each node in the cluster is allocated with a pod IP range for a fixed number of IP addresses. This network model outperforms the container tunnel network model in terms of performance because it does not have tunnel encapsulation overhead. When the VPC network model is used in a cluster, the routes between container CIDR blocks and VPC CIDR blocks are automatically configured in the VPC route table. This means that pods within the cluster can be accessed directly from cloud servers in the same VPC, even if they are outside the cluster.
                                                                                                                                                                          
+
                                                                                                                                                                        • The container tunnel network creates a separate network plane for containers by using tunnel encapsulation on the host network plane. This network model uses VXLAN for tunnel encapsulation and Open vSwitch as the virtual switch backend. VXLAN is a protocol that encapsulates Ethernet packets into UDP packets to transmit them through tunnels. Open vSwitch is an open-source virtual switch that provides functions such as network isolation and data forwarding.
                                                                                                                                                                          While there may be some performance costs, packet encapsulation and tunnel transmission allow for greater interoperability and compatibility with advanced features, such as network policy–based isolation, in most common scenarios.
                                                                                                                                                                          
+
                                                                                                                                                                        
 
                                                                                                                                                                        Network Model Comparison
                                                                                                                                                                        Table 1 describes the differences of network models supported by CCE.
                                                                                                                                                                        
 
                                                                                                                                                                         
                                                                                                                                                                        After a cluster is created, the network model cannot be changed.
                                                                                                                                                                        
 
                                                                                                                                                                        
@@ -24,16 +26,16 @@
 
 
                                                                                                                                                                        
-
-
-
-
-
-
-
+
+
+
+
+
-
-
-
@@ -99,7 +112,7 @@
 
                                                                                                                                                                        
 
                                                                                                                                                                        
-
                                                                                                                                                                        Parent topic: Container Network
                                                                                                                                                                        
+
                                                                                                                                                                        Parent topic: Container Networks
                                                                                                                                                                        
 
                                                                                                                                                                        
 
                                                                                                                                                                        
 
diff --git a/docs/cce/umn/cce_10_0282.html b/docs/cce/umn/cce_10_0282.html
index b5adc0d31..890f1a10f 100644
--- a/docs/cce/umn/cce_10_0282.html
+++ b/docs/cce/umn/cce_10_0282.html
@@ -1,27 +1,27 @@
 
                                                                                                                                                                        Tunnel Network Model
                                                                                                                                                                        
-
                                                                                                                                                                        Model Definition
                                                                                                                                                                        A container tunnel network creates a separate network plane for containers by using tunnel encapsulation on the host network plane. The container tunnel network of a CCE cluster uses VXLAN for tunnel encapsulation and Open vSwitch as the virtual switch backend. VXLAN is a protocol that encapsulates Ethernet packets into UDP packets to transmit them through tunnels. Open vSwitch is an open-source virtual switch software that provides functions such as network isolation and data forwarding.
                                                                                                                                                                        
-
                                                                                                                                                                        While there may be some performance costs, packet encapsulation and tunnel transmission allow for greater interoperability and compatibility with advanced features, such as network policy-based isolation, in most common scenarios.
                                                                                                                                                                        Figure 1 Container tunnel network
                                                                                                                                                                        
+
                                                                                                                                                                        Model Definition
                                                                                                                                                                        A container tunnel network creates a separate network plane for containers by using tunnel encapsulation on the host network plane. This network model uses VXLAN for tunnel encapsulation and Open vSwitch as the virtual switch backend. VXLAN is a protocol that encapsulates Ethernet packets into UDP packets to transmit them through tunnels. Open vSwitch is an open-source virtual switch that provides functions such as network isolation and data forwarding.
                                                                                                                                                                        
+
                                                                                                                                                                        While there may be some performance costs, packet encapsulation and tunnel transmission allow for greater interoperability and compatibility with advanced features, such as network policy-based isolation, in most common scenarios.
                                                                                                                                                                        Figure 1 Container tunnel network
                                                                                                                                                                        
 
                                                                                                                                                                        
 
                                                                                                                                                                        In a cluster using the container tunnel model, the communication paths between pods on the same node and between pods on different nodes are different.
                                                                                                                                                                        
-
                                                                                                                                                                        • Inter-pod communication on the same node: Packets are directly forwarded via the OVS bridge on the node.
                                                                                                                                                                        • Inter-pod communication on different nodes: Packets are encapsulated in the OVS bridge and then forwarded to the target pod on the peer node through the host NIC.
                                                                                                                                                                        
+
                                                                                                                                                                        • Inter-pod communication on the same node: Packets are directly forwarded via the OVS bridge on the node.
                                                                                                                                                                        • Inter-pod communication on different nodes: Packets are encapsulated in the OVS bridge and then forwarded to the target pod on the peer node through the host network interface.
                                                                                                                                                                        
 
                                                                                                                                                                        
 
                                                                                                                                                                        Advantages and Disadvantages
                                                                                                                                                                        Advantages
                                                                                                                                                                        
-
                                                                                                                                                                        • The container network is decoupled from the node network and is not limited by the VPC quotas and response speed (such as the number of VPC routes, number of ENIs, and creation speed).
                                                                                                                                                                        • Network isolation is supported. For details, see Configuring Network Policies to Restrict Pod Access.
                                                                                                                                                                        • Bandwidth limits are supported.
                                                                                                                                                                        • Large-scale networking with a maximum of 2000 nodes is supported.
                                                                                                                                                                        
+
                                                                                                                                                                        • The container network is decoupled from the node network and is not limited by the VPC quotas and response speed (such as the number of VPC routes, number of network·interfaces, and creation speed).
                                                                                                                                                                        • Network isolation is supported. For details, see Configuring Network Policies to Restrict Pod Access.
                                                                                                                                                                        • Bandwidth limits are supported.
                                                                                                                                                                        • Large-scale networking with a maximum of 2000 nodes is supported.
                                                                                                                                                                        
 
                                                                                                                                                                        Disadvantages
                                                                                                                                                                        
-
                                                                                                                                                                        • High encapsulation overhead results in poor performance and makes it difficult to locate network faults.
                                                                                                                                                                        • Pods cannot directly use features like EIPs and security groups.
                                                                                                                                                                        • Container IP addresses cannot be directly accessed by external networks.
                                                                                                                                                                        
+
                                                                                                                                                                        • High encapsulation overhead results in poor performance and makes it difficult to locate network faults.
                                                                                                                                                                        • Pods cannot directly use features like EIPs and security groups.
                                                                                                                                                                        • Pod IP addresses cannot be directly accessed by external networks.
                                                                                                                                                                        
 
                                                                                                                                                                        
 
                                                                                                                                                                        Application Scenarios
                                                                                                                                                                        • Low requirements on performance: As the container tunnel network requires additional VXLAN tunnel encapsulation, it has about 5% to 15% of performance loss when compared with the other two container network models. Therefore, the container tunnel network applies to the scenarios that do not have high performance requirements, such as web applications, and middle-end and back-end services with a small number of access requests.
                                                                                                                                                                        • Large-scale networking: Different from the VPC network that is limited by the VPC route quota, the container tunnel network does not have any restriction on the infrastructure. In addition, the container tunnel network controls the broadcast domain to the node level. The container tunnel network supports a maximum of 2000 nodes.
                                                                                                                                                                        
 
                                                                                                                                                                        
-
                                                                                                                                                                        Container IP Address Management
                                                                                                                                                                        The container tunnel network allocates container IP addresses according to the following rules:
                                                                                                                                                                        
+
                                                                                                                                                                        Pod IP Address Management
                                                                                                                                                                        The container tunnel network allocates pod IP addresses according to the following rules:
                                                                                                                                                                        
 
                                                                                                                                                                        • Container CIDR blocks are separate from node CIDR blocks.
                                                                                                                                                                        • IP addresses are allocated by node. One or more CIDR blocks with a fixed size (16 by default) are allocated to each node in a cluster from the container CIDR block.
                                                                                                                                                                        • When the IP addresses on a node are used up, you can apply for a new CIDR block.
                                                                                                                                                                        • A container CIDR block assigns CIDR blocks to new nodes or existing nodes in a cyclical sequence.
                                                                                                                                                                        • IP addresses from one or more CIDR blocks assigned to a node are allocated to pods scheduled to that node in a cyclical manner.
                                                                                                                                                                        
-
                                                                                                                                                                        Figure 2 IP address allocation of the container tunnel network
                                                                                                                                                                        
+
                                                                                                                                                                        Figure 2 IP address allocation of the container tunnel network
                                                                                                                                                                        
 
                                                                                                                                                                        Maximum number of nodes that can be created in the cluster using the container tunnel network = Number of IP addresses in the container CIDR block/Size of the IP CIDR block allocated to the node by the container CIDR block at a time (16 by default)
                                                                                                                                                                        
-
                                                                                                                                                                        For example, if the container CIDR block is 172.16.0.0/16, the number of IP addresses is 65536. The mask of the container CIDR block allocated to a node is 28. That is, a total of 16 container IP addresses are allocated each time. Therefore, a maximum of 4096 (65536/16) nodes can be created. This is an extreme case. If 4096 nodes are created, a maximum of 16 pods can be created for each node because only a CIDR block with 16 IP addresses is allocated to each node. The number of nodes that can be added to a cluster is also determined by the available IP addresses in the node subnet and the scale of the cluster.
                                                                                                                                                                        
+
                                                                                                                                                                        For example, if the container CIDR block is 172.16.0.0/16, the number of IP addresses is 65,536. If the mask of the container CIDR block allocated to each node is 28 (a total of 16 pod IP addresses allocated each time), a maximum of 4,096 (65536/16) nodes can be created. This is an extreme case. If 4,096 nodes are created, a maximum of 16 pods can be created for each node because only a CIDR block with 16 IP addresses is allocated to each node. The number of nodes that can be added to a cluster is also determined by the available IP addresses in the node subnet and the scale of the cluster.
                                                                                                                                                                        
 
                                                                                                                                                                        
-
                                                                                                                                                                        Recommendation for CIDR Block Planning
                                                                                                                                                                        As explained in Cluster Network Structure, network addresses in a cluster are divided into the cluster network, container network, and service network. When planning network addresses, consider the following factors:
                                                                                                                                                                        
-
                                                                                                                                                                        • The three CIDR blocks cannot overlap. Otherwise, a conflict occurs. 
                                                                                                                                                                        • Ensure that each CIDR block has sufficient IP addresses.
                                                                                                                                                                          • The IP addresses in the cluster CIDR block must match the cluster scale. Otherwise, nodes cannot be created due to insufficient IP addresses.
                                                                                                                                                                          • The IP addresses in the container CIDR block must match the service scale. Otherwise, pods cannot be created due to insufficient IP addresses. The number of pods that can be created on each node also depends on other parameter settings.
                                                                                                                                                                          
+
                                                                                                                                                                          Recommendation for CIDR Block Planning
                                                                                                                                                                          As explained in Cluster Network Structure, there are three networks in a cluster: cluster network, container network, and Service network. When planning network addresses, consider the following:
                                                                                                                                                                          
+
                                                                                                                                                                          • The three CIDR blocks cannot overlap. Otherwise, a conflict occurs. 
                                                                                                                                                                          • Ensure that each CIDR block has sufficient IP addresses.
                                                                                                                                                                            • The IP addresses in cluster CIDR blocks must match the cluster scale. Otherwise, nodes cannot be created due to insufficient IP addresses.
                                                                                                                                                                            • The IP addresses in container CIDR blocks must match the service scale. Otherwise, pods cannot be created due to insufficient IP addresses. The number of pods that can be created on each node also depends on other parameter settings.
                                                                                                                                                                            
 
                                                                                                                                                                          
 
                                                                                                                                                                          
 
                                                                                                                                                                          Example of Container Tunnel Network Access
                                                                                                                                                                          The following is an example of creating a workload in a cluster using the container tunnel network model:
                                                                                                                                                                          
@@ -64,7 +64,7 @@ example-5bdc5699b7-lfxkm   1/1     Running   0          3m28s   10.0.0.22   192.
 example-5bdc5699b7-wjcmg   1/1     Running   0          3m28s   10.0.0.52   192.168.0.64   <none>           <none>
 
                                                                                                                                                                        • Use a cloud server in the same VPC to directly access a pod's IP address from outside the cluster. The access failed.
                                                                                                                                                                          You can access a pod using its IP address within the pod or from a node in the cluster. In the following example, access a pod's IP address within the pod. example-5bdc5699b7-5rvq4 is the pod name, and 10.0.0.21 is the pod IP address.
                                                                                                                                                                          kubectl exec -it example-5bdc5699b7-5rvq4 -- curl 10.0.0.21
                                                                                                                                                                          
 
                                                                                                                                                                          
-
                                                                                                                                                                          If the following information is displayed, the workload can be properly accessed:
                                                                                                                                                                          
+
                                                                                                                                                                          If the following information is displayed, the workload can be accessed:
                                                                                                                                                                          
 
                                                                                                                                                                          <!DOCTYPE html>
 <html>
 <head>
@@ -92,6 +92,8 @@ Commercial support is available at
 </html>
                                                                                                                                                                          
 
                                                                                                                                                                          • 
 
                                                                                                                                                                        
+
                                                                                                                                                                        Helpful Links
                                                                                                                                                                        
+
                                                                                                                                                                        
 
                                                                                                                                                                        
 
                                                                                                                                                                        
 
                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_10_0283.html b/docs/cce/umn/cce_10_0283.html
index 6cc1cc362..d59575282 100644
--- a/docs/cce/umn/cce_10_0283.html
+++ b/docs/cce/umn/cce_10_0283.html
@@ -1,10 +1,10 @@
 
 
 
                                                                                                                                                                        VPC Network Model
                                                                                                                                                                        
-
                                                                                                                                                                        Model Definition
                                                                                                                                                                        The VPC network model seamlessly combines VPC routing with the underlying network, making it ideal for high-performance scenarios. However, the maximum number of nodes allowed in a cluster is determined by the VPC route quota. In the VPC network model, container CIDR blocks are separate from node CIDR blocks. To allocate IP addresses to containers running on a node in a cluster, each node in the cluster is allocated with a container CIDR block for a fixed number of IP addresses. The VPC network model outperforms the container tunnel network model in terms of performance because it does not have tunnel encapsulation overhead. When using the VPC network model in a cluster, the VPC route table automatically configures the routes between container CIDR blocks and VPC CIDR blocks. This means that pods within the cluster can be accessed directly from cloud servers in the same VPC, even if they are outside the cluster.
                                                                                                                                                                        Figure 1 VPC network model
                                                                                                                                                                        
+
                                                                                                                                                                        Model Definition
                                                                                                                                                                        The VPC network model seamlessly combines VPC routing with the underlying network, making it ideal for high-performance scenarios. However, the maximum number of nodes allowed in a cluster is determined by the VPC route quota. In the VPC network model, container CIDR blocks are separate from node CIDR blocks. To allocate IP addresses to pods running on a node in a cluster, each node in the cluster is allocated with a pod IP range for a fixed number of IP addresses. The VPC network model outperforms the container tunnel network model in terms of performance because it does not have tunnel encapsulation overhead. When the VPC network model is used in a cluster, the routes between container CIDR blocks and VPC CIDR blocks are automatically configured in the VPC route table. This means that pods within the cluster can be accessed directly from cloud servers in the same VPC, even if they are outside the cluster.
                                                                                                                                                                        Figure 1 VPC network model
                                                                                                                                                                        
 
                                                                                                                                                                        
 
                                                                                                                                                                        In a cluster using the VPC network model, network communication paths are as follows:
                                                                                                                                                                        
-
                                                                                                                                                                        • Inter-pod communication on the same node: Packets are directly forwarded through IPvlan.
                                                                                                                                                                        • Inter-pod communication on different nodes: The traffic accesses the default gateway by following the route specified in the VPC route table and then is forwarded to the target pod on another node using VPC routing.
                                                                                                                                                                        • Pod communication with the Internet: When a container in a cluster needs to access the Internet, CCE uses NAT to translate the container's IP address into the node IP address so that the pod communicates externally using the node IP address.
                                                                                                                                                                        
+
                                                                                                                                                                        • Inter-pod communication on the same node: Packets are directly forwarded through IPVLAN.
                                                                                                                                                                        • Inter-pod communication on different nodes: The traffic accesses the default gateway by following the route specified in the VPC route table and then is forwarded to the target pod on another node using VPC routing.
                                                                                                                                                                        • Pod communication with the Internet: When a container in a cluster needs to access the Internet, CCE uses NAT to translate the pod's IP address into the node IP address so that the pod communicates externally using the node IP address.
                                                                                                                                                                        
 
                                                                                                                                                                        
 
                                                                                                                                                                        Advantages and Disadvantages
                                                                                                                                                                        Advantages
                                                                                                                                                                        
 
                                                                                                                                                                        • High performance and simplified network fault locating are achieved by eliminating the need for tunnel encapsulation.
                                                                                                                                                                        • A VPC route table automatically configures routes between container CIDR blocks and VPC CIDR blocks. This enables resources in the VPC to directly communicate with containers in the cluster.
                                                                                                                                                                           
                                                                                                                                                                          Similarly, if the VPC is accessible to other VPCs or data centers and the VPC route table includes routes to the container CIDR blocks, resources in other VPCs or data centers can directly communicate with containers in the cluster, provided there are no conflicts between the network CIDR blocks.
                                                                                                                                                                          
@@ -15,23 +15,23 @@
 
                                                                                                                                                                          
 
                                                                                                                                                                          Application Scenarios
                                                                                                                                                                          • High performance requirements: As no tunnel encapsulation is required, the VPC network model delivers the performance close to that of a VPC network when compared with the container tunnel network model. Therefore, the VPC network model applies to scenarios that have high requirements on performance, such as AI computing and big data computing.
                                                                                                                                                                          • Small- and medium-scale networks: Due to the limitation on VPC route tables, it is recommended that the number of nodes in a cluster be less than or equal to 1000.
                                                                                                                                                                          
 
                                                                                                                                                                          
-
                                                                                                                                                                          Container IP Address Management
                                                                                                                                                                          The VPC network model assigns container IP addresses based on the following guidelines:
                                                                                                                                                                          
+
                                                                                                                                                                          Pod IP Address Management
                                                                                                                                                                          The VPC network model assigns pod IP addresses based on the following guidelines:
                                                                                                                                                                          
 
                                                                                                                                                                          • Container CIDR blocks are separate from node CIDR blocks.
                                                                                                                                                                          • IP addresses are allocated by node. One CIDR block with a fixed size (configurable) is allocated to each node in a cluster from the container CIDR block.
                                                                                                                                                                          • A container CIDR block assigns CIDR blocks to new nodes in a cyclical sequence.
                                                                                                                                                                          • IP addresses from the CIDR blocks assigned to a node are allocated to pods scheduled to that node in a cyclical manner.
                                                                                                                                                                          
-
                                                                                                                                                                          Figure 2 IP address management of the VPC network
                                                                                                                                                                          
+
                                                                                                                                                                          Figure 2 IP address management of the VPC network
                                                                                                                                                                          
 
                                                                                                                                                                          Maximum number of nodes that can be created in the cluster using the VPC network = Number of IP addresses in the container CIDR block/Number of IP addresses in the CIDR block allocated to the node by the container CIDR block
                                                                                                                                                                          
-
                                                                                                                                                                          For example, if the container CIDR block is 172.16.0.0/16, the number of IP addresses is 65536. The mask of the container CIDR block allocated to a node is 25. That is, the number of container IP addresses on each node is 128. Therefore, a maximum of 512 (65536/128) nodes can be created. The number of nodes that can be added to a cluster is also determined by the available IP addresses in the node subnet and the scale of the cluster. For details, see Recommendation for CIDR Block Planning.
                                                                                                                                                                          
+
                                                                                                                                                                          For example, if the container CIDR block is 172.16.0.0/16, the number of IP addresses is 65,536. The mask of the container CIDR block allocated to a node is 25. That is, the number of pod IP addresses on each node is 128. Therefore, a maximum of 512 (65536/128) nodes can be created. The number of nodes that can be added to a cluster is also determined by the available IP addresses in the node subnet and the scale of the cluster. For details, see Recommendation for CIDR Block Planning.
                                                                                                                                                                          
 
                                                                                                                                                                          
-
                                                                                                                                                                          Recommendation for CIDR Block Planning
                                                                                                                                                                          As explained in Cluster Network Structure, network addresses in a cluster are divided into the cluster network, container network, and service network. When planning network addresses, consider the following factors:
                                                                                                                                                                          
-
                                                                                                                                                                          • The three CIDR blocks cannot overlap. Otherwise, a conflict occurs. 
                                                                                                                                                                          • Ensure that each CIDR block has sufficient IP addresses.
                                                                                                                                                                            • The IP addresses in the cluster CIDR block must match the cluster scale. Otherwise, nodes cannot be created due to insufficient IP addresses.
                                                                                                                                                                            • The IP addresses in the container CIDR block must match the service scale. Otherwise, pods cannot be created due to insufficient IP addresses. The number of pods that can be created on each node also depends on other parameter settings.
                                                                                                                                                                            
+
                                                                                                                                                                            Recommendation for CIDR Block Planning
                                                                                                                                                                            As explained in Cluster Network Structure, there are three networks in a cluster: cluster network, container network, and Service network. When planning network addresses, consider the following:
                                                                                                                                                                            
+
                                                                                                                                                                            • The three CIDR blocks cannot overlap. Otherwise, a conflict occurs. 
                                                                                                                                                                            • Ensure that each CIDR block has sufficient IP addresses.
                                                                                                                                                                              • The IP addresses in cluster CIDR blocks must match the cluster scale. Otherwise, nodes cannot be created due to insufficient IP addresses.
                                                                                                                                                                              • The IP addresses in container CIDR blocks must match the service scale. Otherwise, pods cannot be created due to insufficient IP addresses. The number of pods that can be created on each node also depends on other parameter settings.
                                                                                                                                                                              
 
                                                                                                                                                                            
 
                                                                                                                                                                            Assume that a cluster contains 200 nodes and the network model is VPC network.
                                                                                                                                                                            
 
                                                                                                                                                                            In this case, the number of available IP addresses in the selected subnet must be greater than 200. Otherwise, nodes cannot be created due to insufficient IP addresses.
                                                                                                                                                                            
-
                                                                                                                                                                            The container CIDR block is 172.16.0.0/16, and the number of available IP addresses is 65536. As described in Container IP Address Management, the VPC network is allocated a CIDR block with a fixed size (using the mask to determine the maximum number of container IP addresses allocated to each node). For example, if the upper limit is 128, the cluster supports a maximum of 512 (65536/128) nodes.
                                                                                                                                                                            
+
                                                                                                                                                                            The container CIDR block is 172.16.0.0/16, and the number of available IP addresses is 65,536. As described in Pod IP Address Management, the VPC network is allocated a CIDR block with a fixed size (using the mask to determine the maximum number of pod IP addresses allocated to each node). For example, if the upper limit is 128, the cluster supports a maximum of 512 (65536/128) nodes.
                                                                                                                                                                            
 
                                                                                                                                                                            
 
                                                                                                                                                                            Example of VPC Network Access
                                                                                                                                                                            In this example, a cluster using the VPC network model is created, and the cluster contains one node.
                                                                                                                                                                            
 
                                                                                                                                                                            On the VPC console, locate the VPC to which the cluster belongs and check the VPC route table.
                                                                                                                                                                            
-
                                                                                                                                                                            You can find that CCE has created a custom route in the route table. This route has a destination address corresponding to the container CIDR block assigned to the node, and the next hop is directed towards the target node. In the example, the container CIDR block for the cluster is 172.16.0.0/16, with 128 container IP addresses assigned to each node. Therefore, the node's container CIDR block is 172.16.0.0/25, providing a total of 128 container IP addresses.
                                                                                                                                                                            
-
                                                                                                                                                                            When a container IP address is accessed, the VPC route will forward the traffic to the next-hop node that corresponds to the destination address. The following is an example:
                                                                                                                                                                            
+
                                                                                                                                                                            You can find that CCE has created a custom route in the route table. This route has a destination address corresponding to the container CIDR block assigned to the node, and the next hop is directed towards the target node. In the example, the container CIDR block for the cluster is 172.16.0.0/16, with 128 pod IP addresses assigned to each node. Therefore, the node's container CIDR block is 172.16.0.0/25, providing a total of 128 pod IP addresses.
                                                                                                                                                                            
+
                                                                                                                                                                            When a pod IP address is accessed, the VPC route will forward the traffic to the next-hop node that corresponds to the destination address. The following is an example:
                                                                                                                                                                            
 
                                                                                                                                                                            1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                            2. Create a Deployment in the cluster.
                                                                                                                                                                              Create the deployment.yaml file. The following shows an example:
                                                                                                                                                                              kind: Deployment
 apiVersion: apps/v1
 metadata:
@@ -63,7 +63,7 @@ example-86b9779494-x8kl5   1/1     Running   0          14s   172.16.0.5   192.1
 example-86b9779494-zt627   1/1     Running   0          14s   172.16.0.8   192.168.0.99   <none>           <none>
                                                                                                                                                                              
 
                                                                                                                                                                              
 
                                                                                                                                                                            3. Use a cloud server in the same VPC to directly access a pod's IP address from outside the cluster. You can also access a pod using its IP address within the pod or from a node in the cluster. In the following example, access a pod's IP address within the pod. example-86b9779494-l8qrw is the pod name, and 172.16.0.7 is the pod IP address.
                                                                                                                                                                              kubectl exec -it example-86b9779494-l8qrw -- curl 172.16.0.7
                                                                                                                                                                              
-
                                                                                                                                                                              If the following information is displayed, the workload can be properly accessed:
                                                                                                                                                                              
+
                                                                                                                                                                              If the following information is displayed, the workload can be accessed:
                                                                                                                                                                              
 
                                                                                                                                                                              <!DOCTYPE html>
 <html>
 <head>
@@ -91,6 +91,8 @@ Commercial support is available at
 </html>
                                                                                                                                                                              
 
                                                                                                                                                                            
 
                                                                                                                                                                            
+
                                                                                                                                                                            Helpful Links
                                                                                                                                                                            
+
                                                                                                                                                                            
 
                                                                                                                                                                          
 
                                                                                                                                                                          
 
                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_10_0284.html b/docs/cce/umn/cce_10_0284.html
index 277c83f37..1a566f76c 100644
--- a/docs/cce/umn/cce_10_0284.html
+++ b/docs/cce/umn/cce_10_0284.html
@@ -1,127 +1,34 @@
 
 
 
                                                                                                                                                                          Cloud Native Network 2.0
                                                                                                                                                                          
-
                                                                                                                                                                          Model Definition
                                                                                                                                                                          Cloud Native Network 2.0 is a proprietary, next-generation container network model that combines the elastic network interfaces (ENIs) and supplementary network interfaces (sub-ENIs) of the Virtual Private Cloud (VPC). This allows ENIs or sub-ENIs to be directly bound to pods, giving each pod its own unique IP address within the VPC. Furthermore, it supports additional features like ELB passthrough container, pod binding to a security group, and pod binding to an EIP. Because container tunnel encapsulation and NAT are not required, Cloud Native Network 2.0 enables higher network performance than the container tunnel network model and VPC network model.
                                                                                                                                                                          
-
                                                                                                                                                                          Figure 1 Cloud Native Network 2.0
                                                                                                                                                                          
-
                                                                                                                                                                          In a cluster using Cloud Native Network 2.0, pods rely on ENIs or sub-ENIs to connect to external networks.
                                                                                                                                                                          
-
                                                                                                                                                                          • Pods running on BMS nodes use ENIs.
                                                                                                                                                                          • Pods running on ECS nodes use sub-ENIs that are bound to the ECS' ENIs through VLAN sub-interfaces.
                                                                                                                                                                          • To run a pod, it is necessary to bind ENIs to it. The number of pods that can run on a node depends on the number of ENIs that can be bound to the node and the number of ENI ports available on the node.
                                                                                                                                                                          • Traffic for communications between pods on a node, communications between pods on different nodes, and access to networks outside a cluster is forwarded through the ENI or sub-ENI of the VPC.
                                                                                                                                                                          
+
                                                                                                                                                                          Model Definition
                                                                                                                                                                          The proprietary, next-generation Cloud Native Network 2.0 combines the network interfaces and supplementary network interfaces of VPC. This allows you to bind network interfaces or supplementary network interfaces to pods, giving each pod unique IP address within the VPC. Cloud Native Network 2.0 also has features like ELB passthrough networking and association of security groups and EIPs with pods. Because container tunnel encapsulation and NAT are not required, Cloud Native Network 2.0 delivers higher network performance than the container tunnel and VPC networks.
                                                                                                                                                                          
+
                                                                                                                                                                          Figure 1 Cloud Native Network 2.0
                                                                                                                                                                          
+
                                                                                                                                                                          In a cluster using Cloud Native Network 2.0, pods rely on network interfaces and supplementary network interfaces to access external networks.
                                                                                                                                                                          
+
                                                                                                                                                                          • Pods running on a BMS node use elastic network interfaces to access external networks.
                                                                                                                                                                          • Pods running on an ECS use supplementary network interfaces to access external networks. Supplementary network interfaces are attached to the elastic network interfaces of ECSs through VLAN subinterfaces.
                                                                                                                                                                          • To run a pod, bind a network interface to it. The maximum number of pods that can run on a single node depends on the number of network interfaces that can be bound to the node and the number of network interface ports available on the node.
                                                                                                                                                                          • Traffic for communications between pods on a node, communications between pods on different nodes, and pod access to networks outside a cluster is forwarded through the elastic or supplementary network interfaces of VPC.
                                                                                                                                                                          
 
                                                                                                                                                                          
-
                                                                                                                                                                          Notes and Constraints
                                                                                                                                                                          This network model is available only to CCE Turbo clusters.
                                                                                                                                                                          
+
                                                                                                                                                                          Constraints
                                                                                                                                                                          This network model is available only to CCE Turbo clusters.
                                                                                                                                                                          
 
                                                                                                                                                                          
 
                                                                                                                                                                          Advantages and Disadvantages
                                                                                                                                                                          Advantages
                                                                                                                                                                          
-
                                                                                                                                                                          • VPCs serve as the foundation for constructing container networks. Every pod has its own network interface and IP address, which simplifies network problem-solving and enhances performance.
                                                                                                                                                                          • In the same VPC, ENIs are directly bound to pods in a cluster, so that resources outside the cluster can directly communicate with containers within the cluster.
                                                                                                                                                                             
                                                                                                                                                                            Similarly, if the VPC is accessible to other VPCs or data centers, resources in other VPCs or data centers can directly communicate with containers in the cluster, provided there are no conflicts between the network CIDR blocks.
                                                                                                                                                                            
+
                                                                                                                                                                            • VPCs serve as the foundation for constructing container networks. Every pod has its own network interface and IP address, which simplifies network problem-solving and enhances performance.
                                                                                                                                                                            • In the same VPC, network interfaces are directly bound to pods in a cluster, so that resources outside the cluster can directly communicate with containers within the cluster.
                                                                                                                                                                               
                                                                                                                                                                              Similarly, if the VPC is accessible to other VPCs or data centers, resources in other VPCs or data centers can directly communicate with containers in the cluster, provided there are no conflicts between the network CIDR blocks.
                                                                                                                                                                              
 
                                                                                                                                                                              
 
                                                                                                                                                                            • The load balancing, security group, and EIP capabilities provided by VPC can be directly used by pods.
                                                                                                                                                                            
 
                                                                                                                                                                            Disadvantages
                                                                                                                                                                            
 
                                                                                                                                                                            Container networks are built on VPCs, with each pod receiving an IP address from the VPC CIDR block. As a result, it is crucial to plan the container CIDR block carefully before creating a cluster.
                                                                                                                                                                            
 
                                                                                                                                                                            
-
                                                                                                                                                                            Application Scenarios
                                                                                                                                                                            • High performance requirements: Cloud Native Network 2.0 uses VPC networks to construct container networks, eliminating the need for tunnel encapsulation or NAT when containers communicate. This makes Cloud Native Network 2.0 ideal for scenarios that demand high bandwidth and low latency.
                                                                                                                                                                            • Large-scale networking: Cloud Native Network 2.0 supports up to 2,000 ECS nodes and 100,000 pods.
                                                                                                                                                                            
+
                                                                                                                                                                            Application Scenarios
                                                                                                                                                                            • High performance requirements: Cloud Native Network 2.0 uses VPC networks to construct container networks, eliminating the need for tunnel encapsulation or NAT required by container communications. This makes Cloud Native Network 2.0 ideal for scenarios that demand high bandwidth and low latency.
                                                                                                                                                                            • Large-scale networking: Cloud Native Network 2.0 supports up to 2,000 ECS nodes and 100,000 pods.
                                                                                                                                                                            
 
                                                                                                                                                                            
-
                                                                                                                                                                            Container IP Address Management
                                                                                                                                                                            In Cloud Native Network 2.0, ECS nodes use sub-ENIs.
                                                                                                                                                                            
-
                                                                                                                                                                            • The IP address of the pod is directly allocated from the VPC subnet configured for the container network. You do not need to allocate an independent small network segment to the node.
                                                                                                                                                                            • To add an ECS node to a cluster, bind the ENI that carries the sub-ENI first. After the ENI is bound, you can bind the sub-ENI.
                                                                                                                                                                            • Number of ENIs bound to an ECS node: For clusters of v1.19.16-r40, v1.21.11-r0, v1.23.9-r0, v1.25.4-r0, v1.27.1-r0, and later versions, the value is 1. For clusters of earlier versions, the value is the maximum number of sub-ENIs that can be bound to the node divided by 64 (rounded up).
                                                                                                                                                                            • ENIs bound to an ECS node = Number of ENIs used to bear sub-ENIs + Number of sub-ENIs currently used by pods + Number of pre-bound sub-ENIs
                                                                                                                                                                            • When a pod is created, an available ENI is randomly allocated from the prebinding ENI pool of the node.
                                                                                                                                                                            • When the pod is deleted, the ENI is released back to the ENI pool of the node.
                                                                                                                                                                            • When a node is deleted, the ENIs are released back to the pool, and the sub-ENIs are deleted.
                                                                                                                                                                            
-
                                                                                                                                                                            Cloud Native Network 2.0 supports dynamic ENI pre-binding policies. The following table lists the scenarios.
                                                                                                                                                                            
-
-
                                                                                                                                                                        Table 2 Node scaling types
                                                                                                                                                                        Component Name
                                                                                                                                                                        
 
                                                                                                                                                                        Description
                                                                                                                                                                        
+
                                                                                                                                                                        Description
                                                                                                                                                                        
 
                                                                                                                                                                        Application Scenario
                                                                                                                                                                        
+
                                                                                                                                                                        Application Scenario
                                                                                                                                                                        
 
                                                                                                                                                                        Reference
                                                                                                                                                                        
+
                                                                                                                                                                        Reference
                                                                                                                                                                        
                                                                                                                                                                         		
 
                                                                                                                                                                        
 
                                                                                                                                                                        CCE Cluster Autoscaler
                                                                                                                                                                        
+
                                                                                                                                                                        CCE Cluster Autoscaler
                                                                                                                                                                        
 
                                                                                                                                                                        An open source Kubernetes component for horizontal scaling of nodes, which is optimized by CCE in scheduling, auto scaling, and costs.
                                                                                                                                                                        
+
                                                                                                                                                                        An open-source Kubernetes component for horizontal scaling of nodes, which is optimized by CCE in scheduling, auto scaling, and costs.
                                                                                                                                                                        
 
                                                                                                                                                                        Online services, deep learning, and large-scale computing with limited resource budgets
                                                                                                                                                                        
+
                                                                                                                                                                        Online services, deep learning, and large-scale computing with limited resource budgets
                                                                                                                                                                        
 
                                                                                                                                                                        Creating a Node Scaling Policy
                                                                                                                                                                        
+
                                                                                                                                                                        Creating a Node Scaling Policy
                                                                                                                                                                        
                                                                                                                                                                         		
 
                                                                                                                                                                        
                                                                                                                                                                         
 
 
 
 
                                                                                                                                                                        • High performance requirements: As no tunnel encapsulation is required, the VPC network model delivers the performance close to that of a VPC network when compared with the container tunnel network model. Therefore, the VPC network model applies to scenarios that have high requirements on performance, such as AI computing and big data computing.
                                                                                                                                                                        • Small- and medium-scale networks: Due to the limitation on VPC route tables, it is recommended that the number of nodes in a cluster be less than or equal to 1000.
                                                                                                                                                                        
 
                                                                                                                                                                        • High performance requirements: Cloud Native Network 2.0 uses VPC networks to construct container networks, eliminating the need for tunnel encapsulation or NAT when containers communicate. This makes Cloud Native Network 2.0 ideal for scenarios that demand high bandwidth and low latency.
                                                                                                                                                                        • Large-scale networking: Cloud Native Network 2.0 supports up to 2,000 ECS nodes and 100,000 pods.
                                                                                                                                                                        
+
                                                                                                                                                                        • High performance requirements: Cloud Native Network 2.0 uses VPC networks to construct container networks, eliminating the need for tunnel encapsulation or NAT required by container communications. This makes Cloud Native Network 2.0 ideal for scenarios that demand high bandwidth and low latency.
                                                                                                                                                                        • Large-scale networking: Cloud Native Network 2.0 supports up to 2,000 ECS nodes and 100,000 pods.
                                                                                                                                                                        
                                                                                                                                                                         		
 
                                                                                                                                                                        
 
                                                                                                                                                                        Core technology
                                                                                                                                                                        
                                                                                                                                                                         		
 
                                                                                                                                                                        OVS
                                                                                                                                                                        
 
                                                                                                                                                                        IPvlan and VPC route
                                                                                                                                                                        
+
                                                                                                                                                                        IPVLAN and VPC route
                                                                                                                                                                        
 
                                                                                                                                                                        VPC ENI/sub-ENI
                                                                                                                                                                        
+
                                                                                                                                                                        VPC network interfaces/supplementary network interfaces
                                                                                                                                                                        
                                                                                                                                                                         		
 
                                                                                                                                                                        
 
                                                                                                                                                                        Applicable clusters
                                                                                                                                                                        
@@ -64,13 +66,24 @@
 
                                                                                                                                                                        Interconnected using a shared load balancer through a NodePort
                                                                                                                                                                        
                                                                                                                                                                         		
 
                                                                                                                                                                        Managing container IP addresses
                                                                                                                                                                        
+
                                                                                                                                                                        Managing pod IP addresses
                                                                                                                                                                        
 
                                                                                                                                                                        • Separate container CIDR blocks needed
                                                                                                                                                                        • Container CIDR blocks divided by node and dynamically added after being allocated
                                                                                                                                                                        
+
                                                                                                                                                                        • Separate container CIDR blocks are needed. Container CIDR blocks cannot overlap with VPC CIDR blocks.
                                                                                                                                                                        • After a cluster is created, the container CIDR block cannot be expanded. To avoid insufficient IP addresses, you are advised to set the subnet mask of the container CIDR block to a maximum of 19 bits.
                                                                                                                                                                        
 
                                                                                                                                                                        • Separate container CIDR blocks needed
                                                                                                                                                                        • Container CIDR blocks divided by node and statically allocated (the allocated CIDR blocks cannot be changed after a node is created)
                                                                                                                                                                        
+
                                                                                                                                                                        • Separate container CIDR blocks are needed. Container CIDR blocks cannot overlap with VPC CIDR blocks.
                                                                                                                                                                        • You can add multiple container CIDR blocks.
                                                                                                                                                                        • You can add container CIDR blocks after a cluster is created. For details, see Expanding the Container CIDR Block of a Cluster That Uses a VPC Network.
                                                                                                                                                                        • When pod IP addresses are allocated, a fixed IP address range is configured for each node from the container CIDR block. The IP addresses of all pods on a node are allocated from the IP address range.
                                                                                                                                                                        
 
                                                                                                                                                                        Container CIDR blocks divided from a VPC subnet (You do not need to configure separate container CIDR blocks.)
                                                                                                                                                                        
+
                                                                                                                                                                        • You can specify a VPC subnet as the container CIDR block.
                                                                                                                                                                        • You can add container CIDR blocks after a cluster is created. For details, see Adding or Deleting the Default Pod Subnet of a CCE Turbo Cluster.
                                                                                                                                                                        • Pod IP addresses are directly allocated from the VPC, consuming many IP addresses. You are advised to plan a large VPC CIDR block in advance.
                                                                                                                                                                        
+
                                                                                                                                                                        Maximum number of pods on a node
                                                                                                                                                                        
+
                                                                                                                                                                        The value of the kubelet configuration parameter maxPods is used. For details, see Maximum Number of Pods on a Node.
                                                                                                                                                                        
+
                                                                                                                                                                        The smaller value between the following two options is used:
                                                                                                                                                                        
+
+
                                                                                                                                                                        The smaller value between the following two options is used:
                                                                                                                                                                        
+
                                                                                                                                                                         		
 
                                                                                                                                                                        
 
                                                                                                                                                                        Network performance
                                                                                                                                                                        
@@ -84,13 +97,13 @@
 
                                                                                                                                                                        
 
                                                                                                                                                                        Networking scale
                                                                                                                                                                        
 
                                                                                                                                                                        A maximum of 2000 nodes are supported.
                                                                                                                                                                        
+
                                                                                                                                                                        A maximum of 2,000 nodes are supported.
                                                                                                                                                                        
 
                                                                                                                                                                        Suitable for small- and medium-scale networks due to the limitation on VPC route tables. It is recommended that the number of nodes be less than or equal to 1000.
                                                                                                                                                                        
+
                                                                                                                                                                        Suitable for small- and medium-scale networks due to the limitation on VPC route tables. It is recommended that the number of nodes be less than or equal to 1,000.
                                                                                                                                                                        
 
                                                                                                                                                                        Each time a node is added to the cluster, a route is added to the VPC route tables. Evaluate the cluster scale that is limited by the VPC route tables before creating the cluster. 
                                                                                                                                                                        
 
                                                                                                                                                                        A maximum of 2000 nodes are supported.
                                                                                                                                                                        
-
                                                                                                                                                                        In a cloud-native network 2.0 cluster, containers' IP addresses are assigned from VPC CIDR blocks, and the number of containers supported is restricted by these blocks. Evaluate the cluster's scale limitations before creating it.
                                                                                                                                                                        
+
                                                                                                                                                                        A maximum of 2,000 nodes are supported.
                                                                                                                                                                        
+
                                                                                                                                                                        In a cluster that uses Cloud Native Network 2.0, container IP addresses are assigned from the VPC CIDR block, and the number of containers is also restricted by this CIDR block. Evaluate the cluster's scale limitations before creating it.
                                                                                                                                                                        
                                                                                                                                                                         		
 
                                                                                                                                                                        
                                                                                                                                                                         
 
 
 
                                                                                                                                                                        
-
-
-
-
-
-
-
-
-
-
-
                                                                                                                                                                        Table 1 Comparison between ENI pre-binding policies
                                                                                                                                                                        Policy
                                                                                                                                                                        
-
                                                                                                                                                                        Dynamic ENI Pre-binding Policy (Default)
                                                                                                                                                                        
-
                                                                                                                                                                        Management policy
                                                                                                                                                                        
-
                                                                                                                                                                        nic-minimum-target: minimum number of ENIs (pre-bound and unused + used) bound to a node.
                                                                                                                                                                        
-
                                                                                                                                                                        nic-maximum-target: If the number of ENIs bound to a node exceeds the value of this parameter, the system does not proactively pre-bind ENIs.
                                                                                                                                                                        
-
                                                                                                                                                                        nic-warm-target: minimum number of pre-bound ENIs on a node.
                                                                                                                                                                        
-
                                                                                                                                                                        nic-max-above-warm-target: ENIs are unbound and reclaimed only when the number of idle ENIs minus the number of nic-warm-target is greater than the threshold.
                                                                                                                                                                        
-
                                                                                                                                                                        Application scenario
                                                                                                                                                                        
-
                                                                                                                                                                        Accelerates pod startup while improving IP resource utilization. This mode applies to scenarios where the number of IP addresses in the container network segment is insufficient.
                                                                                                                                                                        
-
                                                                                                                                                                        
-
                                                                                                                                                                        
-
                                                                                                                                                                        CCE provides four parameters for the dynamic ENI pre-binding policy. Set these parameters properly.
                                                                                                                                                                        
-
-
                                                                                                                                                                        
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                                                                                                                                        Table 2 Parameters of the dynamic ENI pre-binding policy
                                                                                                                                                                        Parameter
                                                                                                                                                                        
-
                                                                                                                                                                        Default Value
                                                                                                                                                                        
-
                                                                                                                                                                        Description
                                                                                                                                                                        
-
                                                                                                                                                                        Suggestion
                                                                                                                                                                        
-
                                                                                                                                                                        nic-minimum-target
                                                                                                                                                                        
-
                                                                                                                                                                        10
                                                                                                                                                                        
-
                                                                                                                                                                        Minimum number of ENIs bound to a node. The value can be a number or a percentage.
                                                                                                                                                                        
-
                                                                                                                                                                        • Value: The value must be a positive integer. For example, 10 indicates that at least 10 ENIs are bound to a node. If the ENI quota of a node is exceeded, the ENI quota is used.
                                                                                                                                                                        • Percentage: The value ranges from 1% to 100%. For example, 10%. If the ENI quota of a node is 128, at least 12 (rounded down) ENIs are bound to the node.
                                                                                                                                                                        
-
                                                                                                                                                                        Set both nic-minimum-target and nic-maximum-target to the same value or percentage.
                                                                                                                                                                        
-
                                                                                                                                                                        Set these parameters based on the number of pods.
                                                                                                                                                                        
-
                                                                                                                                                                        nic-maximum-target
                                                                                                                                                                        
-
                                                                                                                                                                        0
                                                                                                                                                                        
-
                                                                                                                                                                        If the number of ENIs bound to a node exceeds the value of nic-maximum-target, the system does not proactively pre-bind ENIs.
                                                                                                                                                                        
-
                                                                                                                                                                        If the value of this parameter is greater than or equal to the value of nic-minimum-target, the check on the maximum number of the pre-bound ENIs is enabled. Otherwise, the check is disabled. The value can be a number or a percentage.
                                                                                                                                                                        
-
                                                                                                                                                                        • Value: The value must be a positive integer. For example, 0. The check on the maximum number of the pre-bound ENIs is disabled. If the ENI quota of a node is exceeded, the ENI quota is used.
                                                                                                                                                                        • Percentage: The value ranges from 1% to 100%. For example, 50%. If the ENI quota of a node is 128, the maximum number of the pre-bound ENI is 64 (rounded down).
                                                                                                                                                                        
-
                                                                                                                                                                        Set both nic-minimum-target and nic-maximum-target to the same value or percentage.
                                                                                                                                                                        
-
                                                                                                                                                                        Set these parameters based on the number of pods.
                                                                                                                                                                        
-
                                                                                                                                                                        nic-warm-target
                                                                                                                                                                        
-
                                                                                                                                                                        2
                                                                                                                                                                        
-
                                                                                                                                                                        Minimum number of pre-bound ENIs on a node. The value must be a number.
                                                                                                                                                                        
-
                                                                                                                                                                        When the value of nic-warm-target + the number of bound ENIs is greater than the value of nic-maximum-target, the system will pre-bind ENIs based on the difference between the value of nic-maximum-target and the number of bound ENIs.
                                                                                                                                                                        
-
                                                                                                                                                                        Set this parameter to the number of pods that can be scaled out instantaneously within 10 seconds.
                                                                                                                                                                        
-
                                                                                                                                                                        nic-max-above-warm-target
                                                                                                                                                                        
-
                                                                                                                                                                        2
                                                                                                                                                                        
-
                                                                                                                                                                        Only when the number of idle ENIs on a node minus the value of nic-warm-target is greater than the threshold, the pre-bound ENIs will be unbound and reclaimed. The value can only be a number.
                                                                                                                                                                        
-
                                                                                                                                                                        • Setting a larger value of this parameter slows down the recycling of idle ENIs and accelerates pod startup. However, the IP address usage decreases, especially when IP addresses are insufficient. Therefore, exercise caution when increasing the value of this parameter.
                                                                                                                                                                        • Setting a smaller value of this parameter accelerates the recycling of idle ENIs and improves the IP address usage. However, when a large number of pods increase instantaneously, the startup of some pods slows down.
                                                                                                                                                                        
-
                                                                                                                                                                        Set this parameter based on the difference between the number of pods that are frequently scaled on most nodes within minutes and the number of pods that are instantly scaled out on most nodes within 10 seconds.
                                                                                                                                                                        
-
                                                                                                                                                                        
-
                                                                                                                                                                        
-
                                                                                                                                                                         
                                                                                                                                                                        The preceding parameters support global configuration at the cluster level and custom settings at the node pool level. The latter takes priority over the former.
                                                                                                                                                                        
-
                                                                                                                                                                        
-
                                                                                                                                                                        The container networking component maintains a scalable pre-bound ENI pool for each node. The component checks and calculates the number of pre-bound ENIs or idle ENIs every 10 seconds.
                                                                                                                                                                        • Number of pre-bound ENIs = min(nic-maximum-target – Number of bound ENIs, max(nic-minimum-target – Number of bound ENIs, nic-warm-target – Number of idle ENIs)
                                                                                                                                                                        • Number of ENIs to be unbound = min(Number of idle ENIs – nic-warm-target – nic-max-above-warm-target, Number of bound ENIs – nic-minimum-target)
                                                                                                                                                                        
-
                                                                                                                                                                        
-
                                                                                                                                                                        The number of pre-binding ENIs on the node remains in the following range:
                                                                                                                                                                        • Minimum number of ENIs to be pre-bound = min(max(nic-minimum-target – Number of bound ENIs, nic-warm-target), nic-maximum-target – Number of bound ENIs)
                                                                                                                                                                        • Maximum number of ENIs to be pre-bound = max(nic-warm-target + nic-max-above-warm-target, Number of bound ENIs – nic-minimum-target)
                                                                                                                                                                        
-
                                                                                                                                                                        
-
                                                                                                                                                                        When a pod is created, an idle pre-bound ENI (the earliest unused one) will be preferentially allocated from the pool. If no idle ENI is available, a new ENI will be created or a new sub-ENI will be bound to the pod.
                                                                                                                                                                        
-
                                                                                                                                                                        When the pod is deleted, the corresponding ENI is released back to the pre-bound ENI pool of the node, enters a 2 minutes cooldown period, and can be bind to another pod. If the ENI is not bound to any pod within 2 minutes, it will be released.
                                                                                                                                                                        
-
-
                                                                                                                                                                        Recommendation for CIDR Block Planning
                                                                                                                                                                        As explained in Cluster Network Structure, network addresses in a cluster are divided into the cluster network, container network, and service network. When planning network addresses, consider the following factors:
                                                                                                                                                                        
-
                                                                                                                                                                        • All subnets (including extended subnets) in the VPC where the cluster resides cannot conflict with the Service CIDR blocks.
                                                                                                                                                                        • Ensure that each CIDR block has sufficient IP addresses.
                                                                                                                                                                          • The IP addresses in the cluster CIDR block must match the cluster scale. Otherwise, nodes cannot be created due to insufficient IP addresses.
                                                                                                                                                                          • The IP addresses in the container CIDR block must match the service scale. Otherwise, pods cannot be created due to insufficient IP addresses.
                                                                                                                                                                          
+
                                                                                                                                                                          Recommendation for CIDR Block Planning
                                                                                                                                                                          As explained in Cluster Network Structure, there are three networks in a cluster: cluster network, container network, and Service network. When planning network addresses, consider the following:
                                                                                                                                                                          
+
                                                                                                                                                                          • All subnets (including those created from the secondary CIDR blocks) in the VPC where the cluster resides cannot conflict with the Service CIDR blocks.
                                                                                                                                                                          • Each CIDR block has sufficient IP addresses.
                                                                                                                                                                            • The IP addresses in cluster CIDR blocks must match the cluster scale. Otherwise, nodes cannot be created due to insufficient IP addresses.
                                                                                                                                                                            • The IP addresses in container CIDR blocks must match the service scale. Otherwise, pods cannot be created due to insufficient IP addresses.
                                                                                                                                                                            
 
                                                                                                                                                                          
-
                                                                                                                                                                          In Cloud Native Network 2.0, the container CIDR block and node CIDR block share the network IP addresses in a VPC. It is recommended that the container subnet and node subnet not use the same subnet. Otherwise, containers or nodes may fail to be created due to insufficient IP addresses.
                                                                                                                                                                          
-
                                                                                                                                                                          In addition, a subnet can be added to the container CIDR block after a cluster is created to increase the number of available IP addresses. In this case, ensure that the added subnet does not conflict with other subnets in the container CIDR block.
                                                                                                                                                                          
-
                                                                                                                                                                          Figure 2 Configuring CIDR blocks
                                                                                                                                                                          
+
                                                                                                                                                                          In Cloud Native Network 2.0, the container CIDR block and node CIDR block share the IP addresses in the VPC CIDR block. The container subnet and node subnet should not be the same. Otherwise, containers or nodes may fail to be created due to insufficient IP addresses.
                                                                                                                                                                          
+
                                                                                                                                                                          In addition, a secondary CIDR block can be added to the container CIDR block after a cluster is created to increase the number of available IP addresses. In this case, the secondary CIDR block cannot with the container CIDR block.
                                                                                                                                                                          
 
                                                                                                                                                                          
-
                                                                                                                                                                          Example of Cloud Native Network 2.0 Access 
                                                                                                                                                                          In this example, a CCE Turbo cluster is created, and the cluster contains three ECS nodes.
                                                                                                                                                                          
-
                                                                                                                                                                          You can check the basic information about a node on the ECS console. You can see that a primary network interface and an extended network interface are bound to the node. Both of them are ENIs. The IP address of the extended network interface belongs to the container CIDR block and is used to bind sub-ENIs to pods on the node.
                                                                                                                                                                          
-
                                                                                                                                                                          The following is an example of creating a workload in a cluster using Cloud Native Network 2.0:
                                                                                                                                                                          
-
                                                                                                                                                                          1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                          2. Create a Deployment in the cluster.
                                                                                                                                                                            Create the deployment.yaml file. The following shows an example:
                                                                                                                                                                            
-
                                                                                                                                                                            kind: Deployment
+
                                                                                                                                                                            Example of Cloud Native Network 2.0 Access
                                                                                                                                                                            In this example, a CCE Turbo cluster is created, and the cluster contains three ECS nodes.
                                                                                                                                                                            
+
                                                                                                                                                                            You can check the basic information about a node on the ECS console. You can see that a primary network interface and an extended network interface are bound to the node. Both of them are elastic network interfaces. The IP address of the extended network interface belongs to the container CIDR block and is used to bind supplementary network interfaces to pods on the node.
                                                                                                                                                                            
+
                                                                                                                                                                            
+
                                                                                                                                                                            The following example shows how to create a workload in a cluster that uses Cloud Native Network 2.0.
                                                                                                                                                                            
+
                                                                                                                                                                            1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                            2. Create a Deployment in the cluster.
                                                                                                                                                                              Create the deployment.yaml file. The following shows an example:
                                                                                                                                                                              
+
                                                                                                                                                                              kind: Deployment
 apiVersion: apps/v1
 metadata:
   name: example
@@ -148,23 +55,23 @@ spec:
               memory: 512Mi
       imagePullSecrets:
         - name: default-secret
                                                                                                                                                                              
-
                                                                                                                                                                              Create the workload.
                                                                                                                                                                              
-
                                                                                                                                                                              kubectl apply -f deployment.yaml
                                                                                                                                                                              
-
                                                                                                                                                                            3. Check the running pods.
                                                                                                                                                                              kubectl get pod -owide
                                                                                                                                                                              
-
                                                                                                                                                                              Command output:
                                                                                                                                                                              
-
                                                                                                                                                                              NAME                       READY   STATUS    RESTARTS   AGE   IP            NODE         NOMINATED NODE   READINESS GATES
+
                                                                                                                                                                              Create the workload.
                                                                                                                                                                              
+
                                                                                                                                                                              kubectl apply -f deployment.yaml
                                                                                                                                                                              
+
                                                                                                                                                                            4. Check the running pods.
                                                                                                                                                                              kubectl get pod -owide
                                                                                                                                                                              
+
                                                                                                                                                                              Command output:
                                                                                                                                                                              
+
                                                                                                                                                                              NAME                       READY   STATUS    RESTARTS   AGE   IP            NODE         NOMINATED NODE   READINESS GATES
 example-5bdc5699b7-54v7g   1/1     Running   0          7s    10.1.18.2     10.1.0.167   <none>           <none>
 example-5bdc5699b7-6dzx5   1/1     Running   0          7s    10.1.18.216   10.1.0.186   <none>           <none>
 example-5bdc5699b7-gq7xs   1/1     Running   0          7s    10.1.16.63    10.1.0.144   <none>           <none>
 example-5bdc5699b7-h9rvb   1/1     Running   0          7s    10.1.16.125   10.1.0.167   <none>           <none>
 example-5bdc5699b7-s9fts   1/1     Running   0          7s    10.1.16.89    10.1.0.144   <none>           <none>
 example-5bdc5699b7-swq6q   1/1     Running   0          7s    10.1.17.111   10.1.0.167   <none>           <none>
                                                                                                                                                                              
-
                                                                                                                                                                              The IP addresses of all pods are sub-ENIs, which are bound to the ENI (extended network interface) of the node.
                                                                                                                                                                              
-
                                                                                                                                                                              For example, the IP address of the extended network interface of node 10.1.0.167 is 10.1.17.172. On the network interfaces console, you can see that there are three sub-ENIs bound to the extended network interface whose IP address is 10.1.17.172. These sub-ENIs are the IP addresses of the pods running on the node.
                                                                                                                                                                              
-
                                                                                                                                                                            5. Log in to an ECS in the same VPC and access the IP address of a pod from outside the cluster.
                                                                                                                                                                              In this example, the accessed pod IP address is 10.1.18.2.
                                                                                                                                                                              
-
                                                                                                                                                                              curl 10.1.18.2
                                                                                                                                                                              
-
                                                                                                                                                                              If the following information is displayed, the workload can be properly accessed:
                                                                                                                                                                              
-
                                                                                                                                                                              <!DOCTYPE html>
+
                                                                                                                                                                              All pods use supplementary network interfaces, which are bound to the extended network interface of the node.
                                                                                                                                                                              
+
                                                                                                                                                                              For example, the IP address of the extended network interface on the node (10.1.0.167) is 10.1.17.172. On the network interfaces page, you can see that there are three supplementary network interfaces bound to the extended network interface whose IP address is 10.1.17.172. The IP addresses bound to these supplementary network interfaces are the IP addresses of the pods running on the node.
                                                                                                                                                                              
+
                                                                                                                                                                              
+
                                                                                                                                                                            6. Log in to an ECS in the same VPC and access the IP address of a pod from outside the cluster. In this example, the accessed pod IP address is 10.1.18.2.
                                                                                                                                                                              curl 10.1.18.2
                                                                                                                                                                              
+
                                                                                                                                                                              If the following information is displayed, the workload can be accessed:
                                                                                                                                                                              
+
                                                                                                                                                                              <!DOCTYPE html>
 <html>
 <head>
 <title>Welcome to nginx!</title>
@@ -191,6 +98,101 @@ Commercial support is available at
 </html>
                                                                                                                                                                              
 
                                                                                                                                                                            
 
                                                                                                                                                                            
+
                                                                                                                                                                            Network Interface Pre-binding Policies in CCE Turbo Clusters
                                                                                                                                                                            In Cloud Native Network 2.0, ECS nodes use supplementary network interfaces. The allocation policies are as follows:
                                                                                                                                                                            
+
                                                                                                                                                                            • Pod IP addresses are allocated from the VPC subnets configured for the container network.
                                                                                                                                                                            • To add an ECS node to a cluster, bind the elastic network interface that carries the supplementary network interfaces first to the ECS. After the elastic network interface is bound, supplementary network interfaces are bound.
                                                                                                                                                                            • Number of elastic network interfaces bound to an ECS node: For clusters of v1.19.16-r40, v1.21.11-r0, v1.23.9-r0, v1.25.4-r0, v1.27.1-r0, and later versions, the value is 1. For clusters of earlier versions, the value is the maximum number of supplementary network interfaces that can be bound to the node divided by 64 (rounded up).
                                                                                                                                                                            • Number of network interfaces bound to an ECS node = Number of elastic network interfaces used to bear supplementary network interfaces + Number of supplementary network interfaces currently used by pods + Number of pre-bound supplementary network interfaces
                                                                                                                                                                            • When a pod is created, an available network interface is randomly allocated from the pre-binding network interface pool of the node.
                                                                                                                                                                            • When a pod is deleted, the network interface is released back to the network interface pool of the node.
                                                                                                                                                                            • When a node is deleted, the network interfaces are all released. The elastic network interfaces are released backed to the pool. The supplementary network interfaces are deleted.
                                                                                                                                                                            
+
                                                                                                                                                                            Cloud Native 2.0 networks support dynamic network interface pre-binding policies. The following table lists the scenarios.
                                                                                                                                                                            
+
+
                                                                                                                                                                            
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                            Table 1 Comparison between network interface pre-binding policies
                                                                                                                                                                            Policy
                                                                                                                                                                            
+
                                                                                                                                                                            Dynamic Network Interface Pre-binding Policy (Default)
                                                                                                                                                                            
+
                                                                                                                                                                            Management policy
                                                                                                                                                                            
+
                                                                                                                                                                            nic-minimum-target: minimum number of network interfaces (pre-bound and unused + used) bound to a node.
                                                                                                                                                                            
+
                                                                                                                                                                            nic-maximum-target: If the number of network interfaces bound to a node exceeds the value of this parameter, the system does not proactively pre-bind network interfaces.
                                                                                                                                                                            
+
                                                                                                                                                                            nic-warm-target: minimum number of pre-bound network interfaces on a node.
                                                                                                                                                                            
+
                                                                                                                                                                            nic-max-above-warm-target: Network interfaces are unbound and reclaimed only when the number of idle network interfaces minus the number of nic-warm-target is greater than the threshold.
                                                                                                                                                                            
+
                                                                                                                                                                            Application scenario
                                                                                                                                                                            
+
                                                                                                                                                                            Accelerates pod startup while improving IP resource utilization. This mode applies to scenarios where the number of IP addresses in the container network segment is insufficient.
                                                                                                                                                                            
+
                                                                                                                                                                            
+
                                                                                                                                                                            
+
                                                                                                                                                                            CCE provides four parameters for the dynamic network interface pre-binding policy. Set these parameters properly.
                                                                                                                                                                            
+
+
                                                                                                                                                                            
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                            Table 2 Parameters of the dynamic network interface pre-binding policy
                                                                                                                                                                            Parameter
                                                                                                                                                                            
+
                                                                                                                                                                            Default Value
                                                                                                                                                                            
+
                                                                                                                                                                            Description
                                                                                                                                                                            
+
                                                                                                                                                                            Suggestion
                                                                                                                                                                            
+
                                                                                                                                                                            nic-minimum-target
                                                                                                                                                                            
+
                                                                                                                                                                            10
                                                                                                                                                                            
+
                                                                                                                                                                            Minimum number of network interfaces bound to a node. The value can be a number or a percentage.
                                                                                                                                                                            
+
                                                                                                                                                                            • Value: The value must be a positive integer. For example, 10 indicates that at least 10 network interfaces are bound to a node. If the number you specified exceeds the network interface quota of the node, the network interface quota will be used.
                                                                                                                                                                            • Percentage: The value ranges from 1% to 100%. For example, the value 10% indicates that, if the network interface quota of a node is 128, at least 12 (rounded down) network interfaces must be bound to a node.
                                                                                                                                                                            
+
                                                                                                                                                                            Set both nic-minimum-target and nic-maximum-target to the same value or percentage.
                                                                                                                                                                            
+
                                                                                                                                                                            Set these parameters based on the number of pods.
                                                                                                                                                                            
+
                                                                                                                                                                            nic-maximum-target
                                                                                                                                                                            
+
                                                                                                                                                                            0
                                                                                                                                                                            
+
                                                                                                                                                                            After the number of network interfaces bound to a node exceeds the nic-maximum-target value, CCE will not proactively pre-bind network interfaces.
                                                                                                                                                                            
+
                                                                                                                                                                            Checking the upper limit of pre-bound container network interfaces is enabled only when the value of this parameter is greater than or equal to the minimum number of container network interfaces (nic-minimum-target) bound to a node. The value can be a number or a percentage.
                                                                                                                                                                            
+
                                                                                                                                                                            • Value: The value must be a positive integer. The value 0 indicates that checking the upper limit of pre-bound container network interfaces is disabled. If the number you specified exceeds the network interface quota of the node, the network interface quota will be used.
                                                                                                                                                                            • Percentage: The value ranges from 1% to 100%. For example, a value of 50% means that if a node's network interface quota is 128, the maximum number of pre-bound network interfaces is 64 (rounded down).
                                                                                                                                                                            
+
                                                                                                                                                                            Set both nic-minimum-target and nic-maximum-target to the same value or percentage.
                                                                                                                                                                            
+
                                                                                                                                                                            Set these parameters based on the number of pods.
                                                                                                                                                                            
+
                                                                                                                                                                            nic-warm-target
                                                                                                                                                                            
+
                                                                                                                                                                            2
                                                                                                                                                                            
+
                                                                                                                                                                            Minimum number of pre-bound network interfaces on a node. The value must be a number.
                                                                                                                                                                            
+
                                                                                                                                                                            When the sum of the nic-warm-target value and the number of network interfaces already bound to the node exceeds the nic-maximum-target value, CCE will pre-bind the number of network interfaces specified by the difference between the nic-maximum-target value and the current number of network interfaces bound to the node.
                                                                                                                                                                            
+
                                                                                                                                                                            Set this parameter to the number of pods that can be scaled out instantaneously within 10 seconds.
                                                                                                                                                                            
+
                                                                                                                                                                            nic-max-above-warm-target
                                                                                                                                                                            
+
                                                                                                                                                                            2
                                                                                                                                                                            
+
                                                                                                                                                                            Only when the number of idle network interfaces on a node minus the value of nic-warm-target is greater than the threshold, the pre-bound network interfaces will be unbound and reclaimed. The value can only be a number.
                                                                                                                                                                            
+
                                                                                                                                                                            • A large value will accelerate pod startup but slow down the unbinding of idle container network interfaces and decrease the IP address usage. Exercise caution when performing this operation.
                                                                                                                                                                            • A small value will speed up the unbinding of idle container network interfaces and increase the IP address usage but will slow down pod startup, especially when a large number of pods increase instantaneously.
                                                                                                                                                                            
+
                                                                                                                                                                            Set this parameter based on the difference between the number of pods that are frequently scaled on most nodes within minutes and the number of pods that are instantly scaled out on most nodes within 10 seconds.
                                                                                                                                                                            
+
                                                                                                                                                                            
+
                                                                                                                                                                            
+
                                                                                                                                                                             
                                                                                                                                                                            The preceding parameters support global configuration at the cluster level and custom settings at the node pool level. The latter takes priority over the former.
                                                                                                                                                                            
+
                                                                                                                                                                            
+
                                                                                                                                                                            The container networking component maintains a scalable pre-bound network interface pool for each node. The component checks and calculates the number of pre-bound network interfaces or idle network interfaces every 10 seconds.
                                                                                                                                                                            • Number of pre-bound network interfaces = min(nic-maximum-target – Number of bound network interfaces, max(nic-minimum-target – Number of bound network interfaces, nic-warm-target – Number of idle network interfaces)
                                                                                                                                                                            • Number of network interfaces to be unbound = min(Number of idle network interfaces – nic-warm-target – nic-max-above-warm-target, Number of bound network interfaces – nic-minimum-target)
                                                                                                                                                                            
+
                                                                                                                                                                            
+
                                                                                                                                                                            The number of pre-binding network interfaces on the node remains in the following range:
                                                                                                                                                                            • Minimum number of network interfaces to be pre-bound = min(max(nic-minimum-target – Number of bound network interfaces, nic-warm-target), nic-maximum-target – Number of bound network interfaces)
                                                                                                                                                                            • Maximum number of network interfaces to be pre-bound = max(nic-warm-target + nic-max-above-warm-target, Number of bound network interfaces – nic-minimum-target)
                                                                                                                                                                            
+
                                                                                                                                                                            
+
                                                                                                                                                                            When a pod is created, an idle pre-bound network interface (the earliest unused one) will be preferentially allocated from the pool. If no idle network interface is available, a new network interface will be created or a new supplementary network interface will be bound to the pod.
                                                                                                                                                                            
+
                                                                                                                                                                            When the pod is deleted, the corresponding network interface is released back to the pre-bound network interface pool of the node, enters a 2-minute cooldown period, and can be bound to another pod. If the network interface is not bound to any pod within 2 minutes, it will be released.
                                                                                                                                                                            
+
                                                                                                                                                                            
+
                                                                                                                                                                            Helpful Links
                                                                                                                                                                            
+
                                                                                                                                                                            
 
                                                                                                                                                                          
 
                                                                                                                                                                          
 
                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_10_0285.html b/docs/cce/umn/cce_10_0285.html
index 79c07a9f7..931e7b1b9 100644
--- a/docs/cce/umn/cce_10_0285.html
+++ b/docs/cce/umn/cce_10_0285.html
@@ -7,22 +7,22 @@
 
                                                                                                                                                                          • Group them in different clusters for different environments.
                                                                                                                                                                            Resources cannot be shared among different clusters. In addition, services in different environments can access each other only through load balancing.
                                                                                                                                                                            
 
                                                                                                                                                                          • Group them in different namespaces for different environments.
                                                                                                                                                                            Workloads in the same namespace can be mutually accessed by using the Service name. Cross-namespace access can be implemented by using the Service name or namespace name.
                                                                                                                                                                            
 
                                                                                                                                                                            The following figure shows namespaces created for the development, joint debugging, and testing environments, respectively.
                                                                                                                                                                            
-
                                                                                                                                                                            Figure 1 One namespace for one environment
                                                                                                                                                                            
+
                                                                                                                                                                            Figure 1 One namespace for one environment
                                                                                                                                                                            
 
                                                                                                                                                                          
 
                                                                                                                                                                        • Isolating namespaces by application
                                                                                                                                                                          You are advised to use this method if a large number of workloads are deployed in the same environment. For example, in the following figure, different namespaces (APP1 and APP2) are created to logically manage workloads as different groups. Workloads in the same namespace access each other using the Service name, and workloads in different namespaces access each other using the Service name or namespace name.
                                                                                                                                                                          
-
                                                                                                                                                                          Figure 2 Grouping workloads into different namespaces
                                                                                                                                                                          
+
                                                                                                                                                                          Figure 2 Grouping workloads into different namespaces
                                                                                                                                                                          
 
                                                                                                                                                                        
 
                                                                                                                                                                        
-
                                                                                                                                                                        Managing Namespace Labels
                                                                                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Namespaces.
                                                                                                                                                                        2. Locate the row containing the target namespace and choose More > Manage Label in the Operation column.
                                                                                                                                                                        3. In the dialog box that is displayed, the existing labels of the namespace are displayed. Modify the labels as needed.
                                                                                                                                                                          • Adding a label: Click the add icon, enter the key and value of the label to be added, and click OK.
                                                                                                                                                                            For example, the key is project and the value is cicd, indicating that the namespace is used to deploy CICD.
                                                                                                                                                                            
+
                                                                                                                                                                            Managing Namespace Labels
                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                            2. In the navigation pane, choose Namespaces. Locate the row containing the target namespace and choose More > Manage Labels in the Operation column.
                                                                                                                                                                            3. In the dialog box that is displayed, the existing labels of the namespace are displayed. Modify the labels as needed.
                                                                                                                                                                              • Adding a label: Click the add icon, enter the key and value of the label to be added, and click OK.
                                                                                                                                                                                For example, the key is project and the value is cicd, indicating that the namespace is used to deploy CI/CD.
                                                                                                                                                                                
 
                                                                                                                                                                              • Deleting a label: Click Delete next the label to be deleted and then OK.
                                                                                                                                                                              
 
                                                                                                                                                                            4. Switch to the Manage Label dialog box again and check the modified labels.
                                                                                                                                                                            
 
                                                                                                                                                                            
 
                                                                                                                                                                            Enabling Node Affinity in a Namespace
                                                                                                                                                                            After node affinity is enabled in a namespace, the workloads newly created in the namespace can be scheduled only to nodes with specific labels. For details, see PodNodeSelector.
                                                                                                                                                                            
-
                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Namespaces.
                                                                                                                                                                            2. Locate the target namespace and click  in the Node Affinity column.
                                                                                                                                                                            3. In the displayed dialog box, select Enable and click OK.
                                                                                                                                                                              After node affinity is enabled, new workloads in the current namespace will be scheduled only to nodes with specified labels. For example, in namespace test, the workloads in the namespace can be scheduled only to the node whose label key is kubelet.kubernetes.io/namespace and label value is test.
                                                                                                                                                                              
+
                                                                                                                                                                              1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                              2. In the navigation pane, choose Namespace. Locate the row containing the target namespace and click  in the Node Affinity column.
                                                                                                                                                                              3. In the displayed dialog box, select Enable and click OK.
                                                                                                                                                                                After node affinity is enabled, new workloads in the current namespace will be scheduled only to nodes with specified labels. For example, in namespace test, the workloads in the namespace can be scheduled only to the node whose label key is kubelet.kubernetes.io/namespace and label value is test.
                                                                                                                                                                                
 
                                                                                                                                                                              4. You can add specified labels to a node in Labels and Taints on the Nodes page. For details, see Managing Node Labels.
                                                                                                                                                                              
 
                                                                                                                                                                            
 
                                                                                                                                                                            Deleting a Namespace
                                                                                                                                                                            If a namespace is deleted, all resources (such as workloads, jobs, and ConfigMaps) in this namespace will also be deleted. Exercise caution when deleting a namespace. 
                                                                                                                                                                            
-
                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                            2. Choose Namespaces in the navigation pane. On the displayed page, click More in the row of the target namespace and choose Delete.
                                                                                                                                                                              Follow the prompts to delete the namespace. The default namespaces cannot be deleted.
                                                                                                                                                                              
+
                                                                                                                                                                              1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                              2. Choose Namespaces in the navigation pane. On the displayed page, click More in the row of the target namespace and choose Delete.
                                                                                                                                                                                Follow the prompts to delete the namespace. The default namespaces cannot be deleted.
                                                                                                                                                                                
 
                                                                                                                                                                              
 
                                                                                                                                                                            
 
                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_10_0287.html b/docs/cce/umn/cce_10_0287.html
index ca559bae3..be815a104 100644
--- a/docs/cce/umn/cce_10_0287.html
+++ b/docs/cce/umn/cce_10_0287.html
@@ -73,8 +73,11 @@
 
 
                                                                                                                                                                        
 
                                                                                                                                                                        
-
                                                                                                                                                                        Procedure
                                                                                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                        2. In the navigation pane, click Namespaces.
                                                                                                                                                                        3. Click Quota Management next to the target namespace.
                                                                                                                                                                          This operation cannot be performed on system namespaces kube-system and kube-public.
                                                                                                                                                                          
-
                                                                                                                                                                        4. Configure the resource quotas and click OK.
                                                                                                                                                                           
                                                                                                                                                                          • After configuring CPU and memory quotas for a namespace, you must specify the request and limit values of CPU and memory resources when creating a workload. Otherwise, the workload cannot be created. If the quota of a resource is set to 0, the resource usage is not limited.
                                                                                                                                                                          • Accumulated quota usage includes the resources used by CCE to create default components, such as the Kubernetes Services (which can be viewed using kubectl) created under the default namespace. Therefore, you are advised to set a resource quota greater than expected to reserve resource for creating default components.
                                                                                                                                                                          • Kubernetes provides optimistic concurrency control (OCC), also known as optimistic locking, for frequent data updates. You can use optimistic locking by defining the resourceVersion field. This field is in the object metadata. This field identifies the internal version number of the object. When the object is modified, this field is modified accordingly. You can use kube-apiserver to check whether an object has been modified. When the API server receives an update request containing the resourceVersion field, the server compares the requested data with the resource version number of the server. If they are different, the object on the server has been modified when the update is submitted. In this case, the API server returns a conflict error (409). Obtain the server data, modify the data, and submit the data to the server again. Resource quotas limit the total resource usage of each namespace and maintain a record of resource information in the cluster. Enabling resource quotas may result in more resource creation conflicts in high-concurrency scenarios, which can affect the performance of batch resource creation.
                                                                                                                                                                          
+
                                                                                                                                                                           
                                                                                                                                                                          If a namespace contains multiple ResourceQuota objects, for example, some created via the kubectl command, the lowest value among the configured quotas will be enforced as the actual resource limit.
                                                                                                                                                                          
+
                                                                                                                                                                          This can lead to inconsistent resource configurations, which may impact resource scheduling stability. You are advised to delete unnecessary ResourceQuota objects and configure resource quotas using the console.
                                                                                                                                                                          
+
                                                                                                                                                                          
+
                                                                                                                                                                          Procedure
                                                                                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                          2. In the navigation pane, click Namespaces.
                                                                                                                                                                          3. Click Quota Management next to the target namespace.
                                                                                                                                                                            This operation cannot be performed on system namespaces kube-system and kube-public.
                                                                                                                                                                            
+
                                                                                                                                                                          4. Configure the resource quotas and click OK.
                                                                                                                                                                             
                                                                                                                                                                            • After configuring CPU and memory quotas for a namespace, you must specify the request and limit values of CPU and memory resources when creating a workload. Otherwise, the workload cannot be created.
                                                                                                                                                                            • Accumulated quota usage includes the resources used by CCE to create default components, such as the Kubernetes Services (which can be viewed using kubectl) created under the default namespace. Therefore, you are advised to set a resource quota greater than expected to reserve resource for creating default components.
                                                                                                                                                                            • Kubernetes provides optimistic concurrency control (OCC), also known as optimistic locking, for frequent data updates. You can use optimistic locking by defining the resourceVersion field. This field is in the object metadata. This field identifies the internal version number of the object. When the object is modified, this field is modified accordingly. You can use kube-apiserver to check whether an object has been modified. When the API server receives an update request containing the resourceVersion field, the server compares the requested data with the resource version number of the server. If they are different, the object on the server has been modified when the update is submitted. In this case, the API server returns a conflict error (409). Obtain the server data, modify the data, and submit the data to the server again. Resource quotas limit the total resource usage of each namespace and maintain a record of resource information in the cluster. Enabling resource quotas may result in more resource creation conflicts in high-concurrency scenarios, which can affect the performance of batch resource creation.
                                                                                                                                                                            
 
                                                                                                                                                                            
 
                                                                                                                                                                          
 
                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_10_0288.html b/docs/cce/umn/cce_10_0288.html
index ad23b49a1..ba3876ddd 100644
--- a/docs/cce/umn/cce_10_0288.html
+++ b/docs/cce/umn/cce_10_0288.html
@@ -1,12 +1,12 @@
 
 
 
                                                                                                                                                                          Binding a Security Group to a Workload Using a Security Group Policy
                                                                                                                                                                          
-
                                                                                                                                                                          In Cloud Native Network 2.0, pods use VPC ENIs or sub-ENIs for networking. You can directly bind security groups and EIPs to pods. To bind CCE pods with security groups, CCE provides a custom resource object named SecurityGroup. Using this resource object, you can customize security isolation for workloads.
                                                                                                                                                                          
+
                                                                                                                                                                          In Cloud Native Network 2.0, pods use VPC elastic network interfaces or supplementary network interfaces for networking. You can directly bind security groups and EIPs to pods. To bind CCE pods with security groups, CCE provides a custom resource object named SecurityGroup. Using this resource object, you can customize security isolation for workloads.
                                                                                                                                                                          
 
                                                                                                                                                                           
                                                                                                                                                                          The priority of the security group bound to pods using the security group policy is higher than that of the security group in the NetworkAttachmentDefinition.
                                                                                                                                                                          
 
                                                                                                                                                                          
-
                                                                                                                                                                          Notes and Constraints
                                                                                                                                                                          • This function is supported for CCE Turbo clusters of v1.19 and later. Upgrade your CCE Turbo clusters if their versions are earlier than v1.19.
                                                                                                                                                                          • A workload can be bound to a maximum of five security groups.
                                                                                                                                                                          
+
                                                                                                                                                                          Constraints
                                                                                                                                                                          • This function is supported for CCE Turbo clusters of v1.19 and later. Upgrade your CCE Turbo clusters if their versions are earlier than v1.19.
                                                                                                                                                                          • A workload can be bound to a maximum of five security groups.
                                                                                                                                                                          
 
                                                                                                                                                                          
-
                                                                                                                                                                          Using the Console
                                                                                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                          2. In the navigation pane, choose Workloads. On the displayed page, click the desired workload name.
                                                                                                                                                                          3. Switch to the SecurityGroups tab and click Create.
                                                                                                                                                                            
+
                                                                                                                                                                            Using the CCE Console
                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                            2. In the navigation pane, choose Workloads. On the displayed page, click the desired workload name.
                                                                                                                                                                            3. Switch to the SecurityGroups tab and click Create.
                                                                                                                                                                              
 
                                                                                                                                                                            4. Set the parameters as described in Table 1.
                                                                                                                                                                              
 
                                                                                                                                                                              
@@ -26,7 +26,7 @@
 
-
                                                                                                                                                                              Table 1 Configuration parameters
                                                                                                                                                                              Parameter
                                                                                                                                                                              
 
                                                                                                                                                                              
 
                                                                                                                                                                              Associate Security Group
                                                                                                                                                                              
 
                                                                                                                                                                              The selected security group will be bound to the ENI or supplementary ENI of the selected workload. A maximum of five security groups can be selected from the drop-down list. You must select one or multiple security groups to create a SecurityGroup.
                                                                                                                                                                              
+
                                                                                                                                                                              The selected security group will be bound to the elastic network interface or supplementary network interface of the selected workload. A maximum of five security groups can be selected from the drop-down list. You must select one or multiple security groups.
                                                                                                                                                                              
 
                                                                                                                                                                              If no security group has not been created, click Create Security Group. After the security group is created, click the refresh button.
                                                                                                                                                                              
 
                                                                                                                                                                               NOTICE: 
                                                                                                                                                                              • A maximum of five security groups can be selected.
                                                                                                                                                                              • Hover the cursor on the security group name, and you can obtain details about the security group.
                                                                                                                                                                              
 
                                                                                                                                                                              
@@ -138,7 +138,7 @@ demo                       map[matchLabels:map[app:nginx]]   2m9s
 
 
 
diff --git a/docs/cce/umn/cce_10_0290.html b/docs/cce/umn/cce_10_0290.html
index 199bf2049..eccd9dd99 100644
--- a/docs/cce/umn/cce_10_0290.html
+++ b/docs/cce/umn/cce_10_0290.html
@@ -2,51 +2,51 @@
 
 
                                                                                                                                                                              Workload Scaling Rules
                                                                                                                                                                              
 
                                                                                                                                                                              CCE supports multiple workload scaling modes. Comparisons between the scaling policies are listed in the following table.
-
                                                                                                                                                                              Table 1 Comparisons between auto scaling policies
                                                                                                                                                                              Item
                                                                                                                                                                              
+
                                                                                                                                                                              
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@@ -56,9 +56,9 @@
 
                                                                                                                                                                              How HPA Works
                                                                                                                                                                              HPA is a controller that controls horizontal pod scaling. HPA periodically checks the pod metrics, calculates the number of pods required to meet the target values configured for HPA resources, and then adjusts the value of the replicas field in the target resource object (such as a Deployment).
                                                                                                                                                                              
 
                                                                                                                                                                              A prerequisite for auto scaling is that your container running data can be collected, such as number of cluster nodes/pods, and CPU and memory usage of containers. Kubernetes does not have built-in monitoring capabilities, but you can use extensions like Prometheus and Metrics Server to monitor and collect data.
                                                                                                                                                                              
 
                                                                                                                                                                              • Prometheus is an open-source monitoring and alarming framework that can collect multiple types of metrics. Prometheus has been a standard monitoring solution of Kubernetes.
                                                                                                                                                                              • Metrics Server is a cluster-wide aggregator of resource utilization data. Metrics Server collects metrics from the Summary API exposed by kubelet. These metrics are set for core Kubernetes resources, such as pods, nodes, containers, and Services. Metrics Server provides a set of standard APIs for external systems to collect these metrics.
                                                                                                                                                                              
-
                                                                                                                                                                              HPA can work with Metrics Server for auto scaling based on the CPU and memory usage. It can also work with Prometheus for auto scaling based on custom monitoring metrics.
                                                                                                                                                                              
+
                                                                                                                                                                              HPA can work with Metrics Server for auto scaling based on CPU and memory usages. It can also work with Prometheus for auto scaling based on custom metrics.
                                                                                                                                                                              
 
                                                                                                                                                                              Figure 1 shows how HPA works.
                                                                                                                                                                              
-
                                                                                                                                                                              Figure 1 HPA working process
                                                                                                                                                                              
+
                                                                                                                                                                              Figure 1 HPA working process
                                                                                                                                                                              
 
                                                                                                                                                                              Two core modules of HPA:
                                                                                                                                                                              • Data Source Monitoring
                                                                                                                                                                                The community provided only CPU- and memory-based HPA at the early stage. With the population of Kubernetes and Prometheus, developers need more custom metrics or monitoring information at the access layer for their own applications, for example, the QPS of the load balancer and the number of online users of the website. In response, the community defines a set of standard metric APIs to provide services externally through these aggregated APIs.
                                                                                                                                                                                
@@ -73,10 +73,23 @@
 
                                                                                                                                                                              The HPA performs scaling based on metric thresholds. Common metrics include the CPU and memory usage. You can also set custom metrics, such as the QPS and number of connections, to trigger scaling. However, metric-based scaling brings in latency of minutes generated during data collection, determination, and scaling phases. Such latency may cause high CPU usage and slow response. To solve this problem, CCE allows you to configure scheduled policies to scale resources regularly for applications with periodic changes.
                                                                                                                                                                              
+
                                                                                                                                                                              How CronHPA Works
                                                                                                                                                                              CronHPA is a time-based auto scaling mechanism in Kubernetes. It automatically adjusts the number of pods based on preset rules within a specified period.
                                                                                                                                                                              
+
                                                                                                                                                                              1. User-defined CronHPA CRDs
                                                                                                                                                                                You can define CronHPA CDRs by using Kubernetes YAML files. You can specify the time rule, the lower and upper limits of replicas, and other settings in the YAML files.
                                                                                                                                                                                
+
                                                                                                                                                                              2. CronHPA Controller Monitoring
                                                                                                                                                                                CronHPA Controller periodically checks the current time and the defined cron expression to determine whether scaling is required.
                                                                                                                                                                                
+
                                                                                                                                                                              3. Time Matching
                                                                                                                                                                                If the current time matches the cron expression, CronHPA Controller triggers scaling.
                                                                                                                                                                                
+
                                                                                                                                                                              4. Replica Quantity Adjustment
                                                                                                                                                                                CronHPA Controller calls Kubernetes APIs to adjust the number of replicas of a ReplicaSet, Deployment, or StatefulSet.
                                                                                                                                                                                
+
                                                                                                                                                                              5. Pod Quantity Change
                                                                                                                                                                                The target controller (for example, the Deployment Controller) creates or deletes pods based on the new number of replicas for auto scaling.
                                                                                                                                                                                
+
                                                                                                                                                                              
+
                                                                                                                                                                              
+
                                                                                                                                                                              How AHPA Works
                                                                                                                                                                              AHPA is a more advanced auto scaling policy. It improves the functions and flexibility of the traditional HPA to meet more complex scaling requirements, such as predictive scaling.
                                                                                                                                                                              
+
                                                                                                                                                                              Figure 2 AHPA working process
                                                                                                                                                                              
+
                                                                                                                                                                              The following shows how AHPA works:
                                                                                                                                                                              
+
                                                                                                                                                                              1. Prometheus collects resource usage metrics for Deployments and reports these metrics to AOM for storage.
                                                                                                                                                                              2. The training job periodically reads the metrics of each Deployment from AOM, updates the model, and provides the updated model for the inference job.
                                                                                                                                                                              3. The inference job uses the updated model to adjust the HPA scaling scope or the number of Deployment replicas based on model inference. The default adjustment period is 1 minute.
                                                                                                                                                                              
+
                                                                                                                                                                              
 
                                                                                                                                                                              
-
                                                                                                                                                                              Parent topic: Scaling a Workload
                                                                                                                                                                              
+
                                                                                                                                                                              Parent topic: Workload Scaling
                                                                                                                                                                              
 
                                                                                                                                                                              
 
                                                                                                                                                                              
 
diff --git a/docs/cce/umn/cce_10_0291.html b/docs/cce/umn/cce_10_0291.html
index a4fa849a4..4b0942128 100644
--- a/docs/cce/umn/cce_10_0291.html
+++ b/docs/cce/umn/cce_10_0291.html
@@ -1,6 +1,6 @@
 
 
-
                                                                                                                                                                              Scaling a Node
                                                                                                                                                                              
+
                                                                                                                                                                              Node Scaling
                                                                                                                                                                              
 
                                                                                                                                                                              
@@ -9,7 +9,7 @@
 
 
                                                                                                                                                                            5. Priorities for Scaling Node Pools
                                                                                                                                                                              
 
                                                                                                                                                                              6. 
-
                                                                                                                                                                            6. Creating a Node Scaling Policy
                                                                                                                                                                              
+
                                                                                                                                                                            7. Creating a Node Auto Scaling Policy
                                                                                                                                                                              
 
                                                                                                                                                                              8. 
 
                                                                                                                                                                            8. Managing Node Scaling Policies
                                                                                                                                                                              
 
                                                                                                                                                                              9. 
diff --git a/docs/cce/umn/cce_10_0293.html b/docs/cce/umn/cce_10_0293.html
index 087cdeff1..31be8ffa3 100644
--- a/docs/cce/umn/cce_10_0293.html
+++ b/docs/cce/umn/cce_10_0293.html
@@ -1,6 +1,6 @@
 
 
-
                                                                                                                                                                              Scaling a Workload
                                                                                                                                                                              
+
                                                                                                                                                                              Workload Scaling
                                                                                                                                                                              
 
                                                                                                                                                                              
 
                                                                                                                                                                              
 
                                                                                                                                                                              
diff --git a/docs/cce/umn/cce_10_0296.html b/docs/cce/umn/cce_10_0296.html
index b564a506a..a65e7c561 100644
--- a/docs/cce/umn/cce_10_0296.html
+++ b/docs/cce/umn/cce_10_0296.html
@@ -9,20 +9,20 @@
 
                                                                                                                                                                              • Scale-out: Autoscaler checks all unscheduled pods every 10 seconds and selects a node pool that meets the requirements for scale-out based on the policy you set.
                                                                                                                                                                                 
                                                                                                                                                                                When Autoscaler checks unscheduled pods for scale outs, it uses the scheduling algorithm consistent with the Kubernetes community version for simulated scheduling calculation. If non-built-in kube-schedulers or other non-Kubernetes community scheduling policies are used for application scheduling, when Autoscaler is used to expand the capacity for such applications, the capacity may fail to be expanded or may be expanded more than expected due to inconsistent scheduling algorithms.
                                                                                                                                                                                
 
                                                                                                                                                                                
 
                                                                                                                                                                              • Scale-in: Autoscaler scans all nodes every 10 seconds. If the number of pod requests on a node is less than the custom scale-in threshold (in percentage), Autoscaler will check whether pods on the current node can be migrated to other nodes.
                                                                                                                                                                                When a cluster node is idle for a period of time (10 minutes by default), cluster scale-in is triggered, and the node is automatically deleted. However, a node cannot be deleted from a cluster if the following pods exist:
                                                                                                                                                                                • Pods that do not meet specific requirements set in Pod Disruption Budgets (PodDisruptionBudget)
                                                                                                                                                                                • Pods that cannot be scheduled to other nodes due to constraints such as affinity and anti-affinity policies
                                                                                                                                                                                • Pods that have the cluster-autoscaler.kubernetes.io/safe-to-evict: 'false' annotation
                                                                                                                                                                                • Pods (except those created by DaemonSets in the kube-system namespace) that exist in the kube-system namespace on the node
                                                                                                                                                                                • Pods that are not created by the controller (Deployment/ReplicaSet/job/StatefulSet)
                                                                                                                                                                                
-
                                                                                                                                                                                 
                                                                                                                                                                                When a node meets the scale-in conditions, Autoscaler adds the DeletionCandidateOfClusterAutoscaler taint to the node in advance to prevent pods from being scheduled to the node. After the Autoscaler add-on is uninstalled, if the taint still exists on the node, manually delete it.
                                                                                                                                                                                
+
                                                                                                                                                                                 
                                                                                                                                                                                • When a node meets the scale-in conditions, Autoscaler adds the DeletionCandidateOfClusterAutoscaler taint to the node in advance to prevent pods from being scheduled to the node. After the CCE Cluster Autoscaler add-on is uninstalled, if the taint still exists on the node, manually delete it.
                                                                                                                                                                                • To ensure system stability and efficient resource utilization, CCE Cluster Autoscaler uses a conservative policy. Nodes that are not entirely idle are drained one at a time. When these nodes host pods configured with graceful termination, the draining process can be prolonged. As a result, the overall scale-in process may take more time to complete.
                                                                                                                                                                                
 
                                                                                                                                                                                
 
                                                                                                                                                                                
 
                                                                                                                                                                              
 
                                                                                                                                                                              
 
                                                                                                                                                                              Cluster Autoscaler Architecture
                                                                                                                                                                              Figure 1 shows the Cluster Autoscaler architecture and its core modules.
                                                                                                                                                                              
-
                                                                                                                                                                              Figure 1 Cluster Autoscaler architecture
                                                                                                                                                                              
+
                                                                                                                                                                              Figure 1 Cluster Autoscaler architecture
                                                                                                                                                                              
 
                                                                                                                                                                              Description
                                                                                                                                                                              
 
                                                                                                                                                                              • Estimator: Evaluates the number of nodes to be added to each node pool to host unschedulable pods.
                                                                                                                                                                              • Simulator: Finds the nodes that meet the scale-in conditions in the scale-in scenario.
                                                                                                                                                                              • Expander: Selects an optimal node from the node pool picked out by the Estimator based on the user-defined policy in the scale-out scenario. Table 1 lists the Expander policies.
 
                                                                                                                                                                              Table 1 Comparisons between auto scaling policies
                                                                                                                                                                              Item
                                                                                                                                                                              
 
                                                                                                                                                                              HPA
                                                                                                                                                                              
+
                                                                                                                                                                              HPA
                                                                                                                                                                              
 
                                                                                                                                                                              CronHPA
                                                                                                                                                                              
+
                                                                                                                                                                              CronHPA
                                                                                                                                                                              
 
                                                                                                                                                                              AHPA
                                                                                                                                                                              
+
                                                                                                                                                                              AHPA
                                                                                                                                                                              
                                                                                                                                                                               		
 
                                                                                                                                                                              
 
                                                                                                                                                                              Introduction
                                                                                                                                                                              
+
                                                                                                                                                                              Introduction
                                                                                                                                                                              
 
                                                                                                                                                                              Horizontal Pod Autoscaling
                                                                                                                                                                              
+
                                                                                                                                                                              Horizontal Pod Autoscaling
                                                                                                                                                                              
 
                                                                                                                                                                              Enhanced based on HPA, CronHPA is mainly used if the resource usage of applications changes periodically.
                                                                                                                                                                              
+
                                                                                                                                                                              Enhanced based on HPA, CronHPA is mainly used if the resource usage of applications changes periodically.
                                                                                                                                                                              
 
                                                                                                                                                                              Advanced Horizontal Pod Autoscaler, which performs scaling beforehand based on historical data.
                                                                                                                                                                              
+
                                                                                                                                                                              Advanced Horizontal Pod Autoscaler, which performs scaling beforehand based on historical data.
                                                                                                                                                                              
                                                                                                                                                                               		
 
                                                                                                                                                                              Rule
                                                                                                                                                                              
+
                                                                                                                                                                              Rule
                                                                                                                                                                              
 
                                                                                                                                                                              Scales Deployment pods based on metrics (CPU usage and memory usage).
                                                                                                                                                                              
+
                                                                                                                                                                              Scales Deployment pods based on metrics (CPU usage and memory usage).
                                                                                                                                                                              
 
                                                                                                                                                                              Scales Deployment pods periodically (daily, weekly, monthly, or yearly at a specific time).
                                                                                                                                                                              
+
                                                                                                                                                                              Scales Deployment pods periodically (daily, weekly, monthly, or yearly at a specific time).
                                                                                                                                                                              
 
                                                                                                                                                                              Predicts the resources needed based on the historical usage of container resources (CPU and memory) and automatically scales workload pods beforehand.
                                                                                                                                                                              
+
                                                                                                                                                                              Predicts the resources needed based on the historical usage of container resources (CPU and memory) and automatically scales workload pods beforehand.
                                                                                                                                                                              
                                                                                                                                                                               		
 
                                                                                                                                                                              Enhancement
                                                                                                                                                                              
+
                                                                                                                                                                              Enhancement
                                                                                                                                                                              
 
                                                                                                                                                                              Adds the application-level cooldown time window and scaling threshold functions based on the Kubernetes HPA.
                                                                                                                                                                              
+
                                                                                                                                                                              Adds the application-level cooldown time window and scaling threshold functions based on the Kubernetes HPA.
                                                                                                                                                                              
 
                                                                                                                                                                              Compatible with HPA objects, allowing you to use both CronHPA and HPA.
                                                                                                                                                                              
+
                                                                                                                                                                              Compatible with HPA objects, allowing you to use both CronHPA and HPA.
                                                                                                                                                                              
 
                                                                                                                                                                              • If both CronHPA and HPA are used, CronHPA runs based on HPA and periodically adjusts the number of pods for HPA.
                                                                                                                                                                              • If CronHPA is separately used: CronHPA periodically adjusts the number of pods for workloads.
                                                                                                                                                                              
 
                                                                                                                                                                              Identifies periods of pod scaling and predicts future fluctuations by analyzing historical service metrics. This proactive approach can resolve the issue of delayed scaling in native HPA.
                                                                                                                                                                              
+
                                                                                                                                                                              Identifies periods of pod scaling and predicts future fluctuations by analyzing historical service metrics. This proactive approach can resolve the issue of delayed scaling in native HPA.
                                                                                                                                                                              
                                                                                                                                                                               		
 
                                                                                                                                                                              Usage
                                                                                                                                                                              
+
                                                                                                                                                                              Usage
                                                                                                                                                                              
 
                                                                                                                                                                              Creating an HPA Policy
                                                                                                                                                                              
+
                                                                                                                                                                              Creating an HPA Policy
                                                                                                                                                                              
 
                                                                                                                                                                              Creating a Scheduled CronHPA Policy
                                                                                                                                                                              
+
                                                                                                                                                                              Creating a Scheduled CronHPA Policy
                                                                                                                                                                              
 
                                                                                                                                                                              Creating an AHPA Policy
                                                                                                                                                                              
+
                                                                                                                                                                              Creating an AHPA Policy
                                                                                                                                                                              
                                                                                                                                                                               		
 
                                                                                                                                                                              
                                                                                                                                                                               
 
 
 
 
 
 
 
 
                                                                                                                                                                              
-
-
@@ -30,9 +30,9 @@
 
-
-
-
-
-
-
@@ -64,10 +64,10 @@
 
-
-
-
-
                                                                                                                                                                              Table 1 Expander policies supported by CCE
                                                                                                                                                                              Policy
                                                                                                                                                                              
 
                                                                                                                                                                              Description
                                                                                                                                                                              
+
                                                                                                                                                                              Description
                                                                                                                                                                              
 
                                                                                                                                                                              Application Scenario
                                                                                                                                                                              
+
                                                                                                                                                                              Application Scenario
                                                                                                                                                                              
                                                                                                                                                                               		
 
                                                                                                                                                                              Example
                                                                                                                                                                              
 
                                                                                                                                                                              
 
                                                                                                                                                                              Random
                                                                                                                                                                              
 
                                                                                                                                                                              Randomly selects a schedulable node pool to perform the scale-out.
                                                                                                                                                                              
+
                                                                                                                                                                              Randomly selects a schedulable node pool to perform the scale-out.
                                                                                                                                                                              
 
                                                                                                                                                                              This policy is typically used as a basic backup for other complex policies. Only use this policy if the other policies cannot be used.
                                                                                                                                                                              
+
                                                                                                                                                                              This policy is typically used as a basic backup for other complex policies. Only use this policy if the other policies cannot be used.
                                                                                                                                                                              
                                                                                                                                                                               		
 
                                                                                                                                                                              Assume that auto scaling is enabled for node pools 1 and 2 in the cluster and the scale-out upper limit is not reached. The policy for scaling out the number of pods for a workload is as follows:
                                                                                                                                                                              
 
                                                                                                                                                                              1. Pending pods trigger the Autoscaler to determine the scale-out process.
                                                                                                                                                                              2. Autoscaler simulates the scheduling phase and evaluates that some pending pods can be scheduled to the added nodes in both node pools 1 and 2.
                                                                                                                                                                              3. Autoscaler randomly selects node pool 1 or node pool 2 for scale-out.
                                                                                                                                                                              
@@ -40,10 +40,10 @@
 
                                                                                                                                                                              
 
                                                                                                                                                                              most-pods
                                                                                                                                                                              
 
                                                                                                                                                                              A combined policy. It takes precedence over the random policy.
                                                                                                                                                                              
+
                                                                                                                                                                              A combined policy. It takes precedence over the random policy.
                                                                                                                                                                              
 
                                                                                                                                                                              Preferentially selects the node pool that can schedule the most pods after scale-out. If multiple node pools meet the condition, the random policy is used for further decision-making.
                                                                                                                                                                              
 
                                                                                                                                                                              This policy is based on the maximum number of pods that can be scheduled.
                                                                                                                                                                              
+
                                                                                                                                                                              This policy is based on the maximum number of pods that can be scheduled.
                                                                                                                                                                              
                                                                                                                                                                               		
 
                                                                                                                                                                              Assume that auto scaling is enabled for node pools 1 and 2 in the cluster and the scale-out upper limit is not reached. The policy for scaling out the number of pods for a workload is as follows:
                                                                                                                                                                              
 
                                                                                                                                                                              1. Pending pods trigger the Autoscaler to determine the scale-out process.
                                                                                                                                                                              2. Autoscaler simulates the scheduling phase and evaluates that some pending pods can be scheduled to the added nodes in both node pools 1 and 2.
                                                                                                                                                                              3. Autoscaler evaluates that node pool 1 can schedule 20 new pods and node pool 2 can schedule only 10 new pods after scale-out. Therefore, Autoscaler selects node pool 1 for scale-out.
                                                                                                                                                                              
@@ -51,10 +51,10 @@
 
                                                                                                                                                                              
 
                                                                                                                                                                              least-waste
                                                                                                                                                                              
 
                                                                                                                                                                              A combined policy. It takes precedence over the random policy.
                                                                                                                                                                              
+
                                                                                                                                                                              A combined policy. It takes precedence over the random policy.
                                                                                                                                                                              
 
                                                                                                                                                                              Autoscaler evaluates the overall CPU or memory allocation rate of the node pools and selects the node pool with the minimum CPU or memory waste. If multiple node pools meet the condition, the random policy is used for further decision-making.
                                                                                                                                                                              
 
                                                                                                                                                                              This policy uses the minimum waste score of CPU or memory resources as the selection criteria.
                                                                                                                                                                              
+
                                                                                                                                                                              This policy uses the minimum waste score of CPU or memory resources as the selection criteria.
                                                                                                                                                                              
 
                                                                                                                                                                              The formula for calculating the minimum waste score (wastedScore) is as follows:
                                                                                                                                                                              
 
                                                                                                                                                                              • wastedCPU = (Total number of CPUs of the nodes to be scaled out – Total number of CPUs of the pods to be scheduled)/Total number of CPUs of the nodes to be scaled out
                                                                                                                                                                              • wastedMemory = (Total memory size of nodes to be scaled out – Total memory size of pods to be scheduled)/Total memory size of nodes to be scaled out
                                                                                                                                                                              • wastedScore = wastedCPU + wastedMemory
                                                                                                                                                                              
 
                                                                                                                                                                              
 
                                                                                                                                                                              priority
                                                                                                                                                                              
 
                                                                                                                                                                              A combined policy. The priorities for the policies are as follows: priority > least-waste > random.
                                                                                                                                                                              
+
                                                                                                                                                                              A combined policy. The priorities for the policies are as follows: priority > least-waste > random.
                                                                                                                                                                              
 
                                                                                                                                                                              It is an enhanced least-waste policy configured based on the node pool or scaling group priority. If multiple node pools meet the condition, the least-waste policy is used for further decision-making.
                                                                                                                                                                              
 
                                                                                                                                                                              This policy allows you to configure the priorities of node pools or scaling groups through the console or API, while the least-waste policy can effectively minimize resource waste in various scenarios. The priority policy is used as the default preferred policy thanks to its good universality.
                                                                                                                                                                              
+
                                                                                                                                                                              This policy allows you to configure the priorities of node pools or scaling groups through the console or API, while the least-waste policy can effectively minimize resource waste in various scenarios. The priority policy is used as the default preferred policy thanks to its good universality.
                                                                                                                                                                              
                                                                                                                                                                               		
 
                                                                                                                                                                              Assume that auto scaling is enabled for node pools 1 and 2 in the cluster and the scale-out upper limit is not reached. The policy for scaling out the number of pods for a workload is as follows:
                                                                                                                                                                              
 
                                                                                                                                                                              1. Pending pods trigger the Autoscaler to determine the scale-out process.
                                                                                                                                                                              2. Autoscaler simulates the scheduling phase and evaluates that some pending pods can be scheduled to the added nodes in both node pools 1 and 2.
                                                                                                                                                                              3. Autoscaler evaluates that node pool 1 has a higher priority than node pool 2. Therefore, Autoscaler selects node pool 1 for scale-out.
                                                                                                                                                                              
@@ -75,10 +75,10 @@
 
                                                                                                                                                                              
 
                                                                                                                                                                              priority-ratio
                                                                                                                                                                              
 
                                                                                                                                                                              A combined policy. The priorities for the policies are as follows: priority > priority-ratio > least-waste > random.
                                                                                                                                                                              
+
                                                                                                                                                                              A combined policy. The priorities for the policies are as follows: priority > priority-ratio > least-waste > random.
                                                                                                                                                                              
 
                                                                                                                                                                              If there are multiple node pools with the same priority, evaluate the CPU to memory ratios for the nodes in the cluster. Then compare that ratio, for what was allocated to what had been requested. Finally, you should preferentially select the node pools where these two ratios are the closest.
                                                                                                                                                                              
 
                                                                                                                                                                              This policy is used for rescheduling global resources for pods or nodes (instead of only adding nodes) to reduce the overall resource fragmentation rate of the cluster. Use this policy only in rescheduling scenarios.
                                                                                                                                                                              
+
                                                                                                                                                                              This policy is used for rescheduling global resources for pods or nodes (instead of only adding nodes) to reduce the overall resource fragmentation rate of the cluster. Use this policy only in rescheduling scenarios.
                                                                                                                                                                              
                                                                                                                                                                               		
 
                                                                                                                                                                              Assume that auto scaling is enabled for node pools 1 and 2 in the cluster and the scale-out upper limit is not reached. The policy for scaling out the number of pods for a workload is as follows:
                                                                                                                                                                              
 
                                                                                                                                                                              1. Pending pods trigger the Autoscaler to determine the scale-out process.
                                                                                                                                                                              2. Autoscaler simulates the scheduling phase and evaluates that some pending pods can be scheduled to the added nodes in both node pools 1 and 2.
                                                                                                                                                                              3. Autoscaler determines a preferentially selected node pool and evaluates that the CPU/memory ratio of pods is 1:4. The node flavor in node pool 1 is 2 vCPUs and 8 GiB of memory (the CPU/memory ratio is 1:4), and the node flavor in node pool 2 is 2 vCPUs and 4 GiB of memory (the CPU/memory ratio is 1:2). Therefore, node pool 1 is preferred for this scale-out.
                                                                                                                                                                              
@@ -92,7 +92,7 @@
 
 
                                                                                                                                                                              
 
                                                                                                                                                                              
-
                                                                                                                                                                              Parent topic: Scaling a Node
                                                                                                                                                                              
+
                                                                                                                                                                              Parent topic: Node Scaling
                                                                                                                                                                              
 
                                                                                                                                                                              
 
                                                                                                                                                                              
 
diff --git a/docs/cce/umn/cce_10_0300.html b/docs/cce/umn/cce_10_0300.html
index 4a48944f0..decffb1b0 100644
--- a/docs/cce/umn/cce_10_0300.html
+++ b/docs/cce/umn/cce_10_0300.html
@@ -6,12 +6,13 @@
 
 
                                                                                                                                                                              Solution
                                                                                                                                                                              Two major auto scaling policies are HPA (Horizontal Pod Autoscaling) and CA (Cluster AutoScaling). HPA is for workload auto scaling and CA is for node auto scaling.
                                                                                                                                                                              
 
                                                                                                                                                                              HPA and CA work with each other. HPA requires sufficient cluster resources for successful scaling. When the cluster resources are insufficient, CA is needed to add nodes. If HPA reduces workloads, the cluster will have a large number of idle resources. In this case, CA needs to release nodes to avoid resource waste.
                                                                                                                                                                              
-
                                                                                                                                                                              As shown in Figure 1, HPA performs scale-out based on the monitoring metrics. When cluster resources are insufficient, newly created pods are in Pending state. CA then checks these pending pods and selects the most appropriate node pool based on the configured scaling policy to scale out the node pool. 
                                                                                                                                                                              Figure 1 HPA and CA working flows
                                                                                                                                                                              
+
                                                                                                                                                                              As shown in Figure 1, HPA performs scale-out based on the monitoring metrics. When cluster resources are insufficient, newly created pods are in Pending state. CA then checks these pending pods and selects the most appropriate node pool based on the configured scaling policy to scale out the node pool. 
                                                                                                                                                                              Figure 1 HPA and CA working flows
                                                                                                                                                                              
 
                                                                                                                                                                              
 
                                                                                                                                                                              Using HPA and CA enables automatic scaling for most scenarios while also providing monitoring capabilities.
                                                                                                                                                                              
 
                                                                                                                                                                              This section uses an example to describe the auto scaling process using HPA and CA policies together.
                                                                                                                                                                              
 
                                                                                                                                                                              
-
                                                                                                                                                                              Preparations
                                                                                                                                                                              1. Create a cluster with one node. The node should have 2 cores of vCPUs and 4 GiB of memory, or a higher specification, as well as an EIP to allow external access. If no EIP is bound to the node during node creation, you can manually bind one on the ECS console after creating the node.
                                                                                                                                                                                
+
                                                                                                                                                                                
+
                                                                                                                                                                                Preparations
                                                                                                                                                                                1. Create a cluster with one node. The node should have 2 vCPUs and 4 GiB of memory, or a higher flavor, as well as an EIP to allow external access. If no EIP is bound to the node during node creation, you can manually bind one on the ECS console after creating the node.
                                                                                                                                                                                  
 
                                                                                                                                                                                2. Install add-ons for the cluster.
                                                                                                                                                                                  • autoscaler: node scaling add-on
                                                                                                                                                                                  • metrics-server: an aggregator of resource usage data in a Kubernetes cluster. It can collect measurement data of major Kubernetes resources, such as pods, nodes, containers, and Services.
                                                                                                                                                                                  
 
                                                                                                                                                                                3. Log in to the cluster node and run a computing-intensive application. When a user sends a request, the result needs to be calculated before being returned to the user.
                                                                                                                                                                                  1. Create a PHP file named index.php to calculate the square root of the request for 1,000,000 times before returning OK!.
                                                                                                                                                                                    vi index.php
                                                                                                                                                                                    
 
                                                                                                                                                                                    The file content is as follows:
                                                                                                                                                                                    <?php
@@ -28,8 +29,8 @@ COPY index.php /var/www/html/index.php
 RUN chmod a+rx index.php
                                                                                                                                                                                    
 
                                                                                                                                                                                    
 
                                                                                                                                                                                  2. Run the following command to build an image named hpa-example with the tag latest.
                                                                                                                                                                                    docker build -t hpa-example:latest .
                                                                                                                                                                                    
-
                                                                                                                                                                                  3. (Optional) Log in to the SWR console, choose Organizations in the navigation pane, and click Create Organization in the upper right corner.
                                                                                                                                                                                    Skip this step if you already have an organization.
                                                                                                                                                                                    
-
                                                                                                                                                                                  4. In the navigation pane, choose My Images and then click Upload Through Client. On the page displayed, click Generate a temporary login command and click  to copy the command.
                                                                                                                                                                                  5. Run the login command copied in the previous step on the cluster node. If the login is successful, the message "Login Succeeded" is displayed.
                                                                                                                                                                                  6. Tag the hpa-example image.
                                                                                                                                                                                    docker tag {Image name 1:Tag 1}/{Image repository address}/{Organization name}/{Image name 2:Tag 2}
                                                                                                                                                                                    
+
                                                                                                                                                                                  7. (Optional) Log in to the SWR console, choose Organizations in the navigation pane, and click Create Organization in the upper right corner.
                                                                                                                                                                                    Skip this step if you already have an organization.
                                                                                                                                                                                    
+
                                                                                                                                                                                  8. In the navigation pane, choose My Images and then click Upload Through Client. On the page displayed, click Generate a temporary login command and click  to copy the command.
                                                                                                                                                                                  9. Run the login command copied in the previous step on the cluster node. If the login is successful, the message "Login Succeeded" is displayed.
                                                                                                                                                                                  10. Tag the hpa-example image.
                                                                                                                                                                                    docker tag {Image name 1:Tag 1}/{Image repository address}/{Organization name}/{Image name 2:Tag 2}
                                                                                                                                                                                    
 
                                                                                                                                                                                    • {Image name 1:Tag 1}: name and tag of the local image to be uploaded.
                                                                                                                                                                                    • {Image repository address}: the domain name at the end of the login command in login command. It can be obtained on the SWR console.
                                                                                                                                                                                    • {Organization name}: name of the created organization.
                                                                                                                                                                                    • {Image name 2:Tag 2}: desired image name and tag to be displayed on the SWR console.
                                                                                                                                                                                    
 
                                                                                                                                                                                    The following is an example:
                                                                                                                                                                                    
 
                                                                                                                                                                                    docker tag hpa-example:latest swr.eu-de.otc.t-systems.com/group/hpa-example:latest
                                                                                                                                                                                    
@@ -45,9 +46,9 @@ latest: digest: sha256:eb7e3bbd*** size: **
 
                                                                                                                                                                                  
 
                                                                                                                                                                                
 
                                                                                                                                                                                
-
                                                                                                                                                                                Creating a Node Pool and a Node Scaling Policy
                                                                                                                                                                                1. Log in to the CCE console, access the created cluster, click Nodes on the left, click the Node Pools tab, and click Create Node Pool in the upper right corner.
                                                                                                                                                                                2. Configure the node pool.
                                                                                                                                                                                  • Node Type: Select a node type.
                                                                                                                                                                                  • Specifications: 2 vCPUs | 4 GiB
                                                                                                                                                                                  
+
                                                                                                                                                                                  Creating a Node Pool and a Node Scaling Policy
                                                                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster. In the navigation pane, choose Nodes. In the right pane, click the Node Pools tab and click Create Node Pool in the upper right corner.
                                                                                                                                                                                  2. Configure the node pool.
                                                                                                                                                                                    • Node Type: Select a node type.
                                                                                                                                                                                    • Specifications: 2 vCPUs | 4 GiB
                                                                                                                                                                                    
 
                                                                                                                                                                                    Retain the default values for other parameters. For details, see Creating a Node Pool.
                                                                                                                                                                                    
-
                                                                                                                                                                                  3. Locate the row containing the newly created node pool and click Auto Scaling in the upper right corner. For details, see Creating a Node Scaling Policy.
                                                                                                                                                                                    If the CCE Cluster Autoscaler add-on is not installed in the cluster, install it first. For details, see autoscaler.
                                                                                                                                                                                    • Customize scale-out rules.: Click Add Rule. In the dialog box displayed, configure parameters. If the CPU allocation rate is greater than 70%, a node is added to each associated node pool. A node scaling policy needs to be associated with a node pool. Multiple node pools can be associated. When you need to scale nodes, node with proper specifications will be added or reduced from the node pool based on the minimum waste principle.
                                                                                                                                                                                    • Nodes: Modify the node quantity range. The number of nodes in a node pool will always be within the range during auto scaling.
                                                                                                                                                                                    • Cooldown Period: a period during which the nodes added in the current node pool cannot be scaled in
                                                                                                                                                                                    • Specifications: Configure whether to enable auto scaling for node flavors in a node pool.
                                                                                                                                                                                    
+
                                                                                                                                                                                  4. Locate the row containing the newly created node pool and click Auto Scaling in the upper right corner. For details, see Creating a Node Scaling Policy.
                                                                                                                                                                                    If the CCE Cluster Autoscaler add-on is not installed in the cluster, install it first. For details, see CCE Cluster Autoscaler.
                                                                                                                                                                                    • Customize scale-out rules.: Click Add Rule. In the dialog box displayed, configure parameters. If the CPU allocation rate is greater than 70%, a node is added to each associated node pool. A node scaling policy needs to be associated with a node pool. Multiple node pools can be associated. When you need to scale nodes, node with proper specifications will be added or reduced from the node pool based on the minimum waste principle.
                                                                                                                                                                                    • Nodes: Modify the node quantity range. The number of nodes in a node pool will always be within the range during auto scaling.
                                                                                                                                                                                    • Cooldown Period: a period during which the nodes added in the current node pool cannot be scaled in
                                                                                                                                                                                    • Specifications: Configure whether to enable auto scaling for node flavors in a node pool.
                                                                                                                                                                                    
 
                                                                                                                                                                                    
 
                                                                                                                                                                                  5. Click OK.
                                                                                                                                                                                  
 
                                                                                                                                                                                  
@@ -68,7 +69,7 @@ spec:
     spec:
       containers:
       - name: container-1
-        image: 'hpa-example:latest' # Replace it with the address of the image you uploaded to SWR.
+        image: ''hpa-example:latest'' # Replace it with the address of the image you uploaded to SWR.
         resources:
           limits:                  # The value of limits must be the same as that of requests to prevent flapping during scaling.
             cpu: 500m
@@ -119,7 +120,7 @@ spec:
           averageUtilization: 50
 
                                                                                                                                                                                  Configure the parameters as follows if you are using the console.
                                                                                                                                                                                  
 
                                                                                                                                                                                  
-
                                                                                                                                                                                  
+
                                                                                                                                                                                  
 
                                                                                                                                                                                
 
                                                                                                                                                                                Observing the Auto Scaling Process
                                                                                                                                                                                1. Check the cluster node status. In the following example, there are two nodes.
                                                                                                                                                                                  # kubectl get node
 NAME            STATUS   ROLES    AGE     VERSION
@@ -130,7 +131,7 @@ NAME            STATUS   ROLES    AGE     VERSION
 NAME         REFERENCE                TARGETS   MINPODS   MAXPODS   REPLICAS   AGE
 hpa-policy   Deployment/hpa-example   0%/50%    1         100       1          4m
                                                                                                                                                                                  
 
                                                                                                                                                                                2. Run the following command to access the workload. In the following command, {ip:port} indicates the access address of the workload, which can be queried on the workload details page.
                                                                                                                                                                                  while true;do wget -q -O- http://{ip:port}; done
                                                                                                                                                                                  
-
                                                                                                                                                                                   
                                                                                                                                                                                  If no EIP is displayed, the cluster node has not been assigned any EIP. Allocate one, bind it to the node, and synchronize node data. 
                                                                                                                                                                                  
+
                                                                                                                                                                                   
                                                                                                                                                                                  If no EIP is displayed, the cluster node has not been assigned any EIP. Allocate one, bind it to the node, and synchronize node data.
                                                                                                                                                                                  
 
                                                                                                                                                                                  
 
                                                                                                                                                                                  Observe the scaling process of the workload.
                                                                                                                                                                                  
 
                                                                                                                                                                                  # kubectl get hpa hpa-policy --watch
@@ -210,7 +211,7 @@ Events:
   Normal  SuccessfulRescale  6m45s  horizontal-pod-autoscaler  New size: 3; reason: All metrics below target
   Normal  SuccessfulRescale  90s    horizontal-pod-autoscaler  New size: 1; reason: All metrics below target
                                                                                                                                                                                  
 
                                                                                                                                                                                  You can also view the HPA policy execution history on the console. Wait until the one node is reduced.
                                                                                                                                                                                  
-
                                                                                                                                                                                  The reason why the other two nodes in the node pool are not reduced is that they both have pods in the kube-system namespace, and these pods are not created by DaemonSets. For details about the conditions in which nodes will not be removed, see Node Scaling Mechanisms.
                                                                                                                                                                                  
+
                                                                                                                                                                                  The reason why the other two nodes in the node pool are not reduced is that they both have pods in the kube-system namespace, and these pods are not created by DaemonSets. For details about the conditions in which nodes will not be removed, see Node Scaling Mechanisms.
                                                                                                                                                                                  
 
                                                                                                                                                                                
 
                                                                                                                                                                                
 
                                                                                                                                                                                Summary
                                                                                                                                                                                By using HPA and CA, auto scaling can be effortlessly implemented in various scenarios. Additionally, the scaling process of nodes and pods can be conveniently tracked.
                                                                                                                                                                                
diff --git a/docs/cce/umn/cce_10_0302.html b/docs/cce/umn/cce_10_0302.html
index c5e1c1982..e547ce526 100644
--- a/docs/cce/umn/cce_10_0302.html
+++ b/docs/cce/umn/cce_10_0302.html
@@ -3,12 +3,12 @@
 
                                                                                                                                                                                Before You Start
                                                                                                                                                                                
 
                                                                                                                                                                                Before the upgrade, you can check whether your cluster can be upgraded and which versions are available on the CCE console. For details, see Cluster Upgrade Overview.
                                                                                                                                                                                
 
                                                                                                                                                                                Precautions
                                                                                                                                                                                Before upgrading a cluster, pay attention to the following points:
                                                                                                                                                                                
-
                                                                                                                                                                                • Perform an upgrade during off-peak hours to minimize the impact on your services.
                                                                                                                                                                                • Before upgrading a cluster, learn about the features and differences of each cluster version in Kubernetes Release Notes to prevent exceptions due to the use of an incompatible cluster version. For example, check whether any APIs deprecated in the target version are used in the cluster. Otherwise, calling the APIs may fail after the upgrade. For details, see Deprecated APIs.
                                                                                                                                                                                
+
                                                                                                                                                                                • Perform an upgrade during off-peak hours to minimize the impact on your services.
                                                                                                                                                                                • Before upgrading a cluster, learn about the features and differences of each cluster version in Kubernetes Release Notes to prevent exceptions due to the use of an incompatible cluster version. For example, check whether any APIs deprecated in the target version are used in the cluster. Otherwise, calling the APIs may fail after the upgrade. For details, see Deprecated APIs.
                                                                                                                                                                                • Do not upgrade a cluster within 10 minutes after the cluster configuration is modified on the Settings page. Otherwise, the cluster upgrade may fail due to operation conflicts.
                                                                                                                                                                                
 
                                                                                                                                                                                During a cluster upgrade, pay attention to the following points that may affect your services:
                                                                                                                                                                                
-
                                                                                                                                                                                • During a cluster upgrade, do not perform any operation on the cluster. If you stop, restart, or delete nodes while upgrading the cluster, the upgrade will fail.
                                                                                                                                                                                • Before upgrading a cluster, ensure no high-risk operations are performed in the cluster. Otherwise, the cluster upgrade may fail or the configuration may be lost after the upgrade. Common high-risk operations include modifying cluster node configurations locally and modifying the configurations of the listeners managed by CCE on the ELB console. Instead, modify configurations on the CCE console so that the modifications can be automatically inherited during the upgrade.
                                                                                                                                                                                • During a cluster upgrade, the running workloads will not be interrupted, but access to the API server will be temporarily interrupted.
                                                                                                                                                                                • By default, application scheduling is not restricted during a cluster upgrade. During an upgrade of the following early cluster versions, the node.kubernetes.io/upgrade taint (equivalent to NoSchedule) will be added to the nodes in the cluster and removed after the cluster is upgraded:
                                                                                                                                                                                  • All v1.15 clusters
                                                                                                                                                                                  • All v1.17 clusters
                                                                                                                                                                                  • v1.19 clusters with patch versions earlier than or equal to v1.19.16-r4
                                                                                                                                                                                  • v1.21 clusters with patch versions earlier than or equal to v1.21.7-r0
                                                                                                                                                                                  • v1.23 clusters with patch versions earlier than or equal to v1.23.5-r0
                                                                                                                                                                                  
-
                                                                                                                                                                                • Clusters of version 1.27 or later do not support nodes running EulerOS 2.5 or CentOS 7.7. If a node running EulerOS 2.5 or CentOS 7.7 is used, migrate the node OS to EulerOS release 2.9, Ubuntu 22.04, or HCE OS 2.0 before the cluster upgrade. For details, see Resetting a Node.
                                                                                                                                                                                • During a cluster upgrade, if an add-on is also upgraded and cluster resources are limited, add-on pods can use resources that would otherwise be allocated to service pods. This may result in the eviction of service pods. After the add-on is upgraded, the evicted service pods will automatically recover.
                                                                                                                                                                                
+
                                                                                                                                                                                • During a cluster upgrade, do not perform any operation on the cluster. If you stop, restart, or delete nodes while upgrading the cluster, the upgrade will fail.
                                                                                                                                                                                • Before upgrading a cluster, ensure no high-risk operations are performed in the cluster. Otherwise, the cluster upgrade may fail or the configuration may be lost after the upgrade. Common high-risk operations include modifying cluster node configurations locally and modifying the configurations of the listeners managed by CCE on the ELB console. Instead, modify configurations on the CCE console so that the modifications can be automatically inherited during the upgrade.
                                                                                                                                                                                • During a cluster upgrade, the running workloads will not be interrupted, but access to the API server will be temporarily interrupted.
                                                                                                                                                                                • By default, application scheduling is not restricted during a cluster upgrade. During an upgrade of the following early cluster versions, the node.kubernetes.io/upgrade taint (equivalent to NoSchedule) will be added to the nodes in the cluster and removed after the cluster is upgraded:
                                                                                                                                                                                  • All v1.15 clusters
                                                                                                                                                                                  • All v1.17 clusters
                                                                                                                                                                                  • v1.19 clusters with patch version v1.19.16-r4 or earlier
                                                                                                                                                                                  • v1.21 clusters with patch version v1.21.7-r0 or earlier
                                                                                                                                                                                  • v1.23 clusters with patch version v1.23.5-r0 or earlier
                                                                                                                                                                                  
+
                                                                                                                                                                                • Clusters of version 1.27 or later do not support nodes running EulerOS 2.5 or CentOS 7.7. If a node running EulerOS 2.5 or CentOS 7.7 is used, migrate the node OS to EulerOS release 2.9, Ubuntu 22.04, or HCE OS 2.0 before the cluster upgrade. For details, see Resetting a Node.
                                                                                                                                                                                • During a cluster upgrade, if an add-on is also upgraded and cluster resources are limited, add-on pods can use resources that would otherwise be allocated to service pods. This may result in the eviction of service pods. After the add-on is upgraded, the evicted service pods will automatically recover.
                                                                                                                                                                                • When you upgrade a cluster to v1.28 or later, CCE will create an equal number of new master nodes to gradually replace the old ones. After the upgrade is complete, the IP addresses of the master nodes will change. If you accessed the cluster via master node IP addresses before, use the cluster's unified EIP or private IP address after the upgrade. For details, see Connection information.
                                                                                                                                                                                • During a cluster upgrade, the system automatically edits the /etc/rc.local file. This operation may trigger security program alarms. You can ignore the alarms.
                                                                                                                                                                                
 
                                                                                                                                                                                
-
                                                                                                                                                                                Notes and Constraints
                                                                                                                                                                                • If an error occurred during a cluster upgrade, the cluster can be rolled back using the backup data. If you perform other operations (for example, modifying cluster specifications) after a successful cluster upgrade, the cluster cannot be rolled back using the backup data.
                                                                                                                                                                                • When clusters using the tunnel network model are upgraded to v1.19.16-r4, v1.21.7-r0, v1.23.5-r0, v1.25.1-r0, or later, the SNAT rule whose destination address is the container CIDR block but the source address is not the container CIDR block will be removed. If you have configured VPC routes to directly access all pods outside the cluster, only the pods on the corresponding nodes can be directly accessed after the upgrade.
                                                                                                                                                                                • For more details, see Version Differences.
                                                                                                                                                                                
+
                                                                                                                                                                                Notes and Constraints
                                                                                                                                                                                • If an error occurred during a cluster upgrade, the cluster can be rolled back using the backup data. If you perform other operations (for example, modifying cluster specifications) after a successful cluster upgrade, the cluster cannot be rolled back using the backup data.
                                                                                                                                                                                • When clusters using the tunnel network model are upgraded to v1.19.16-r4, v1.21.7-r0, v1.23.5-r0, v1.25.1-r0, or later, SNAT rules that have a destination address within the pod CIDR block but a source address outside the pod CIDR block will be removed. If you have configured VPC routes to directly access all pods from outside the cluster, only pods on the corresponding nodes will remain directly accessible after the upgrade.
                                                                                                                                                                                • For more details, see Version Differences.
                                                                                                                                                                                
 
                                                                                                                                                                                
 
                                                                                                                                                                                Version Differences
                                                                                                                                                                                
 
                                                                                                                                                                                
-
+
+
+
+
-
@@ -149,30 +156,55 @@
 
                                                                                                                                                                                Deprecated APIs
                                                                                                                                                                                With the evolution of Kubernetes APIs, APIs are periodically reorganized or upgraded, and certain APIs are deprecated and finally deleted. The following tables list the deprecated APIs in each Kubernetes community version. For details about more deprecated APIs, see Deprecated API Migration Guide.
                                                                                                                                                                                
-
+
 
                                                                                                                                                                                 
                                                                                                                                                                                When an API is deprecated, the existing resources are not affected. However, when you create or edit the resources, the API version will be intercepted.
                                                                                                                                                                                
 
                                                                                                                                                                                
 
-
                                                                                                                                                                                Upgrade Path
                                                                                                                                                                                
@@ -19,7 +19,14 @@
                                                                                                                                                                                 		
 
                                                                                                                                                                                
 
                                                                                                                                                                                v1.23 or v1.25
                                                                                                                                                                                
+
                                                                                                                                                                                Upgraded to v1.28, v1.29, v1.30, v1.31, or v1.32
                                                                                                                                                                                
+
                                                                                                                                                                                Pay attention to Kubernetes API changes. For details, see Deprecated APIs.
                                                                                                                                                                                
+
                                                                                                                                                                                Check the API version used in the cluster. Do not use a deprecated API version. Change the API version to the one recommended in Deprecated APIs.
                                                                                                                                                                                
+
                                                                                                                                                                                v1.23 or v1.25
                                                                                                                                                                                
 
                                                                                                                                                                                Upgraded to v1.27
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                Docker is no longer recommended. Use containerd instead. For details, see Container Engines.
                                                                                                                                                                                
@@ -37,7 +44,7 @@
 
                                                                                                                                                                                
 
                                                                                                                                                                                v1.19 to v1.21
                                                                                                                                                                                
 
                                                                                                                                                                                The bug of exec probe timeouts is fixed in Kubernetes 1.21. Before this bug is fixed, the exec probe does not consider the timeoutSeconds field. Instead, the probe will run indefinitely, even beyond its configured deadline. It will stop until the result is returned. If this field is not specified, the default value 1 is used. This field takes effect after the upgrade. If the probe runs over 1 second, the application health check may fail and the application may restart frequently.
                                                                                                                                                                                
+
                                                                                                                                                                                The bug of exec probe timeouts is fixed in Kubernetes v1.21. Before this bug is fixed, the exec probe does not consider the timeoutSeconds field. Instead, the probe will run indefinitely, even beyond its configured deadline. It will stop until the result is returned. If this field is not specified, the default value 1 is used. This field takes effect after the upgrade. If the probe runs over 1 second, the application health check may fail and the application may restart frequently.
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                Before the upgrade, check whether the timeout is properly set for the exec probe.
                                                                                                                                                                                
                                                                                                                                                                                 		
 
 
                                                                                                                                                                                Table 2 APIs deprecated in Kubernetes v1.29
                                                                                                                                                                                Resource
                                                                                                                                                                                
+
                                                                                                                                                                                
-
-
-
-
-
-
+
+
+
+
                                                                                                                                                                                Table 2 APIs deprecated in Kubernetes v1.32
                                                                                                                                                                                Resource
                                                                                                                                                                                
 
                                                                                                                                                                                Deprecated API Version
                                                                                                                                                                                
+
                                                                                                                                                                                Deprecated API Version
                                                                                                                                                                                
 
                                                                                                                                                                                Substitute API Version
                                                                                                                                                                                
+
                                                                                                                                                                                Substitute API Version
                                                                                                                                                                                
 
                                                                                                                                                                                Change Description
                                                                                                                                                                                
+
                                                                                                                                                                                Change Description
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                
 
                                                                                                                                                                                FlowSchema and PriorityLevelConfiguration
                                                                                                                                                                                
+
                                                                                                                                                                                FlowSchema and PriorityLevelConfiguration
                                                                                                                                                                                
 
                                                                                                                                                                                flowcontrol.apiserver.k8s.io/v1beta2
                                                                                                                                                                                
+
                                                                                                                                                                                flowcontrol.apiserver.k8s.io/v1beta3
                                                                                                                                                                                
 
                                                                                                                                                                                flowcontrol.apiserver.k8s.io/v1
                                                                                                                                                                                
+
                                                                                                                                                                                flowcontrol.apiserver.k8s.io/v1
                                                                                                                                                                                
+
                                                                                                                                                                                (This API has been available since v1.29.)
                                                                                                                                                                                
+
                                                                                                                                                                                Significant changes in flowcontrol.apiserver.k8s.io/v1:
                                                                                                                                                                                
+
                                                                                                                                                                                spec.limited.assuredConcurrencyShares of PriorityLevelConfiguration has been renamed spec.limited.nominalConcurrencyShares. The default value is 30 only when it is not specified, and the explicit value 0 does not change to 30.
                                                                                                                                                                                
+
                                                                                                                                                                                
+
                                                                                                                                                                                
+
+
                                                                                                                                                                                
+
+
+
+
+
+
+
+
-
@@ -181,357 +213,357 @@
 
                                                                                                                                                                                Table 3 APIs deprecated in Kubernetes v1.29
                                                                                                                                                                                Resource
                                                                                                                                                                                
+
                                                                                                                                                                                Deprecated API Version
                                                                                                                                                                                
+
                                                                                                                                                                                Substitute API Version
                                                                                                                                                                                
+
                                                                                                                                                                                Change Description
                                                                                                                                                                                
+
                                                                                                                                                                                FlowSchema and PriorityLevelConfiguration
                                                                                                                                                                                
+
                                                                                                                                                                                flowcontrol.apiserver.k8s.io/v1beta2
                                                                                                                                                                                
+
                                                                                                                                                                                flowcontrol.apiserver.k8s.io/v1
                                                                                                                                                                                
 
                                                                                                                                                                                (This API has been available since v1.29.)
                                                                                                                                                                                
 
                                                                                                                                                                                flowcontrol.apiserver.k8s.io/v1beta3
                                                                                                                                                                                
 
                                                                                                                                                                                (This API has been available since v1.26.)
                                                                                                                                                                                
 
                                                                                                                                                                                • Significant changes in flowcontrol.apiserver.k8s.io/v1:
                                                                                                                                                                                  spec.limited.assuredConcurrencyShares of PriorityLevelConfiguration has been renamed spec.limited.nominalConcurrencyShares. The default value is 30 only when it is not specified, and the explicit value 0 does not change to 30.
                                                                                                                                                                                  
+
                                                                                                                                                                                • Significant changes in flowcontrol.apiserver.k8s.io/v1:
                                                                                                                                                                                  spec.limited.assuredConcurrencyShares of PriorityLevelConfiguration has been renamed spec.limited.nominalConcurrencyShares. The default value is 30 only when it is not specified, and the explicit value 0 does not change to 30.
                                                                                                                                                                                  
 
                                                                                                                                                                                • Key changes in flowcontrol.apiserver.k8s.io/v1beta3:
                                                                                                                                                                                  spec.limited.assuredConcurrencyShares of PriorityLevelConfiguration has been renamed spec.limited.nominalConcurrencyShares.
                                                                                                                                                                                  
 
                                                                                                                                                                                
 
                                                                                                                                                                                
 
                                                                                                                                                                                
 
-
                                                                                                                                                                                Table 3 APIs deprecated in Kubernetes v1.27
                                                                                                                                                                                Resource
                                                                                                                                                                                
+
                                                                                                                                                                                
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                                                                                                                                                Table 4 APIs deprecated in Kubernetes v1.27
                                                                                                                                                                                Resource
                                                                                                                                                                                
 
                                                                                                                                                                                Deprecated API Version
                                                                                                                                                                                
+
                                                                                                                                                                                Deprecated API Version
                                                                                                                                                                                
 
                                                                                                                                                                                Substitute API Version
                                                                                                                                                                                
+
                                                                                                                                                                                Substitute API Version
                                                                                                                                                                                
 
                                                                                                                                                                                Change Description
                                                                                                                                                                                
+
                                                                                                                                                                                Change Description
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                
 
                                                                                                                                                                                CSIStorageCapacity
                                                                                                                                                                                
+
                                                                                                                                                                                CSIStorageCapacity
                                                                                                                                                                                
 
                                                                                                                                                                                storage.k8s.io/v1beta1
                                                                                                                                                                                
+
                                                                                                                                                                                storage.k8s.io/v1beta1
                                                                                                                                                                                
 
                                                                                                                                                                                storage.k8s.io/v1
                                                                                                                                                                                
+
                                                                                                                                                                                storage.k8s.io/v1
                                                                                                                                                                                
 
                                                                                                                                                                                (This API has been available since v1.24.)
                                                                                                                                                                                
 
                                                                                                                                                                                None
                                                                                                                                                                                
+
                                                                                                                                                                                None
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                FlowSchema and PriorityLevelConfiguration
                                                                                                                                                                                
+
                                                                                                                                                                                FlowSchema and PriorityLevelConfiguration
                                                                                                                                                                                
 
                                                                                                                                                                                flowcontrol.apiserver.k8s.io/v1beta1
                                                                                                                                                                                
+
                                                                                                                                                                                flowcontrol.apiserver.k8s.io/v1beta1
                                                                                                                                                                                
 
                                                                                                                                                                                flowcontrol.apiserver.k8s.io/v1beta3
                                                                                                                                                                                
+
                                                                                                                                                                                flowcontrol.apiserver.k8s.io/v1beta3
                                                                                                                                                                                
 
                                                                                                                                                                                (This API has been available since v1.26.)
                                                                                                                                                                                
 
                                                                                                                                                                                None
                                                                                                                                                                                
+
                                                                                                                                                                                None
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                HorizontalPodAutoscaler
                                                                                                                                                                                
+
                                                                                                                                                                                HorizontalPodAutoscaler
                                                                                                                                                                                
 
                                                                                                                                                                                autoscaling/v2beta2
                                                                                                                                                                                
+
                                                                                                                                                                                autoscaling/v2beta2
                                                                                                                                                                                
 
                                                                                                                                                                                autoscaling/v2
                                                                                                                                                                                
+
                                                                                                                                                                                autoscaling/v2
                                                                                                                                                                                
 
                                                                                                                                                                                (This API has been available since v1.23.)
                                                                                                                                                                                
 
                                                                                                                                                                                None
                                                                                                                                                                                
+
                                                                                                                                                                                None
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                
                                                                                                                                                                                 
 
                                                                                                                                                                                
 
                                                                                                                                                                                
 
-
                                                                                                                                                                                Table 4 APIs deprecated in Kubernetes v1.25
                                                                                                                                                                                Resource
                                                                                                                                                                                
+
                                                                                                                                                                                
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                                                                                                                                                Table 5 APIs deprecated in Kubernetes v1.25
                                                                                                                                                                                Resource
                                                                                                                                                                                
 
                                                                                                                                                                                Deprecated API Version
                                                                                                                                                                                
+
                                                                                                                                                                                Deprecated API Version
                                                                                                                                                                                
 
                                                                                                                                                                                Substitute API Version
                                                                                                                                                                                
+
                                                                                                                                                                                Substitute API Version
                                                                                                                                                                                
 
                                                                                                                                                                                Change Description
                                                                                                                                                                                
+
                                                                                                                                                                                Change Description
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                
 
                                                                                                                                                                                CronJob
                                                                                                                                                                                
+
                                                                                                                                                                                CronJob
                                                                                                                                                                                
 
                                                                                                                                                                                batch/v1beta1
                                                                                                                                                                                
+
                                                                                                                                                                                batch/v1beta1
                                                                                                                                                                                
 
                                                                                                                                                                                batch/v1
                                                                                                                                                                                
+
                                                                                                                                                                                batch/v1
                                                                                                                                                                                
 
                                                                                                                                                                                (This API has been available since v1.21.)
                                                                                                                                                                                
 
                                                                                                                                                                                None
                                                                                                                                                                                
+
                                                                                                                                                                                None
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                EndpointSlice
                                                                                                                                                                                
+
                                                                                                                                                                                EndpointSlice
                                                                                                                                                                                
 
                                                                                                                                                                                discovery.k8s.io/v1beta1
                                                                                                                                                                                
+
                                                                                                                                                                                discovery.k8s.io/v1beta1
                                                                                                                                                                                
 
                                                                                                                                                                                discovery.k8s.io/v1
                                                                                                                                                                                
+
                                                                                                                                                                                discovery.k8s.io/v1
                                                                                                                                                                                
 
                                                                                                                                                                                (This API has been available since v1.21.)
                                                                                                                                                                                
 
                                                                                                                                                                                Pay attention to the following changes:
                                                                                                                                                                                
+
                                                                                                                                                                                Pay attention to the following changes:
                                                                                                                                                                                
 
                                                                                                                                                                                • In each endpoint, the topology["kubernetes.io/hostname"] field has been deprecated. Replace it with the nodeName field.
                                                                                                                                                                                • In each endpoint, the topology["kubernetes.io/zone"] field has been deprecated. Replace it with the zone field.
                                                                                                                                                                                • The topology field is replaced with deprecatedTopology and cannot be written in v1.
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                Event
                                                                                                                                                                                
+
                                                                                                                                                                                Event
                                                                                                                                                                                
 
                                                                                                                                                                                events.k8s.io/v1beta1
                                                                                                                                                                                
+
                                                                                                                                                                                events.k8s.io/v1beta1
                                                                                                                                                                                
 
                                                                                                                                                                                events.k8s.io/v1
                                                                                                                                                                                
+
                                                                                                                                                                                events.k8s.io/v1
                                                                                                                                                                                
 
                                                                                                                                                                                (This API has been available since v1.19.)
                                                                                                                                                                                
 
                                                                                                                                                                                Pay attention to the following changes:
                                                                                                                                                                                
+
                                                                                                                                                                                Pay attention to the following changes:
                                                                                                                                                                                
 
                                                                                                                                                                                • The type field can only be set to Normal or Warning.
                                                                                                                                                                                • The involvedObject field is renamed regarding.
                                                                                                                                                                                • The action, reason, reportingController, and reportingInstance fields are mandatory for creating a new events.k8s.io/v1 event.
                                                                                                                                                                                • Use eventTime instead of the deprecated firstTimestamp field (this field has been renamed deprecatedFirstTimestamp and is not allowed to appear in the new events.k8s.io/v1 event object).
                                                                                                                                                                                • Use series.lastObservedTime instead of the deprecated lastTimestamp field (this field has been renamed deprecatedLastTimestamp and is not allowed to appear in the new events.k8s.io/v1 event object).
                                                                                                                                                                                • Use series.count instead of the deprecated count field (this field has been renamed deprecatedCount and is not allowed to appear in the new events.k8s.io/v1 event object).
                                                                                                                                                                                • Use reportingController instead of the deprecated source.component field (this field has been renamed deprecatedSource.component and is not allowed to appear in the new events.k8s.io/v1 event object).
                                                                                                                                                                                • Use reportingInstance instead of the deprecated source.host field (this field has been renamed deprecatedSource.host and is not allowed to appear in the new events.k8s.io/v1 event object).
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                HorizontalPodAutoscaler
                                                                                                                                                                                
+
                                                                                                                                                                                HorizontalPodAutoscaler
                                                                                                                                                                                
 
                                                                                                                                                                                autoscaling/v2beta1
                                                                                                                                                                                
+
                                                                                                                                                                                autoscaling/v2beta1
                                                                                                                                                                                
 
                                                                                                                                                                                autoscaling/v2
                                                                                                                                                                                
+
                                                                                                                                                                                autoscaling/v2
                                                                                                                                                                                
 
                                                                                                                                                                                (This API has been available since v1.23.)
                                                                                                                                                                                
 
                                                                                                                                                                                None
                                                                                                                                                                                
+
                                                                                                                                                                                None
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                PodDisruptionBudget
                                                                                                                                                                                
+
                                                                                                                                                                                PodDisruptionBudget
                                                                                                                                                                                
 
                                                                                                                                                                                policy/v1beta1
                                                                                                                                                                                
+
                                                                                                                                                                                policy/v1beta1
                                                                                                                                                                                
 
                                                                                                                                                                                policy/v1
                                                                                                                                                                                
+
                                                                                                                                                                                policy/v1
                                                                                                                                                                                
 
                                                                                                                                                                                (This API has been available since v1.21.)
                                                                                                                                                                                
 
                                                                                                                                                                                If spec.selector is set to null ({}) in PodDisruptionBudget of policy/v1, all pods in the namespace are selected. (In policy/v1beta1, an empty spec.selector means that no pod will be selected.) If spec.selector is not specified, pod will be selected in neither API version.
                                                                                                                                                                                
+
                                                                                                                                                                                If spec.selector is set to null ({}) in PodDisruptionBudget of policy/v1, all pods in the namespace are selected. (In policy/v1beta1, an empty spec.selector means that no pod will be selected.) If spec.selector is not specified, pod will be selected in neither API version.
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                PodSecurityPolicy
                                                                                                                                                                                
+
                                                                                                                                                                                PodSecurityPolicy
                                                                                                                                                                                
 
                                                                                                                                                                                policy/v1beta1
                                                                                                                                                                                
+
                                                                                                                                                                                policy/v1beta1
                                                                                                                                                                                
 
                                                                                                                                                                                None
                                                                                                                                                                                
+
                                                                                                                                                                                None
                                                                                                                                                                                
 
                                                                                                                                                                                Since v1.25, the PodSecurityPolicy resource no longer provides APIs of the policy/v1beta1 version, and the PodSecurityPolicy access controller is deleted.
                                                                                                                                                                                
+
                                                                                                                                                                                Since v1.25, the PodSecurityPolicy resource no longer provides APIs of the policy/v1beta1 version, and the PodSecurityPolicy access controller is deleted.
                                                                                                                                                                                
 
                                                                                                                                                                                Use Pod Security Admission instead.
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                RuntimeClass
                                                                                                                                                                                
+
                                                                                                                                                                                RuntimeClass
                                                                                                                                                                                
 
                                                                                                                                                                                node.k8s.io/v1beta1
                                                                                                                                                                                
+
                                                                                                                                                                                node.k8s.io/v1beta1
                                                                                                                                                                                
 
                                                                                                                                                                                node.k8s.io/v1 (This API has been available since v1.20.)
                                                                                                                                                                                
+
                                                                                                                                                                                node.k8s.io/v1 (This API has been available since v1.20.)
                                                                                                                                                                                
 
                                                                                                                                                                                None
                                                                                                                                                                                
+
                                                                                                                                                                                None
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                
                                                                                                                                                                                 
 
                                                                                                                                                                                
 
                                                                                                                                                                                
 
-
                                                                                                                                                                                
-
diff --git a/docs/cce/umn/cce_10_0351.html b/docs/cce/umn/cce_10_0351.html
index e644fbfe9..b8ba5e3e5 100644
--- a/docs/cce/umn/cce_10_0351.html
+++ b/docs/cce/umn/cce_10_0351.html
@@ -3,18 +3,18 @@
 
                                                                                                                                                                                CPU Policy
                                                                                                                                                                                Application Scenarios
                                                                                                                                                                                By default, kubelet uses CFS quotas to enforce pod CPU limits. When a node runs many CPU-bound pods, the workload can move to different CPU cores depending on whether the pod is throttled and which CPU cores are available at scheduling time. Many workloads are not sensitive to this migration and work fine without any intervention. Some applications are CPU-sensitive. They are sensitive to:
                                                                                                                                                                                
 
                                                                                                                                                                                • CPU throttling
                                                                                                                                                                                • Context switching
                                                                                                                                                                                • Processor cache misses
                                                                                                                                                                                • Cross-socket memory access
                                                                                                                                                                                • Hyperthreads that are expected to run on the same physical CPU card
                                                                                                                                                                                
-
                                                                                                                                                                                If your workloads are sensitive to any of these items, you can use Kubernetes CPU management policies to allocate dedicated CPU cores (through CPU core binding) to these workloads. This will shorten scheduling latency and improve application performance. The CPU manager preferentially allocates resources on a socket and full physical cores to avoid interference.
                                                                                                                                                                                
+
                                                                                                                                                                                If your workloads are sensitive to any of these items, you can use Kubernetes CPU management policies to allocate dedicated CPU cores (through CPU pinning) to these workloads. This will shorten scheduling latency and improve application performance. The CPU manager preferentially allocates resources on a socket and full physical cores to avoid interference.
                                                                                                                                                                                
 
                                                                                                                                                                                A CPU management policy is specified by using kubelet --cpu-manager-policy. By default, Kubernetes supports the following policies:
                                                                                                                                                                                
-
                                                                                                                                                                                • none: the default policy. The none policy explicitly enables the existing default CPU affinity scheme, providing no affinity beyond what the OS scheduler does automatically.
                                                                                                                                                                                • static: The static policy allows containers in guaranteed pods with integer CPU requests to be use dedicated CPU resources on nodes through CPU core binding.
                                                                                                                                                                                
+
                                                                                                                                                                                • none: the default policy. The none policy explicitly enables the existing default CPU affinity scheme, providing no affinity beyond what the OS scheduler does automatically.
                                                                                                                                                                                • static: The static policy allows containers in guaranteed pods with integer CPU requests to be use dedicated CPU resources on nodes through CPU pinning.
                                                                                                                                                                                
 
                                                                                                                                                                                
 
                                                                                                                                                                                Notes and Constraints
                                                                                                                                                                                The CPU management policy does not apply to ECS (PM) nodes in CCE Turbo clusters.
                                                                                                                                                                                
 
                                                                                                                                                                                
 
                                                                                                                                                                                Enabling CPU Management for the Default Node Pool
                                                                                                                                                                                When creating a cluster, you can enable CPU management in Advanced Settings.
                                                                                                                                                                                
-
                                                                                                                                                                                • If this function is enabled, the static Kubernetes policy is used, where CPU core binding is used.
                                                                                                                                                                                • If this function is disabled, the none Kubernetes policy is used, where CPU core binding is not used.
                                                                                                                                                                                
+
                                                                                                                                                                                • If this function is enabled, the static Kubernetes policy is used, where CPU pinning is used.
                                                                                                                                                                                • If this function is disabled, the none Kubernetes policy is used, where CPU pinning is not used.
                                                                                                                                                                                
 
                                                                                                                                                                                
 
                                                                                                                                                                                
 
                                                                                                                                                                                Enabling CPU Management for a Custom Node Pool
                                                                                                                                                                                You can configure a CPU management policy in a custom node pool. After the configuration, the kubelet parameter --cpu-manager-policy will be automatically modified on the node in the node pool.
                                                                                                                                                                                
-
                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                2. Choose Nodes in the navigation pane and click the Node Pools tab on the right. Locate the target node pool and choose More > Manage.
                                                                                                                                                                                3. On the Manage Configurations page, change the cpu-manager-policy value to static in the kubelet area.
                                                                                                                                                                                  
+
                                                                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                  2. Choose Nodes in the navigation pane and click the Node Pools tab on the right. Locate the target node pool and choose More > Manage.
                                                                                                                                                                                  3. On the Manage Configurations page, change the cpu-manager-policy value to static in the kubelet area.
                                                                                                                                                                                    
 
                                                                                                                                                                                  4. Click OK.
                                                                                                                                                                                  
 
                                                                                                                                                                                
 
                                                                                                                                                                                Allowing Pods to Exclusively Use the CPU Resources
                                                                                                                                                                                Prerequisites:
                                                                                                                                                                                
diff --git a/docs/cce/umn/cce_10_0352.html b/docs/cce/umn/cce_10_0352.html
index 8ccedf654..322894506 100644
--- a/docs/cce/umn/cce_10_0352.html
+++ b/docs/cce/umn/cce_10_0352.html
@@ -3,7 +3,7 @@
 
                                                                                                                                                                                Managing Node Taints
                                                                                                                                                                                
 
                                                                                                                                                                                Taints enable a node to repel specific pods to prevent these pods from being scheduled to the node.
                                                                                                                                                                                
 
                                                                                                                                                                                Procedure for Operations Performed on the Console
                                                                                                                                                                                On the CCE console, you can also batch manage nodes' taints.
                                                                                                                                                                                
-
                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                2. In the navigation pane, choose Nodes. On the displayed page, click the Nodes tab, select the target node and click Labels and Taints in the upper left corner.
                                                                                                                                                                                3. In the displayed dialog box, click Add Operation under Batch Operation, and then choose Add/Update or Delete as well as Taint.
                                                                                                                                                                                  Enter the key and value of the taint to be operated, choose a taint effect, and click OK.
                                                                                                                                                                                  
+
                                                                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                  2. In the navigation pane, choose Nodes. On the displayed page, click the Nodes tab, select the target node and click Labels and Taints in the upper left corner.
                                                                                                                                                                                  3. In the displayed dialog box, click Add Operation under Batch Operation, and then choose Add/Update or Delete as well as Taint.
                                                                                                                                                                                    Enter the key and value of the taint to be operated, choose a taint effect, and click OK.
                                                                                                                                                                                    
 
                                                                                                                                                                                  4. After the taint is added, check the added taint in node data.
                                                                                                                                                                                  
 
                                                                                                                                                                                
 
                                                                                                                                                                                Procedure for Operations Performed Through kubectl
                                                                                                                                                                                A taint is a key-value pair associated with an effect. The following effects are available:
                                                                                                                                                                                
@@ -41,7 +41,7 @@ Taints:             <none>
 ...
 
                                                                                                                                                                                
 
                                                                                                                                                                                Configuring a Node Scheduling Policy in One-Click Mode
                                                                                                                                                                                You can configure a node to be unschedulable on the console. Then, CCE will add a taint with key node.kubernetes.io/unschedulable and the NoSchedule setting to the node. After a node is set to be unschedulable, new pods cannot be scheduled to this node, but pods running on the node are not affected.
                                                                                                                                                                                
-
                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                2. In the navigation pane, choose Nodes. On the displayed page, click the Nodes tab.
                                                                                                                                                                                3. In the node list, locate the target node and choose More > Disable Scheduling in the Operation column.
                                                                                                                                                                                4. In the dialog box that is displayed, click Yes to configure the node to be unschedulable.
                                                                                                                                                                                  This operation will add a taint to the node. You can use kubectl to view the content of the taint.
                                                                                                                                                                                  
+
                                                                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                  2. In the navigation pane, choose Nodes. On the displayed page, click the Nodes tab.
                                                                                                                                                                                  3. In the node list, locate the target node and choose More > Disable Scheduling in the Operation column.
                                                                                                                                                                                  4. In the dialog box that is displayed, click Yes to configure the node to be unschedulable.
                                                                                                                                                                                    This operation will add a taint to the node. You can use kubectl to view the content of the taint.
                                                                                                                                                                                    
 
                                                                                                                                                                                    $ kubectl describe node 192.168.10.240
 ...
 Taints:             node.kubernetes.io/unschedulable:NoSchedule
diff --git a/docs/cce/umn/cce_10_0353.html b/docs/cce/umn/cce_10_0353.html
index f83520575..c55144c70 100644
--- a/docs/cce/umn/cce_10_0353.html
+++ b/docs/cce/umn/cce_10_0353.html
@@ -23,7 +23,7 @@ spec:
   imagePullSecrets:                 
   - name: default-secret
                                                                                                                                                                                    
 
                                                                                                                                                                                    An image pull policy can also be configured on the CCE console. When creating a workload, configure Pull Policy. If Always is selected, images are always pulled. If Always is not selected, images are pulled as needed.
                                                                                                                                                                                    
-
                                                                                                                                                                                     
                                                                                                                                                                                    Use a new tag each time you create an image. If you do not update the tag but only update the image, when Pull Policy is set to IfNotPresent, CCE considers that an image with the tag already exists on the current node and will not pull the image again.
                                                                                                                                                                                    
+
                                                                                                                                                                                     
                                                                                                                                                                                    If you do not update the tag when creating an image, CCE considers that the image with that tag already exists on the node. Consequently, if the pull policy is set to IfNotPresent, CCE will not pull the image again. You are advised to use a new tag for each image creation.
                                                                                                                                                                                    
 
                                                                                                                                                                                    
 
                                                                                                                                                                                    
 
                                                                                                                                                                                    
diff --git a/docs/cce/umn/cce_10_0354.html b/docs/cce/umn/cce_10_0354.html
index 2cee3291e..3fb558697 100644
--- a/docs/cce/umn/cce_10_0354.html
+++ b/docs/cce/umn/cce_10_0354.html
@@ -1,10 +1,19 @@
 
 
 
                                                                                                                                                                                    Configuring Time Zone Synchronization
                                                                                                                                                                                    
-
                                                                                                                                                                                    When creating a workload, you can configure containers to use the same time zone as the node. You can enable time zone synchronization when creating a workload.
                                                                                                                                                                                    
-
                                                                                                                                                                                    
-
                                                                                                                                                                                    The time zone synchronization function depends on the local disk (hostPath) mounted to the container. After time zone synchronization is enabled, /etc/localtime of the node is mounted to /etc/localtime of the container in HostPath mode, in this way, the node and container use the same time zone configuration file.
                                                                                                                                                                                    
-
                                                                                                                                                                                    kind: Deployment
+
                                                                                                                                                                                    When creating a workload, you can enable time zone synchronization, so that the container can use the same time zone as the node.
                                                                                                                                                                                    
+
                                                                                                                                                                                    Enabling Time Zone Synchronization in One Click on the Console
                                                                                                                                                                                    1. Log in to the CCE console.
                                                                                                                                                                                    2. Click the cluster name to go to the cluster console, choose Workloads in the navigation pane, and click the Create Workload in the upper right corner.
                                                                                                                                                                                    3. In the Basic Info area of the Create Workload page, enable Time Zone Synchronization so that the same time zone will be used for both the container and node.
                                                                                                                                                                                      
+
                                                                                                                                                                                    4. Complete other settings and click Create Workload.
                                                                                                                                                                                    
+
                                                                                                                                                                                    
+
                                                                                                                                                                                    Manually Mounting a Time Zone Configuration File on the Console
                                                                                                                                                                                    1. Log in to the CCE console.
                                                                                                                                                                                    2. Click the cluster name to go to the cluster console, choose Workloads in the navigation pane, and click the Create Workload in the upper right corner.
                                                                                                                                                                                    3. Click Data Storage in the Container Information area under Container Settings and choose Add Volume > hostPath.
                                                                                                                                                                                      Configure the following parameters:
                                                                                                                                                                                      • hostPath: /etc/localtime
                                                                                                                                                                                      • Mount Path: /etc/localtime
                                                                                                                                                                                      • Permission: Read-only
                                                                                                                                                                                      
+
                                                                                                                                                                                      
+
                                                                                                                                                                                      
+
                                                                                                                                                                                    4. Complete other settings and click Create Workload.
                                                                                                                                                                                    
+
                                                                                                                                                                                    
+
                                                                                                                                                                                    Manually Mounting a Time Zone Configuration File Using YAML
                                                                                                                                                                                    To use time zone synchronization, you need to mount /etc/localtime on the node to /etc/localtime in the container. In this way, the node and container use the same time zone configuration file.
                                                                                                                                                                                    
+
                                                                                                                                                                                    1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                    2. Create a file named nginx-deployment.yaml. The name is only an example. You can rename the file as needed.
                                                                                                                                                                                      vi nginx-deployment.yaml
                                                                                                                                                                                      
+
                                                                                                                                                                                      Example YAML:
                                                                                                                                                                                      
+
                                                                                                                                                                                      kind: Deployment
 apiVersion: apps/v1
 metadata:
   name: test
@@ -20,20 +29,36 @@ spec:
         app: test
     spec:
       volumes:
-        - name: vol-162979628557461404
-          hostPath:
-            path: /etc/localtime
-            type: ''
+        - name: date-config  # Custom volume name.
+          hostPath:   # Mount the time zone configuration file of the node in hostPath mode.
+            path: /etc/localtime  # Path of the time zone configuration file on the node.
       containers:
         - name: container-0
           image: 'nginx:alpine'
           volumeMounts:
-            - name: vol-162979628557461404
-              readOnly: true
-              mountPath: /etc/localtime
+            - name: date-config  # Mount the volume to the container. The volume name must be the same as that you defined.
+              readOnly: true # Mount the volume as read-only.
+              mountPath: /etc/localtime # The path in the container where the node's time zone configuration file is mounted.
           imagePullPolicy: IfNotPresent
       imagePullSecrets:
         - name: default-secret
                                                                                                                                                                                      
+
                                                                                                                                                                                      Press Esc and enter :wq to save the file and exit.
                                                                                                                                                                                      
+
                                                                                                                                                                                    3. Create the workload.
                                                                                                                                                                                      kubectl create -f nginx-deployment.yaml
                                                                                                                                                                                      
+
                                                                                                                                                                                    
+
                                                                                                                                                                                    
+
                                                                                                                                                                                    Verifying that the Container and Node Are in the Same Time Zone
                                                                                                                                                                                    1. Log in to the node and obtain the time zone.
                                                                                                                                                                                      date -R
                                                                                                                                                                                      
+
                                                                                                                                                                                      Information similar to the following is displayed:
                                                                                                                                                                                      
+
                                                                                                                                                                                      Sat, 12 Apr 2025 16:58:47 +0800
                                                                                                                                                                                      
+
                                                                                                                                                                                    2. Check whether the time zone of the container is the same as that of the node.
                                                                                                                                                                                      Obtain the pod name.
                                                                                                                                                                                      
+
                                                                                                                                                                                      kubectl get pod
                                                                                                                                                                                      
+
                                                                                                                                                                                      Access the container. In the command, <pod_name> specifies the pod name obtained in the previous step.
                                                                                                                                                                                      
+
                                                                                                                                                                                      kubectl exec -it <pod_name> -- /bin/bash
                                                                                                                                                                                      
+
                                                                                                                                                                                      Obtain the time zone of the container.
                                                                                                                                                                                      
+
                                                                                                                                                                                      date -R
                                                                                                                                                                                      
+
                                                                                                                                                                                      Information similar to the following is displayed, indicating that the time zone of the container is the same as that of the node:
                                                                                                                                                                                      
+
                                                                                                                                                                                      Sat, 12 Apr 2025 16:59:23 +0800
                                                                                                                                                                                      
+
                                                                                                                                                                                    
+
                                                                                                                                                                                    
 
                                                                                                                                                                                    
 
                                                                                                                                                                                    
 
                                                                                                                                                                                    
diff --git a/docs/cce/umn/cce_10_0355.html b/docs/cce/umn/cce_10_0355.html
index d9329f277..f808f41dc 100644
--- a/docs/cce/umn/cce_10_0355.html
+++ b/docs/cce/umn/cce_10_0355.html
@@ -5,13 +5,14 @@
 
                                                                                                                                                                                    If node-level affinity is configured for a Service (with externalTrafficPolicy set to Local), the Service will forward traffic only to pods on the node that run these pods. When a node or pod accesses another pod in the same cluster, if the node where the client runs does not have the corresponding backend pod, the access may fail.
                                                                                                                                                                                    
 
                                                                                                                                                                                    
 
                                                                                                                                                                                    Solution
                                                                                                                                                                                    CCE supports passthrough networking. You can configure the kubernetes.io/elb.pass-through annotation for the LoadBalancer Service so that the load balancer forwards the intra-cluster access to the IP address of the load balancer associated with the Service to backend pods.
                                                                                                                                                                                    
-
                                                                                                                                                                                    Figure 1 Passthrough networking illustration
                                                                                                                                                                                    
+
                                                                                                                                                                                    Figure 1 Passthrough networking illustration
                                                                                                                                                                                    
 
                                                                                                                                                                                    • CCE clusters
                                                                                                                                                                                      When a LoadBalancer Service is accessed within the cluster, the access is forwarded to the backend pods using iptables/IPVS by default.
                                                                                                                                                                                      
 
                                                                                                                                                                                      When a LoadBalancer Service (configured with elb.pass-through) is accessed within the cluster, the access is first forwarded to the load balancer, then the nodes, and finally to the backend pods using iptables/IPVS.
                                                                                                                                                                                      
-
                                                                                                                                                                                    • CCE Turbo clusters
                                                                                                                                                                                      When a client accesses a LoadBalancer Service from within the cluster, passthrough is used by default. In this case, the client directly accesses the load balancer private network IP address and then access a container through the load balancer.
                                                                                                                                                                                      
+
                                                                                                                                                                                    • CCE Turbo clusters
                                                                                                                                                                                      If a node accesses a LoadBalancer Service from within the cluster, the request will be forwarded to the backend containers based on the service forwarding rule (iptables or IPVS) by default.
                                                                                                                                                                                      
+
                                                                                                                                                                                      If a container accesses a LoadBalancer Service from within the cluster, passthrough will be used by default. The client will access the private network IP address of the load balancer and then directly access containers through the load balancer.
                                                                                                                                                                                      
 
                                                                                                                                                                                    
 
                                                                                                                                                                                    
-
                                                                                                                                                                                    Notes and Constraints
                                                                                                                                                                                    • In a CCE standard cluster, after passthrough networking is configured for a dedicated load balancer, the private IP address of the load balancer cannot be accessed from the node where the workload pod resides or other containers on the same node as the workload.
                                                                                                                                                                                    • Passthrough networking is not supported for clusters of  or earlier.
                                                                                                                                                                                    • In IPVS network mode, the passthrough settings of Services connected to the same load balancer must be the same.
                                                                                                                                                                                    • If node-level (local) service affinity is used, kubernetes.io/elb.pass-through is automatically set to onlyLocal to enable pass-through.
                                                                                                                                                                                    
+
                                                                                                                                                                                    Notes and Constraints
                                                                                                                                                                                    • In a CCE standard cluster, after passthrough networking is configured using a dedicated load balancer, the private IP address of the load balancer cannot be accessed from the node where the workload pod resides or other pods on the same node as the workload.
                                                                                                                                                                                    • Passthrough networking is not supported for clusters of v1.15 or earlier.
                                                                                                                                                                                    • In IPVS network mode, the passthrough settings of Services connected to the same load balancer must be the same.
                                                                                                                                                                                    • If node-level (local) service affinity is used, kubernetes.io/elb.pass-through is automatically set to onlyLocal to enable pass-through.
                                                                                                                                                                                    
 
                                                                                                                                                                                    
 
                                                                                                                                                                                    Procedure
                                                                                                                                                                                    This section describes how to create a Deployment using an Nginx image and create a Service with passthrough networking enabled.
                                                                                                                                                                                    
 
                                                                                                                                                                                    1. Use the kubectl command line tool to connect to the cluster. 
                                                                                                                                                                                    2. Use the Nginx image to create a Deployment.
                                                                                                                                                                                      Create an nginx-deployment.yaml file. The file content is as follows:
                                                                                                                                                                                      
@@ -67,14 +68,14 @@ spec:
 
                                                                                                                                                                                    3. Run the following command to create the Service:
                                                                                                                                                                                      kubectl create -f nginx-elb-svc.yaml
                                                                                                                                                                                      
 
                                                                                                                                                                                    
 
                                                                                                                                                                                    
-
                                                                                                                                                                                    Verification
                                                                                                                                                                                    1. Log in to the ELB console and check the load balancer (named james in this example) associated with the Service.
                                                                                                                                                                                    2. Click the load balancer name and click the Monitoring tab.
                                                                                                                                                                                      There is 0 connections to the load balancer.
                                                                                                                                                                                      
+
                                                                                                                                                                                      Verification
                                                                                                                                                                                      1. Log in to the ELB console and check the load balancer (named james in this example) associated with the Service.
                                                                                                                                                                                      2. Click the load balancer name and click the Monitoring tab.
                                                                                                                                                                                        There is 0 connections to the load balancer.
                                                                                                                                                                                        
 
                                                                                                                                                                                        
 
                                                                                                                                                                                      3. Log in to an Nginx container in the cluster using kubectl and access the IP address of the load balancer.
                                                                                                                                                                                        1. Obtain the Nginx containers in the cluster.
                                                                                                                                                                                          kubectl get pod
                                                                                                                                                                                          
 
                                                                                                                                                                                          Information similar to the following is displayed:
                                                                                                                                                                                          NAME                     READY   STATUS    RESTARTS   AGE
 nginx-7c4c5cc6b5-vpncx   1/1     Running   0          9m47s
 nginx-7c4c5cc6b5-xj5wl   1/1     Running   0          9m47s
                                                                                                                                                                                          
 
                                                                                                                                                                                          
-
                                                                                                                                                                                        2. Log in to an Nginx container container.
                                                                                                                                                                                          kubectl exec -it nginx-7c4c5cc6b5-vpncx -- /bin/sh
                                                                                                                                                                                          
+
                                                                                                                                                                                        3. Log in to an Nginx container.
                                                                                                                                                                                          kubectl exec -it nginx-7c4c5cc6b5-vpncx -- /bin/sh
                                                                                                                                                                                          
 
                                                                                                                                                                                        4. Access the load balancer IP address.
                                                                                                                                                                                          curl **.**.**.**
                                                                                                                                                                                          
 
                                                                                                                                                                                        
 
                                                                                                                                                                                      4. Wait for a while and check the monitoring data on the ELB console.
                                                                                                                                                                                        If a new access connection is displayed, the access is forwarded by the load balancer as expected.
                                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_10_0359.html b/docs/cce/umn/cce_10_0359.html
index a4e39a336..79a6eb6ba 100644
--- a/docs/cce/umn/cce_10_0359.html
+++ b/docs/cce/umn/cce_10_0359.html
@@ -8,16 +8,20 @@
 
 
 
diff --git a/docs/cce/umn/cce_10_0360.html b/docs/cce/umn/cce_10_0360.html
index 24ef2146b..f129c836a 100644
--- a/docs/cce/umn/cce_10_0360.html
+++ b/docs/cce/umn/cce_10_0360.html
@@ -1,6 +1,6 @@
 
 
-
                                                                                                                                                                                        Overview
                                                                                                                                                                                        
+
                                                                                                                                                                                        DNS Overview
                                                                                                                                                                                        
 
                                                                                                                                                                                        Introduction to CoreDNS
                                                                                                                                                                                        When you create a cluster, the CoreDNS add-on is installed to resolve domain names in the cluster.
                                                                                                                                                                                        
 
                                                                                                                                                                                        You can view the pod of the CoreDNS add-on in the kube-system namespace.
                                                                                                                                                                                        
 
                                                                                                                                                                                        $ kubectl get po --namespace=kube-system
@@ -21,10 +21,10 @@ nameserver 10.247.3.10
 search default.svc.cluster.local svc.cluster.local cluster.local
 options ndots:5 timeout single-request-reopen
                                                                                                                                                                                        
 
                                                                                                                                                                                        When a user accesses the Service name:Port of the Nginx pod, the IP address of the Nginx Service is resolved from CoreDNS, and then the IP address of the Nginx Service is accessed. In this way, the user can access the backend Nginx pod.
                                                                                                                                                                                        
-
                                                                                                                                                                                        Figure 1 Example of domain name resolution in a cluster
                                                                                                                                                                                        
+
                                                                                                                                                                                        Figure 1 Example of domain name resolution in a cluster
                                                                                                                                                                                        
 
                                                                                                                                                                                        
 
                                                                                                                                                                                        How Does Domain Name Resolution Work in Kubernetes?
                                                                                                                                                                                        DNS policies can be configured for each pod. Kubernetes supports DNS policies Default, ClusterFirst, ClusterFirstWithHostNet, and None. For details, see DNS for Services and Pods. These policies are specified in the dnsPolicy field in the pod-specific.
                                                                                                                                                                                        
-
                                                                                                                                                                                        • Default: Pods inherit the name resolution configuration from the node that the pods run on. The custom upstream DNS server and the stub domain cannot be used together with this policy.
                                                                                                                                                                                        • ClusterFirst: Any DNS query that does not match the configured cluster domain suffix, such as www.kubernetes.io, is forwarded to the upstream name server inherited from the node. Cluster administrators may have extra stub domains and upstream DNS servers configured. 
                                                                                                                                                                                        • ClusterFirstWithHostNet: For pods running with hostNetwork, set its DNS policy ClusterFirstWithHostNet.
                                                                                                                                                                                        • None: It allows a pod to ignore DNS settings from the Kubernetes environment. All DNS settings are supposed to be provided using the dnsPolicy field in the pod-specific.
                                                                                                                                                                                        
+
                                                                                                                                                                                        • Default: Pods inherit the name resolution configuration from the node that the pods run on. The custom upstream DNS server and the stub domain cannot be used together with this policy.
                                                                                                                                                                                        • ClusterFirst: Any DNS query that does not match the configured cluster domain suffix, such as www.kubernetes.io, is forwarded to the upstream name server inherited from the node. Cluster administrators may have extra stub domains and upstream DNS servers configured. 
                                                                                                                                                                                        • ClusterFirstWithHostNet: For pods running with hostNetwork, set its DNS policy ClusterFirstWithHostNet.
                                                                                                                                                                                        • None: It allows a pod to ignore DNS settings from the Kubernetes environment. All DNS settings should be provided using the dnsPolicy field in dnsConfigPod.
                                                                                                                                                                                        
 
                                                                                                                                                                                         
                                                                                                                                                                                        • Clusters of Kubernetes v1.10 and later support Default, ClusterFirst, ClusterFirstWithHostNet, and None. Clusters earlier than Kubernetes v1.10 support only Default, ClusterFirst, and ClusterFirstWithHostNet.
                                                                                                                                                                                        • Default is not the default DNS policy. If dnsPolicy is not explicitly specified, ClusterFirst is used.
                                                                                                                                                                                        
 
                                                                                                                                                                                        
 
                                                                                                                                                                                        Routing
                                                                                                                                                                                        
@@ -33,9 +33,9 @@ options ndots:5 timeout single-request-reopen
                                                                                                                                                                                    
 
                                                                                                                                                                                    1. The query is first sent to the DNS caching layer in CoreDNS.
                                                                                                                                                                                    2. From the caching layer, the suffix of the request is examined and then the request is forwarded to the corresponding DNS:
                                                                                                                                                                                      • Names with the cluster suffix, for example, .cluster.local: The request is sent to CoreDNS.
                                                                                                                                                                                      
 
                                                                                                                                                                                      • Names with the stub domain suffix, for example, .acme.local: The request is sent to the configured custom DNS resolver that listens, for example, on 1.2.3.4.
                                                                                                                                                                                      • Names that do not match the suffix (for example, widget.com): The request is forwarded to the upstream DNS.
                                                                                                                                                                                      
 
                                                                                                                                                                                    
-
                                                                                                                                                                                    Figure 2 Routing
                                                                                                                                                                                    
+
                                                                                                                                                                                    Figure 2 Routing
                                                                                                                                                                                    
 
                                                                                                                                                                                    
-
                                                                                                                                                                                    Related Operations
                                                                                                                                                                                    You can also configure DNS in a workload. For details, see DNS Configuration.
                                                                                                                                                                                    
+
                                                                                                                                                                                    Helpful Links
                                                                                                                                                                                    You can also configure DNS in a workload. For details, see DNS Configuration.
                                                                                                                                                                                    
 
                                                                                                                                                                                    You can also use CoreDNS to implement user-defined domain name resolution. For details, see Using CoreDNS for Custom Domain Name Resolution.
                                                                                                                                                                                    
 
                                                                                                                                                                                    
 
                                                                                                                                                                                    
diff --git a/docs/cce/umn/cce_10_0361.html b/docs/cce/umn/cce_10_0361.html
index 48604e6ba..2afe55b2b 100644
--- a/docs/cce/umn/cce_10_0361.html
+++ b/docs/cce/umn/cce_10_0361.html
@@ -11,7 +11,7 @@
 
                                                                                                                                                                                    
 
                                                                                                                                                                                    Configuring the Stub Domain for CoreDNS
                                                                                                                                                                                    Cluster administrators can modify the ConfigMap for the CoreDNS Corefile to change how service discovery works.
                                                                                                                                                                                    
 
                                                                                                                                                                                    Assume that a cluster administrator has a Consul DNS server located at 10.150.0.1 and all Consul domain names have the suffix .consul.local.
                                                                                                                                                                                    
-
                                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                    2. In the navigation pane, choose Add-ons. Then, click Edit under CoreDNS.
                                                                                                                                                                                    3. Add a stub domain in the Parameters area. The format is a key-value pair. The key is a DNS suffix domain name, and the value is a DNS IP address or a group of DNS IP addresses, for example, consul.local -- 10.150.0.1.
                                                                                                                                                                                      Corefile:
                                                                                                                                                                                      .:5353 {
+
                                                                                                                                                                                      1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                      2. In the navigation pane, choose Add-ons. Then, click Edit under CoreDNS.
                                                                                                                                                                                      3. Add a stub domain in the Parameters area. The format is a key-value pair. The key is a DNS suffix domain name, and the value is a DNS IP address or a group of DNS IP addresses, for example, consul.local -- 10.150.0.1.
                                                                                                                                                                                        Corefile:
                                                                                                                                                                                        .:5353 {
     bind {$POD_IP}
     cache 30 {
         servfail 5s
@@ -40,7 +40,7 @@
 
                                                                                                                                                                                      4. Click OK.
                                                                                                                                                                                      5. Choose ConfigMaps and Secrets in the navigation pane, select the kube-system namespace, and view the ConfigMap data of coredns to check whether the update is successful.
                                                                                                                                                                                      
 
                                                                                                                                                                                      
 
                                                                                                                                                                                      Modifying the CoreDNS Hosts Configuration File
                                                                                                                                                                                      After modifying the hosts file in CoreDNS, you do not need to configure the hosts file in each pod to add resolution records.
                                                                                                                                                                                      
-
                                                                                                                                                                                      1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                      2. In the navigation pane, choose Add-ons. Then, click Edit under CoreDNS.
                                                                                                                                                                                      3. Edit extended parameters in Parameters and add the following content to the plugins field:
                                                                                                                                                                                        {
+
                                                                                                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                        2. In the navigation pane, choose Add-ons. Then, click Edit under CoreDNS.
                                                                                                                                                                                        3. Edit extended parameters in Parameters and add the following content to the plugins field:
                                                                                                                                                                                          {
   "configBlock": "192.168.1.1 www.example.com\nfallthrough",
   "name": "hosts"
 }
                                                                                                                                                                                          
@@ -72,7 +72,7 @@
 
                                                                                                                                                                                        4. Click OK.
                                                                                                                                                                                        5. Choose ConfigMaps and Secrets in the navigation pane, select the kube-system namespace, and view the ConfigMap data of coredns to check whether the update is successful.
                                                                                                                                                                                        
 
                                                                                                                                                                                      
 
                                                                                                                                                                                      Adding the CoreDNS Rewrite Configuration to Point the Domain Name to ClusterIP Services
                                                                                                                                                                                      Use the Rewrite plug-in of CoreDNS to resolve a specified domain name to the domain name of a Service. For example, the request for accessing the example.com domain name is redirected to the example.default.svc.cluster.local domain name, that is, the example service in the default namespace.
                                                                                                                                                                                      
-
                                                                                                                                                                                      1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                      2. In the navigation pane, choose Add-ons. Then, click Edit under CoreDNS.
                                                                                                                                                                                      3. Edit extended parameters in Parameters and add the following content to the plugins field:
                                                                                                                                                                                        {
+
                                                                                                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                        2. In the navigation pane, choose Add-ons. Then, click Edit under CoreDNS.
                                                                                                                                                                                        3. Edit extended parameters in Parameters and add the following content to the plugins field:
                                                                                                                                                                                          {
    "name": "rewrite",
    "parameters": "name example.com example.default.svc.cluster.local"
 }
                                                                                                                                                                                          
@@ -97,8 +97,8 @@
 
                                                                                                                                                                                      
 
                                                                                                                                                                                    4. Click OK.
                                                                                                                                                                                    5. Choose ConfigMaps and Secrets in the navigation pane, select the kube-system namespace, and view the ConfigMap data of coredns to check whether the update is successful.
                                                                                                                                                                                    
 
                                                                                                                                                                                    
-
                                                                                                                                                                                    Using CoreDNS to Cascade On-premises DNS
                                                                                                                                                                                    If the domain name is not in the Kubernetes domain, CoreDNS will use the /etc/resolv.conf file of the node for resolution by default. You can also change the resolution address to that of the external DNS.
                                                                                                                                                                                    
-
                                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                    2. In the navigation pane, choose Add-ons. Then, click Edit under CoreDNS.
                                                                                                                                                                                    3. Edit extended parameters in Parameters and modify the following content in the plugins field:
                                                                                                                                                                                      {
+
                                                                                                                                                                                      Using CoreDNS Forward to Configure Your Custom-built DNS as the Upstream DNS
                                                                                                                                                                                      If the domain name is not in the Kubernetes domain, CoreDNS will use the /etc/resolv.conf file of the node for resolution by default. You can also change the resolution address to that of the external DNS.
                                                                                                                                                                                      
+
                                                                                                                                                                                      1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                      2. In the navigation pane, choose Add-ons. Then, click Edit under CoreDNS.
                                                                                                                                                                                      3. Edit extended parameters in Parameters and modify the following content in the plugins field:
                                                                                                                                                                                        {
     "configBlock": "policy random",
     "name": "forward",
     "parameters": ". 192.168.1.1"
diff --git a/docs/cce/umn/cce_10_0362.html b/docs/cce/umn/cce_10_0362.html
new file mode 100644
index 000000000..6553de509
--- /dev/null
+++ b/docs/cce/umn/cce_10_0362.html
@@ -0,0 +1,143 @@
+
+
+
                                                                                                                                                                                        Using NodeLocal DNSCache to Improve DNS Performance
                                                                                                                                                                                        
+
                                                                                                                                                                                        Challenges
                                                                                                                                                                                        When the number of DNS requests in a cluster increases, the load of CoreDNS increases and the following issues may occur:
                                                                                                                                                                                        
+
                                                                                                                                                                                        • Increased delay: CoreDNS needs to process more requests, which may slow down the DNS query and affect service performance.
                                                                                                                                                                                        • Increased resource usage: To ensure DNS performance, CoreDNS requires higher specifications.
                                                                                                                                                                                        
+
                                                                                                                                                                                        
+
                                                                                                                                                                                        Solution
                                                                                                                                                                                        To minimize the impact of DNS delay, deploy NodeLocal DNSCache in the cluster to improve the networking stability and performance. NodeLocal DNSCache runs a DNS cache proxy on cluster nodes. All pods with DNS configurations use the DNS cache proxy running on nodes instead of the CoreDNS service for domain name resolution. This reduces CoreDNS' load and improves the cluster DNS performance.
                                                                                                                                                                                        
+
                                                                                                                                                                                        After NodeLocal DNSCache is enabled, a DNS query goes through the path as shown below.
                                                                                                                                                                                        
+
                                                                                                                                                                                        Figure 1 NodeLocal DNSCache query path
                                                                                                                                                                                        
+
                                                                                                                                                                                        The resolution rules are as follows:
                                                                                                                                                                                        • 1. By default, the pods with DNSConfig injected use NodeLocal DNSCache to resolve requested domain names.
                                                                                                                                                                                        • 2. If NodeLocal DNSCache cannot resolve domain names, it will ask CoreDNS for resolution.
                                                                                                                                                                                        • 3. CoreDNS uses the DNS server in the VPC to resolve the domain names out of the cluster.
                                                                                                                                                                                        • 4. If a pod with DNSConfig injected cannot access NodeLocal DNSCache, CoreDNS will resolve the domain name.
                                                                                                                                                                                        • 5. By default, CoreDNS resolves domain names for the pods without DNSConfig injected.
                                                                                                                                                                                        
+
                                                                                                                                                                                        
+
                                                                                                                                                                                        
+
                                                                                                                                                                                        Notes and Constraints
                                                                                                                                                                                        
+
                                                                                                                                                                                        
+
                                                                                                                                                                                        Installing the Add-on
                                                                                                                                                                                        CCE provides add-on NodeLocal DNSCache that simplifies the installation of NodeLocal DNSCache.
                                                                                                                                                                                        
+
                                                                                                                                                                                         
                                                                                                                                                                                        NodeLocal DNSCache serves as a transparent caching proxy for CoreDNS and does not provide plug-ins such as hosts or rewrite. If you want to enable these plug-ins, modify the CoreDNS configurations.
                                                                                                                                                                                        
+
                                                                                                                                                                                        
+
                                                                                                                                                                                        1. (Optional) Modify the CoreDNS configuration so that the CoreDNS preferentially uses UDP to communicate with the upstream DNS server.
                                                                                                                                                                                          The NodeLocal DNSCache uses TCP to communicate with the CoreDNS. The CoreDNS communicates with the upstream DNS server based on the protocol used by the request source. However, the cloud server does not support TCP. To use NodeLocal DNSCache, modify the CoreDNS configuration so that UDP is preferentially used to communicate with the upstream DNS server, preventing resolution exceptions.
                                                                                                                                                                                          
+
                                                                                                                                                                                          To configure CoreDNS to prefer UDP for upstream communication in the forward add-on, you need to add the prefer_udp option in the CoreDNS configuration file. To do so, perform the following operations:
                                                                                                                                                                                          
+
                                                                                                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                          2. In the navigation pane, choose Add-ons. Then, click Edit under CoreDNS.
                                                                                                                                                                                          3. Edit the advanced configuration under Parameters and modify the following content in the plugins field:
                                                                                                                                                                                            {
+    "configBlock": "prefer_udp",
+    "name": "forward",
+    "parameters": ". /etc/resolv.conf"
+}
                                                                                                                                                                                            
+
                                                                                                                                                                                            Corefile:
                                                                                                                                                                                            Corefile: |-
+  .:5353 {
+      bind {$POD_IP}
+      cache 30 {
+          servfail 5s
+      }
+      errors
+      health {$POD_IP}:8080
+      kubernetes cluster.local in-addr.arpa ip6.arpa {
+          pods insecure
+          fallthrough in-addr.arpa ip6.arpa
+      }
+      loadbalance round_robin
+      prometheus {$POD_IP}:9153
+      forward . /etc/resolv.conf {
+          prefer_udp
+      }
+      reload
+      ready {$POD_IP}:8081
+  }
                                                                                                                                                                                            
+
                                                                                                                                                                                            
+
                                                                                                                                                                                          
+
                                                                                                                                                                                        2. Choose Add-ons in the navigation pane, find the NodeLocal DNSCache add-on on the right, and click Install.
                                                                                                                                                                                        3. On the Install Add-on page, select the add-on specifications and set related parameters.
                                                                                                                                                                                          • DNSConfig: After this function is enabled, a DNSConfig admission controller will be created. The controller intercepts pod creation requests in the namespace labeled with node-local-dns-injection=enabled based on admission webhooks and automatically configures DNSConfig for pods. If this function is disabled or the pod belongs to a non-target namespace, you must manually configure DNSConfig for the pod.
                                                                                                                                                                                            After automatic injection is enabled, you can customize the following configuration items for DNSConfig (supported when the add-on version is 1.6.7 or later):
                                                                                                                                                                                             
                                                                                                                                                                                            If DNSConfig has been configured in the pod when automatic injection is enabled, DNSConfig in the pod will be used first.
                                                                                                                                                                                            
+
                                                                                                                                                                                            
+
                                                                                                                                                                                            • (Optional) IP Address of DNS Server: IP address list of the DNS server obtained when the container resolves the domain name. NodeLocal DNSCache and CoreDNS IP addresses are added by default. You have the option to add an additional IP address, but duplicates will be removed.
                                                                                                                                                                                            • (Optional) Search Domain: a search list for host-name lookup. When a domain name cannot be resolved, DNS queries will be attempted combining the domain name with each domain in the search list in turn until a match is found or all domains in the search list are tried. You can add up to three extra search domains, but any duplicates will be removed.
                                                                                                                                                                                            • (Optional) ndots: specifies that if a domain name has fewer periods (.) than the specified value of ndots, it will be combined with the search domain list for DNS query. If the domain name still cannot be resolved, it will be used for DNS query. The system will perform a DNS query on a domain name if the number of periods (.) in it is greater than or equal to the value of ndots. If the domain name cannot be resolved, the system will sequentially combine it with the search domain list and then perform a DNS query.
                                                                                                                                                                                            
+
                                                                                                                                                                                            
+
                                                                                                                                                                                          • Target Namespace: This parameter is available after DNSConfig is enabled. Only NodeLocal DNSCache of v1.3.0 or later supports this function.
                                                                                                                                                                                            • Enable All: CCE adds the node-local-dns-injection=enabled label to all created namespaces excluding built-in ones and the ones preset by some add-ons (such as kube-system, kube-public, kube-node-lease, istio-system, and monitoring), identifies namespace creation requests, and automatically adds the label to newly created namespaces.
                                                                                                                                                                                              In add-ons of v1.6.77 or later, the node-local-dns-injection=enabled label cannot be manually deleted. You can set node-local-dns-injection to disabled to disable automatic injection in a namespace.
                                                                                                                                                                                              
+
                                                                                                                                                                                            • Manual Configure: You must manually add the node-local-dns-injection=enabled label to the namespaces requiring the injection of DNSConfig. For details, see Managing Namespace Labels.
                                                                                                                                                                                            
+
                                                                                                                                                                                          
+
                                                                                                                                                                                        4. Click Install.
                                                                                                                                                                                        
+
                                                                                                                                                                                        
+
                                                                                                                                                                                        Using NodeLocal DNSCache
                                                                                                                                                                                        By default, application requests are sent through the CoreDNS proxy. To use node-local-dns as the DNS cache proxy, use any of the following methods:
                                                                                                                                                                                        
+
                                                                                                                                                                                        • Auto injection: When you create a pod, CCE will automatically configure its dnsConfig field. (This function is not available for pods in system namespaces such as kube-system.)
                                                                                                                                                                                        • Manual configuration: You need to manually configure pod's dnsConfig field.
                                                                                                                                                                                        
+
                                                                                                                                                                                        
+
                                                                                                                                                                                        Auto Injection of DNSConfig
                                                                                                                                                                                        To enable auto injection, perform the following operations:
                                                                                                                                                                                        
+
                                                                                                                                                                                        1. Install NodeLocal DNSCache. During the installation, enable DNSConfig and configure Target Namespace for auto injection. For details, see Installing the Add-on.
                                                                                                                                                                                          Target Namespace: This parameter is available after DNSConfig is enabled. Only NodeLocal DNSCache of v1.3.0 or later supports this function.
                                                                                                                                                                                          • Enable All: CCE adds the node-local-dns-injection=enabled label to all created namespaces excluding built-in ones (such as kube-system), identifies namespace creation requests, and automatically adds the label to newly created namespaces.
                                                                                                                                                                                          • Manually Configure: You must manually add the node-local-dns-injection=enabled label to the namespaces requiring the injection of DNSConfig. For details, see Managing Namespace Labels.
                                                                                                                                                                                          
+
                                                                                                                                                                                          
+
                                                                                                                                                                                        2. Create a workload in the namespace with auto injection enabled. For details, see Creating a Deployment.
                                                                                                                                                                                           
                                                                                                                                                                                          The pods for which auto injection is enabled must meet the following requirements:
                                                                                                                                                                                          
+
                                                                                                                                                                                          • The new pod does not run in system namespaces such as kube-system and kube-public.
                                                                                                                                                                                          • The node-local-dns-injection=disabled label for disabling DNS injection is not added to the new pod.
                                                                                                                                                                                          • The new pod's DNSPolicy is ClusterFirstWithHostNet. Alternatively, the pod does not use the host network and DNSPolicy is ClusterFirst.
                                                                                                                                                                                          
+
                                                                                                                                                                                          
+
                                                                                                                                                                                        3. Run the following command to check the DNS configuration of the target pod:
                                                                                                                                                                                          kubectl get pod <pod_name> -oyaml
                                                                                                                                                                                          
+
                                                                                                                                                                                          After auto injection is enabled, the following dnsConfig settings will be automatically added to the created pod. In addition to the NodeLocal DNSCache IP address 169.254.20.10, the CoreDNS IP address 10.247.3.10 is added to nameservers, ensuring high availability of the service DNS server.
                                                                                                                                                                                          ...
+  dnsConfig:
+    nameservers:
+      - 169.254.20.10
+      - 10.247.3.10
+    searches:
+      - default.svc.cluster.local
+      - svc.cluster.local
+      - cluster.local
+    options:
+      - name: timeout
+        value: ''
+      - name: ndots
+        value: '5'
+      - name: single-request-reopen
+...
                                                                                                                                                                                          
+
                                                                                                                                                                                          
+
                                                                                                                                                                                        
+
                                                                                                                                                                                        
+
                                                                                                                                                                                        Manually Configuring DNSConfig
                                                                                                                                                                                        Manually add the dnsConfig settings to pods.
                                                                                                                                                                                        
+
                                                                                                                                                                                        1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                        2. Create a pod and add the NodeLocal DNSCache IP address 169.254.20.10 to nameservers in dnsConfig.
                                                                                                                                                                                          Create a nginx.yaml file. The following shows an example:
                                                                                                                                                                                          
+
                                                                                                                                                                                          apiVersion: v1
+kind: Pod
+metadata:
+  name: nginx
+spec:
+  containers:
+  - image: nginx:alpine
+    name: container-0
+  dnsConfig:
+    nameservers:
+    - 169.254.20.10
+    - 10.247.3.10
+    searches:
+    - default.svc.cluster.local
+    - svc.cluster.local
+    - cluster.local
+    options:
+    - name: ndots
+      value: '2'
+  imagePullSecrets:
+  - name: default-secret
                                                                                                                                                                                          
+
                                                                                                                                                                                        3. Run the following command to create a pod:
                                                                                                                                                                                          kubectl create -f nginx.yaml
                                                                                                                                                                                          
+
                                                                                                                                                                                        
+
                                                                                                                                                                                        
+
                                                                                                                                                                                        Common Issues
                                                                                                                                                                                        • How Do I Prevent Auto DNSConfig Injection on a Specific Pod?
                                                                                                                                                                                          Solution:
                                                                                                                                                                                          
+
                                                                                                                                                                                          Add node-local-dns-injection: disabled to the labels field in the pod template. Example:
                                                                                                                                                                                          apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: test
+  namespace: default
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: test
+  template:
+    metadata:
+      labels:
+        app: test
+        node-local-dns-injection: disabled   # Prevent auto DNSConfig injection.
+    spec:
+      containers:
+        - name: container-1
+          image: nginx:latest
+          imagePullPolicy: IfNotPresent
+      imagePullSecrets:
+        - name: default-secret
                                                                                                                                                                                          
+
                                                                                                                                                                                          
+
                                                                                                                                                                                        
+
                                                                                                                                                                                        
+
                                                                                                                                                                                        
+
                                                                                                                                                                                        
+
                                                                                                                                                                                        
+
                                                                                                                                                                                        Parent topic: DNS
                                                                                                                                                                                        
+
                                                                                                                                                                                        
+
                                                                                                                                                                                        
+
diff --git a/docs/cce/umn/cce_10_0363.html b/docs/cce/umn/cce_10_0363.html
index ffce1b481..299c5ad48 100644
--- a/docs/cce/umn/cce_10_0363.html
+++ b/docs/cce/umn/cce_10_0363.html
@@ -1,14 +1,15 @@
 
 
 
                                                                                                                                                                                        Creating a Node
                                                                                                                                                                                        
-
                                                                                                                                                                                        Prerequisites
                                                                                                                                                                                        • At least one cluster has been created.
                                                                                                                                                                                        • A key pair has been created for identity authentication upon remote node login.
                                                                                                                                                                                        
+
                                                                                                                                                                                        Prerequisites
                                                                                                                                                                                        • At least one cluster is available.
                                                                                                                                                                                        • A key pair is available for remote node login using key-pair authentication. 
                                                                                                                                                                                          If you use a password for login, skip this step.
                                                                                                                                                                                          
+
                                                                                                                                                                                        
 
                                                                                                                                                                                        
 
                                                                                                                                                                                        Notes and Constraints
                                                                                                                                                                                        • The DNS configuration of a subnet where a node is located cannot be modified because OBS and other dependent services are necessary for creating nodes.
                                                                                                                                                                                        
 
                                                                                                                                                                                        
-
                                                                                                                                                                                        Precautions
                                                                                                                                                                                        • To maintain node stability, Kubernetes components such as kubelet, kube-proxy, and docker, as well as the Kubernetes system, will be allocated a specific number of node resources based on the node flavor. Therefore, the total number of node resources and the number of allocatable node resources for your cluster are different. The larger the node specifications, the more the containers deployed on the node. Therefore, more node resources need to be reserved to run Kubernetes components. For details, see Node Resource Reservation Policy.
                                                                                                                                                                                        • Networks including VM networks and container networks of nodes are all managed by CCE. Do not add or delete ENIs, or change routes and IP addresses. Otherwise, services may be unavailable. For example, the ENI named gw_11cbf51a@eth0 on the node is the container network gateway and cannot be modified.
                                                                                                                                                                                        
+
                                                                                                                                                                                        Precautions
                                                                                                                                                                                        • To maintain node stability, a specific number of CCE node resources will be reserved for the Kubernetes system and components like kubelet, kube-proxy, and docker, based on the node specifications. Therefore, the total number of node resources and the number of allocatable node resources for your cluster are different. The larger the node specifications, the more the containers deployed on the node. Therefore, more node resources need to be reserved to run Kubernetes components. For details, see Node Resource Reservation Rules.
                                                                                                                                                                                        • Networks including VM networks and container networks of nodes are all managed by CCE. Do not add or delete network interfaces, or change routes and IP addresses. Otherwise, services may be unavailable. For example, the network interface named gw_11cbf51a@eth0 on the node is the container network gateway and is not modifiable.
                                                                                                                                                                                        
 
                                                                                                                                                                                        
 
                                                                                                                                                                                        Procedure
                                                                                                                                                                                        After a cluster is created, you can create nodes for the cluster.
                                                                                                                                                                                        
-
                                                                                                                                                                                        1. Log in to the CCE console.
                                                                                                                                                                                        2. In the navigation pane of the CCE console, choose Clusters. Click the target cluster name to access its details page.
                                                                                                                                                                                        3. In the navigation pane, choose Nodes. On the page displayed, click the Nodes tab and then Create Node in the upper right corner. Configure node parameters.
                                                                                                                                                                                          Configurations
                                                                                                                                                                                          
+
                                                                                                                                                                                          1. Log in to the CCE console.
                                                                                                                                                                                          2. In the navigation pane of the CCE console, choose Clusters. Click the target cluster name to access its details page.
                                                                                                                                                                                          3. In the navigation pane, choose Nodes. On the page displayed, click the Nodes tab and then Create Node in the upper right corner. Configure node parameters.
                                                                                                                                                                                            Configurations
                                                                                                                                                                                            
 
                                                                                                                                                                                            You can configure the flavor and OS of a cloud server, on which your containerized applications run.
 
                                                                                                                                                                                Table 5 APIs deprecated in Kubernetes v1.22
                                                                                                                                                                                Resource
                                                                                                                                                                                
+
                                                                                                                                                                                
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                                                                                                                                                Table 6 APIs deprecated in Kubernetes v1.22
                                                                                                                                                                                Resource
                                                                                                                                                                                
 
                                                                                                                                                                                Deprecated API Version
                                                                                                                                                                                
+
                                                                                                                                                                                Deprecated API Version
                                                                                                                                                                                
 
                                                                                                                                                                                Substitute API Version
                                                                                                                                                                                
+
                                                                                                                                                                                Substitute API Version
                                                                                                                                                                                
 
                                                                                                                                                                                Change Description
                                                                                                                                                                                
+
                                                                                                                                                                                Change Description
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                
 
                                                                                                                                                                                MutatingWebhookConfiguration
                                                                                                                                                                                
+
                                                                                                                                                                                MutatingWebhookConfiguration
                                                                                                                                                                                
 
                                                                                                                                                                                ValidatingWebhookConfiguration
                                                                                                                                                                                
 
                                                                                                                                                                                admissionregistration.k8s.io/v1beta1
                                                                                                                                                                                
+
                                                                                                                                                                                admissionregistration.k8s.io/v1beta1
                                                                                                                                                                                
 
                                                                                                                                                                                admissionregistration.k8s.io/v1
                                                                                                                                                                                
+
                                                                                                                                                                                admissionregistration.k8s.io/v1
                                                                                                                                                                                
 
                                                                                                                                                                                (This API has been available since v1.16.)
                                                                                                                                                                                
 
                                                                                                                                                                                • The default value of webhooks[*].failurePolicy is changed from Ignore to Fail in v1.
                                                                                                                                                                                • The default value of webhooks[*].matchPolicy is changed from Exact to Equivalent in v1.
                                                                                                                                                                                • The default value of webhooks[*].timeoutSeconds is changed from 30s to 10s in v1.
                                                                                                                                                                                • The default value of webhooks[*].sideEffects is deleted, and this field must be specified. In v1, the value can only be None or NoneOnDryRun.
                                                                                                                                                                                • The default value of webhooks[*].admissionReviewVersions is deleted. In v1, this field must be specified. (AdmissionReview v1 and v1beta1 are supported.)
                                                                                                                                                                                • webhooks[*].name must be unique in the list of objects created through admissionregistration.k8s.io/v1.
                                                                                                                                                                                
+
                                                                                                                                                                                • The default value of webhooks[*].failurePolicy is changed from Ignore to Fail in v1.
                                                                                                                                                                                • The default value of webhooks[*].matchPolicy is changed from Exact to Equivalent in v1.
                                                                                                                                                                                • The default value of webhooks[*].timeoutSeconds is changed from 30s to 10s in v1.
                                                                                                                                                                                • The default value of webhooks[*].sideEffects is deleted, and this field must be specified. In v1, the value can only be None or NoneOnDryRun.
                                                                                                                                                                                • The default value of webhooks[*].admissionReviewVersions is deleted. In v1, this field must be specified. (AdmissionReview v1 and v1beta1 are supported.)
                                                                                                                                                                                • webhooks[*].name must be unique in the list of objects created through admissionregistration.k8s.io/v1.
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                CustomResourceDefinition
                                                                                                                                                                                
+
                                                                                                                                                                                CustomResourceDefinition
                                                                                                                                                                                
 
                                                                                                                                                                                apiextensions.k8s.io/v1beta1
                                                                                                                                                                                
+
                                                                                                                                                                                apiextensions.k8s.io/v1beta1
                                                                                                                                                                                
 
                                                                                                                                                                                apiextensions/v1
                                                                                                                                                                                
+
                                                                                                                                                                                apiextensions/v1
                                                                                                                                                                                
 
                                                                                                                                                                                (This API has been available since v1.16.)
                                                                                                                                                                                
 
                                                                                                                                                                                • The default value of spec.scope is no longer Namespaced. This field must be explicitly specified.
                                                                                                                                                                                • spec.version is deleted from v1. Use spec.versions instead.
                                                                                                                                                                                • spec.validation is deleted from v1. Use spec.versions[*].schema instead.
                                                                                                                                                                                • spec.subresources is deleted from v1. Use spec.versions[*].subresources instead.
                                                                                                                                                                                • spec.additionalPrinterColumns is deleted from v1. Use spec.versions[*].additionalPrinterColumns instead.
                                                                                                                                                                                • spec.conversion.webhookClientConfig is moved to spec.conversion.webhook.clientConfig in v1.
                                                                                                                                                                                • spec.conversion.conversionReviewVersions is moved to spec.conversion.webhook.conversionReviewVersions in v1.
                                                                                                                                                                                
+
                                                                                                                                                                                • The default value of spec.scope is no longer Namespaced. This field must be explicitly specified.
                                                                                                                                                                                • spec.version is deleted from v1. Use spec.versions instead.
                                                                                                                                                                                • spec.validation is deleted from v1. Use spec.versions[*].schema instead.
                                                                                                                                                                                • spec.subresources is deleted from v1. Use spec.versions[*].subresources instead.
                                                                                                                                                                                • spec.additionalPrinterColumns is deleted from v1. Use spec.versions[*].additionalPrinterColumns instead.
                                                                                                                                                                                • spec.conversion.webhookClientConfig is moved to spec.conversion.webhook.clientConfig in v1.
                                                                                                                                                                                • spec.conversion.conversionReviewVersions is moved to spec.conversion.webhook.conversionReviewVersions in v1.
                                                                                                                                                                                
 
                                                                                                                                                                                • spec.versions[*].schema.openAPIV3Schema becomes a mandatory field when the CustomResourceDefinition object of the v1 version is created, and its value must be a structural schema.
                                                                                                                                                                                • spec.preserveUnknownFields: true cannot be specified when the CustomResourceDefinition object of the v1 version is created. This configuration must be specified using x-kubernetes-preserve-unknown-fields: true in the schema definition.
                                                                                                                                                                                • In v1, the JSONPath field in the additionalPrinterColumns entry is renamed jsonPath (patch #66531).
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                APIService
                                                                                                                                                                                
+
                                                                                                                                                                                APIService
                                                                                                                                                                                
 
                                                                                                                                                                                apiregistration/v1beta1
                                                                                                                                                                                
+
                                                                                                                                                                                apiregistration/v1beta1
                                                                                                                                                                                
 
                                                                                                                                                                                apiregistration.k8s.io/v1
                                                                                                                                                                                
+
                                                                                                                                                                                apiregistration.k8s.io/v1
                                                                                                                                                                                
 
                                                                                                                                                                                (This API has been available since v1.10.)
                                                                                                                                                                                
 
                                                                                                                                                                                None
                                                                                                                                                                                
+
                                                                                                                                                                                None
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                TokenReview
                                                                                                                                                                                
+
                                                                                                                                                                                TokenReview
                                                                                                                                                                                
 
                                                                                                                                                                                authentication.k8s.io/v1beta1
                                                                                                                                                                                
+
                                                                                                                                                                                authentication.k8s.io/v1beta1
                                                                                                                                                                                
 
                                                                                                                                                                                authentication.k8s.io/v1
                                                                                                                                                                                
+
                                                                                                                                                                                authentication.k8s.io/v1
                                                                                                                                                                                
 
                                                                                                                                                                                (This API has been available since v1.6.)
                                                                                                                                                                                
 
                                                                                                                                                                                None
                                                                                                                                                                                
+
                                                                                                                                                                                None
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                LocalSubjectAccessReview
                                                                                                                                                                                
+
                                                                                                                                                                                LocalSubjectAccessReview
                                                                                                                                                                                
 
                                                                                                                                                                                SelfSubjectAccessReview
                                                                                                                                                                                
 
                                                                                                                                                                                SubjectAccessReview
                                                                                                                                                                                
 
                                                                                                                                                                                SelfSubjectRulesReview
                                                                                                                                                                                
 
                                                                                                                                                                                authorization.k8s.io/v1beta1
                                                                                                                                                                                
+
                                                                                                                                                                                authorization.k8s.io/v1beta1
                                                                                                                                                                                
 
                                                                                                                                                                                authorization.k8s.io/v1
                                                                                                                                                                                
+
                                                                                                                                                                                authorization.k8s.io/v1
                                                                                                                                                                                
 
                                                                                                                                                                                (This API has been available since v1.16.)
                                                                                                                                                                                
 
                                                                                                                                                                                spec.group was renamed spec.groups in v1 (patch #32709).
                                                                                                                                                                                
+
                                                                                                                                                                                spec.group was renamed spec.groups in v1 (patch #32709).
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                CertificateSigningRequest
                                                                                                                                                                                
+
                                                                                                                                                                                CertificateSigningRequest
                                                                                                                                                                                
 
                                                                                                                                                                                certificates.k8s.io/v1beta1
                                                                                                                                                                                
+
                                                                                                                                                                                certificates.k8s.io/v1beta1
                                                                                                                                                                                
 
                                                                                                                                                                                certificates.k8s.io/v1
                                                                                                                                                                                
+
                                                                                                                                                                                certificates.k8s.io/v1
                                                                                                                                                                                
 
                                                                                                                                                                                (This API has been available since v1.19.)
                                                                                                                                                                                
 
                                                                                                                                                                                Pay attention to the following changes in certificates.k8s.io/v1:
                                                                                                                                                                                • For an API client that requests a certificate:
                                                                                                                                                                                  • spec.signerName becomes a mandatory field (see Known Kubernetes Signers). In addition, the certificates.k8s.io/v1 API cannot be used to create requests whose signer is kubernetes.io/legacy-unknown.
                                                                                                                                                                                  • spec.usages now becomes a mandatory field, which cannot contain duplicate string values and can contain only known usage strings.
                                                                                                                                                                                  
+
                                                                                                                                                                                Pay attention to the following changes in certificates.k8s.io/v1:
                                                                                                                                                                                • For an API client that requests a certificate:
                                                                                                                                                                                  • spec.signerName becomes a mandatory field (see Known Kubernetes Signers). In addition, the certificates.k8s.io/v1 API cannot be used to create requests whose signer is kubernetes.io/legacy-unknown.
                                                                                                                                                                                  • spec.usages now becomes a mandatory field, which cannot contain duplicate string values and can contain only known usage strings.
                                                                                                                                                                                  
 
                                                                                                                                                                                • For an API client that needs to approve or sign a certificate:
                                                                                                                                                                                  • status.conditions cannot contain duplicate types.
                                                                                                                                                                                  • The status.conditions[*].status field is now mandatory.
                                                                                                                                                                                  • The status.certificate must be PEM-encoded and can contain only the CERTIFICATE data block.
                                                                                                                                                                                  
 
                                                                                                                                                                                
 
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                Lease
                                                                                                                                                                                
+
                                                                                                                                                                                Lease
                                                                                                                                                                                
 
                                                                                                                                                                                coordination.k8s.io/v1beta1
                                                                                                                                                                                
+
                                                                                                                                                                                coordination.k8s.io/v1beta1
                                                                                                                                                                                
 
                                                                                                                                                                                coordination.k8s.io/v1
                                                                                                                                                                                
+
                                                                                                                                                                                coordination.k8s.io/v1
                                                                                                                                                                                
 
                                                                                                                                                                                (This API has been available since v1.14.)
                                                                                                                                                                                
 
                                                                                                                                                                                None
                                                                                                                                                                                
+
                                                                                                                                                                                None
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                Ingress
                                                                                                                                                                                
+
                                                                                                                                                                                Ingress
                                                                                                                                                                                
 
                                                                                                                                                                                networking.k8s.io/v1beta1
                                                                                                                                                                                
+
                                                                                                                                                                                networking.k8s.io/v1beta1
                                                                                                                                                                                
 
                                                                                                                                                                                extensions/v1beta1
                                                                                                                                                                                
 
                                                                                                                                                                                networking.k8s.io/v1
                                                                                                                                                                                
+
                                                                                                                                                                                networking.k8s.io/v1
                                                                                                                                                                                
 
                                                                                                                                                                                (This API has been available since v1.19.)
                                                                                                                                                                                
 
                                                                                                                                                                                • The spec.backend field is renamed spec.defaultBackend.
                                                                                                                                                                                • The serviceName field of the backend is renamed service.name.
                                                                                                                                                                                • The backend servicePort field represented by a number is renamed service.port.number.
                                                                                                                                                                                • The backend servicePort field represented by a string is renamed service.port.name.
                                                                                                                                                                                • The pathType field is mandatory for all paths to be specified. The options are Prefix, Exact, and ImplementationSpecific. To match the behavior of not defining the path type in v1beta1, use ImplementationSpecific.
                                                                                                                                                                                
+
                                                                                                                                                                                • The spec.backend field is renamed spec.defaultBackend.
                                                                                                                                                                                • The serviceName field of the backend is renamed service.name.
                                                                                                                                                                                • The backend servicePort field represented by a number is renamed service.port.number.
                                                                                                                                                                                • The backend servicePort field represented by a string is renamed service.port.name.
                                                                                                                                                                                • The pathType field is mandatory for all paths to be specified. The options are Prefix, Exact, and ImplementationSpecific. To match the behavior of not defining the path type in v1beta1, use ImplementationSpecific.
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                IngressClass
                                                                                                                                                                                
+
                                                                                                                                                                                IngressClass
                                                                                                                                                                                
 
                                                                                                                                                                                networking.k8s.io/v1beta1
                                                                                                                                                                                
+
                                                                                                                                                                                networking.k8s.io/v1beta1
                                                                                                                                                                                
 
                                                                                                                                                                                networking.k8s.io/v1
                                                                                                                                                                                
+
                                                                                                                                                                                networking.k8s.io/v1
                                                                                                                                                                                
 
                                                                                                                                                                                (This API has been available since v1.19.)
                                                                                                                                                                                
 
                                                                                                                                                                                None
                                                                                                                                                                                
+
                                                                                                                                                                                None
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                ClusterRole
                                                                                                                                                                                
+
                                                                                                                                                                                ClusterRole
                                                                                                                                                                                
 
                                                                                                                                                                                ClusterRoleBinding
                                                                                                                                                                                
 
                                                                                                                                                                                Role
                                                                                                                                                                                
 
                                                                                                                                                                                RoleBinding
                                                                                                                                                                                
 
                                                                                                                                                                                rbac.authorization.k8s.io/v1beta1
                                                                                                                                                                                
+
                                                                                                                                                                                rbac.authorization.k8s.io/v1beta1
                                                                                                                                                                                
 
                                                                                                                                                                                rbac.authorization.k8s.io/v1
                                                                                                                                                                                
+
                                                                                                                                                                                rbac.authorization.k8s.io/v1
                                                                                                                                                                                
 
                                                                                                                                                                                (This API has been available since v1.8.)
                                                                                                                                                                                
 
                                                                                                                                                                                None
                                                                                                                                                                                
+
                                                                                                                                                                                None
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                PriorityClass
                                                                                                                                                                                
+
                                                                                                                                                                                PriorityClass
                                                                                                                                                                                
 
                                                                                                                                                                                scheduling.k8s.io/v1beta1
                                                                                                                                                                                
+
                                                                                                                                                                                scheduling.k8s.io/v1beta1
                                                                                                                                                                                
 
                                                                                                                                                                                scheduling.k8s.io/v1
                                                                                                                                                                                
+
                                                                                                                                                                                scheduling.k8s.io/v1
                                                                                                                                                                                
 
                                                                                                                                                                                (This API has been available since v1.14.)
                                                                                                                                                                                
 
                                                                                                                                                                                None
                                                                                                                                                                                
+
                                                                                                                                                                                None
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                CSIDriver
                                                                                                                                                                                
+
                                                                                                                                                                                CSIDriver
                                                                                                                                                                                
 
                                                                                                                                                                                CSINode
                                                                                                                                                                                
 
                                                                                                                                                                                StorageClass
                                                                                                                                                                                
 
                                                                                                                                                                                VolumeAttachment
                                                                                                                                                                                
 
                                                                                                                                                                                storage.k8s.io/v1beta1
                                                                                                                                                                                
+
                                                                                                                                                                                storage.k8s.io/v1beta1
                                                                                                                                                                                
 
                                                                                                                                                                                storage.k8s.io/v1
                                                                                                                                                                                
+
                                                                                                                                                                                storage.k8s.io/v1
                                                                                                                                                                                
 
                                                                                                                                                                                • CSIDriver is available in storage.k8s.io/v1 since v1.19.
                                                                                                                                                                                • CSINode is available in storage.k8s.io/v1 since v1.17.
                                                                                                                                                                                • StorageClass is available in storage.k8s.io/v1 since v1.6.
                                                                                                                                                                                • VolumeAttachment is available in storage.k8s.io/v1 since v1.13.
                                                                                                                                                                                
+
                                                                                                                                                                                • CSIDriver is available in storage.k8s.io/v1 since v1.19.
                                                                                                                                                                                • CSINode is available in storage.k8s.io/v1 since v1.17.
                                                                                                                                                                                • StorageClass is available in storage.k8s.io/v1 since v1.6.
                                                                                                                                                                                • VolumeAttachment is available in storage.k8s.io/v1 since v1.13.
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                
                                                                                                                                                                                 
 
                                                                                                                                                                                
 
                                                                                                                                                                                
 
-
                                                                                                                                                                                
-
-
-
@@ -172,7 +172,7 @@ spec:
 
                                                                                                                                                                                After the PVC is created, you can create a workload and associate it with the PVC to create volumes.
                                                                                                                                                                                
-
                                                                                                                                                                                Mounting a Secret When Dynamically Creating an OBS Volume
                                                                                                                                                                                When dynamically creating an OBS volume, you can use the following method to specify a secret:
                                                                                                                                                                                
+
                                                                                                                                                                                Specifying a Secret for Mounting During Dynamic Creation of an OBS Volume
                                                                                                                                                                                When dynamically creating an OBS volume, you can use the following method to specify a secret:
                                                                                                                                                                                
 
                                                                                                                                                                                1. Create a YAML file for the PVC, for example, pvc-example.yaml.
                                                                                                                                                                                  apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
@@ -199,12 +199,12 @@ spec:
 
 
                                                                                                                                                                                
-
-
@@ -223,7 +223,7 @@ spec:
 
                                                                                                                                                                                touch: setting times of '/temp/test': No such file or directory
 command terminated with exit code 1
                                                                                                                                                                              2. Set the read/write permissions for the IAM user who mounted the OBS volume by referring to the bucket policy configuration.
                                                                                                                                                                                
-
                                                                                                                                                                                
+
                                                                                                                                                                                
 
                                                                                                                                                                              3. Write data into the mount path again. In this example, the write operation succeeded.
                                                                                                                                                                                kubectl exec obs-secret-5cd558f76f-vxslv -- touch /temp/test
                                                                                                                                                                                
 
                                                                                                                                                                              4. Check the mount path in the container to see whether the data is successfully written.
                                                                                                                                                                                kubectl exec obs-secret-5cd558f76f-vxslv -- ls -l /temp/
                                                                                                                                                                                
 
                                                                                                                                                                                Expected outputs:
                                                                                                                                                                                
@@ -234,7 +234,7 @@ command terminated with exit code 1
 
 
                                                                                                                                                                                
 
                                                                                                                                                                                
-
                                                                                                                                                                                Parent topic: Object Storage Service
                                                                                                                                                                                
+
                                                                                                                                                                                Parent topic: OBS
                                                                                                                                                                                
 
                                                                                                                                                                                
 
                                                                                                                                                                                
 
diff --git a/docs/cce/umn/cce_10_0337.html b/docs/cce/umn/cce_10_0337.html
index d7f19abf8..74f7a34c9 100644
--- a/docs/cce/umn/cce_10_0337.html
+++ b/docs/cce/umn/cce_10_0337.html
@@ -4,7 +4,7 @@
 
                                                                                                                                                                                This section describes how to configure SFS mount options. You can configure mount options in a PV and bind the PV to a PVC. Alternatively, configure mount options in a StorageClass and use the StorageClass to create a PVC. In this way, PVs can be dynamically created and inherit mount options configured in the StorageClass by default.
                                                                                                                                                                                
 
                                                                                                                                                                                Prerequisites
                                                                                                                                                                                The CCE Container Storage (Everest) version must be 1.2.8 or later. This add-on identifies the mount options and transfers them to the underlying storage resources. The parameter settings take effect only if the underlying storage resources support the specified options.
                                                                                                                                                                                
 
                                                                                                                                                                                
-
                                                                                                                                                                                Notes and Constraints
                                                                                                                                                                                • Mount options cannot be configured for Kata containers.
                                                                                                                                                                                • Due to the restrictions of the NFS protocol, if an SFS volume is mounted to a node for multiple times, link-related mounting parameters (such as timeo) take effect only when the SFS volume is mounted for the first time by default. For example, if the same SFS file system is mounted to multiple pods running on a node, the mounting parameter set later does not overwrite the existing parameter value. If you want to configure different mounting parameters in the preceding scenario, additionally configure the nosharecache parameter.
                                                                                                                                                                                
+
                                                                                                                                                                                Notes and Constraints
                                                                                                                                                                                • Mount options cannot be configured for secure containers.
                                                                                                                                                                                • Due to the restrictions of the NFS protocol, if an SFS volume is mounted to a node for multiple times, link-related mounting parameters (such as timeo) take effect only when the SFS volume is mounted for the first time by default. For example, if the same SFS file system is mounted to multiple pods running on a node, the mounting parameter set later does not overwrite the existing parameter value. If you want to configure different mounting parameters in the preceding scenario, additionally configure the nosharecache parameter.
                                                                                                                                                                                
 
                                                                                                                                                                                
 
                                                                                                                                                                                SFS Volume Mount Options
                                                                                                                                                                                The Everest add-on in CCE presets the options described in Table 1 for mounting SFS volumes.
                                                                                                                                                                                
 
@@ -81,22 +81,22 @@ spec:
   accessModes:
   - ReadWriteMany      # Access mode. The value must be ReadWriteMany for SFS.
   capacity:
-    storage: 1Gi     # SFS volume capacity
+    storage: 1Gi       # Storage capacity. This parameter is only for verification. It must not be empty or 0, but the specified size will not take effect.
   csi:
     driver: nas.csi.everest.io    # Dependent storage driver for the mounting
     fsType: nfs
-    volumeHandle: <your_volume_id>   # ID of the SFS Capacity-Oriented volume
+    volumeHandle: <your_volume_id>   # The ID of the SFS Capacity-Oriented volume
     volumeAttributes:
       everest.io/share-export-location: <your_location>  # Shared path of the SFS volume
       storage.kubernetes.io/csiProvisionerIdentity: everest-csi-provisioner
   persistentVolumeReclaimPolicy: Retain    # Reclaim policy
-  storageClassName: csi-nas                # Storage class name.
+  storageClassName: csi-nas                # StorageClass name.
   mountOptions:                            # Mount options
   - vers=3
   - nolock
   - timeo=600
   - hard
-
                                                                                                                                                                              5. After a PV is created, you can create a PVC and bind it to the PV, and then mount the PV to the container in the workload. For details, see Using an Existing SFS File System Through a Static PV.
                                                                                                                                                                              6. Check whether the mount options take effect.
                                                                                                                                                                                In this example, the PVC is mounted to the workload that uses the nginx:latest image. You can run the mount -l command to check whether the mount options take effect.
                                                                                                                                                                                1. View the pod to which the SFS volume has been mounted. In this example, the workload name is web-sfs.
                                                                                                                                                                                  kubectl get pod | grep web-sfs
                                                                                                                                                                                  
+
                                                                                                                                                                                2. After creating a PV, you can create a PVC, bind it to the PV, and mount the PV to the containers in the workload. For details, see Using an Existing SFS File System Through a Static PV.
                                                                                                                                                                                3. Check whether the mount options are effective.
                                                                                                                                                                                  In this example, the PVC is mounted to the workload that uses the nginx:latest image. You can run the mount -l command to check whether the mount options take effect.
                                                                                                                                                                                  1. View the pod to which the SFS volume has been mounted. In this example, the workload name is web-sfs.
                                                                                                                                                                                    kubectl get pod | grep web-sfs
                                                                                                                                                                                    
 
                                                                                                                                                                                    Command output:
                                                                                                                                                                                    
 
                                                                                                                                                                                    web-sfs-***   1/1     Running   0             23m
                                                                                                                                                                                    
 
                                                                                                                                                                                  2. Run the following command to check the mount options (web-sfs-*** is an example pod):
                                                                                                                                                                                    kubectl exec -it web-sfs-*** -- mount -l | grep nfs
                                                                                                                                                                                    
@@ -106,7 +106,7 @@ spec:
 
                                                                                                                                                                                  
 
                                                                                                                                                                                
 
                                                                                                                                                                                
-
                                                                                                                                                                                Configuring Mount Options in a StorageClass
                                                                                                                                                                                You can use the mountOptions field to configure mount options in a StorageClass. The options you can configure in mountOptions are listed in SFS Volume Mount Options.
                                                                                                                                                                                
+
                                                                                                                                                                                Configuring Mount Options in a StorageClass
                                                                                                                                                                                You can use mountOptions to configure mount options in a StorageClass. The options you can configure in mountOptions are listed in SFS Volume Mount Options.
                                                                                                                                                                                
 
                                                                                                                                                                                1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                2. Create a custom StorageClass. Example:
                                                                                                                                                                                  apiVersion: storage.k8s.io/v1
 kind: StorageClass
 metadata:
@@ -123,7 +123,7 @@ volumeBindingMode: Immediate
 - nolock
 - timeo=600
 - hard
                                                                                                                                                                                  
-
                                                                                                                                                                                3. After the StorageClass is configured, you can use it to create a PVC. By default, the dynamically created PVs inherit the mount options configured in the StorageClass. For details, see Using an SFS File System Through a Dynamic PV.
                                                                                                                                                                                4. Check whether the mount options take effect.
                                                                                                                                                                                  In this example, the PVC is mounted to the workload that uses the nginx:latest image. You can run the mount -l command to check whether the mount options take effect.
                                                                                                                                                                                  1. View the pod to which the SFS volume has been mounted. In this example, the workload name is web-sfs.
                                                                                                                                                                                    kubectl get pod | grep web-sfs
                                                                                                                                                                                    
+
                                                                                                                                                                                  2. After the StorageClass is configured, you can use it to create a PVC. By default, dynamically created PVs inherit the mount options configured in the StorageClass. For details, see Using an SFS File System Through a Dynamic PV.
                                                                                                                                                                                  3. Check whether the mount options are effective.
                                                                                                                                                                                    In this example, the PVC is mounted to the workload that uses the nginx:latest image. You can run the mount -l command to check whether the mount options take effect.
                                                                                                                                                                                    1. View the pod to which the SFS volume has been mounted. In this example, the workload name is web-sfs.
                                                                                                                                                                                      kubectl get pod | grep web-sfs
                                                                                                                                                                                      
 
                                                                                                                                                                                      Command output:
                                                                                                                                                                                      
 
                                                                                                                                                                                      web-sfs-***   1/1     Running   0             23m
                                                                                                                                                                                      
 
                                                                                                                                                                                    2. Run the following command to check the mount options (web-sfs-*** is an example pod):
                                                                                                                                                                                      kubectl exec -it web-sfs-*** -- mount -l | grep nfs
                                                                                                                                                                                      
@@ -136,7 +136,7 @@ volumeBindingMode: Immediate
 
                                                                                                                                                                                    
 
                                                                                                                                                                                    
 
                                                                                                                                                                                    
-
                                                                                                                                                                                    Parent topic: Scalable File Service
                                                                                                                                                                                    
+
                                                                                                                                                                                    Parent topic: SFS
                                                                                                                                                                                    
 
                                                                                                                                                                                    
 
                                                                                                                                                                                    
 
diff --git a/docs/cce/umn/cce_10_0338.html b/docs/cce/umn/cce_10_0338.html
index 4d6d5c1d0..241c94086 100644
--- a/docs/cce/umn/cce_10_0338.html
+++ b/docs/cce/umn/cce_10_0338.html
@@ -5,11 +5,11 @@
 
                                                                                                                                                                                    Removing a node will not delete the server corresponding to the node. You are advised to remove nodes at off-peak hours to avoid impacts on your services.
                                                                                                                                                                                    
 
                                                                                                                                                                                    After a node is removed from the cluster, the node is still running.
                                                                                                                                                                                    
 
                                                                                                                                                                                  
-
                                                                                                                                                                                  Notes and Constraints
                                                                                                                                                                                  • If the OS fails to be re-installed after the node is removed, manually re-install the OS. After the re-installation, log in to the node and run the clearance script to clear CCE components. For details, see Handling Failed OS Reinstallation.
                                                                                                                                                                                  • Removing a node will cause PVC/PV data loss for the local PV associated with the node. These PVCs and PVs cannot be restored or used again. In this scenario, the pod that uses the local PV is evicted from the node. A new pod is created and stays in the pending state. This is because the PVC used by the pod has a node label, due to which the pod cannot be scheduled.
                                                                                                                                                                                  
+
                                                                                                                                                                                  Constraints
                                                                                                                                                                                  • If the OS fails to be re-installed after the node is removed, manually re-install the OS. After the re-installation, log in to the node and run the clearance script to clear CCE components. For details, see Handling Failed OS Reinstallation.
                                                                                                                                                                                  • Removing a node will cause PVC/PV data loss for the local PV associated with the node. These PVCs and PVs cannot be restored or used again. In this scenario, the pod that uses the local PV is evicted from the node. A new pod is created and stays in the pending state. This is because the PVC used by the pod has a node label, due to which the pod cannot be scheduled.
                                                                                                                                                                                  
 
                                                                                                                                                                                  
-
                                                                                                                                                                                  Precautions
                                                                                                                                                                                  • When you remove a node, the pods running on it will need to migrate to another node, which could potentially impact your services. To avoid any disruptions, drain the node so that pods can be gracefully evicted to other available nodes. Additionally, perform this task during off-peak hours.
                                                                                                                                                                                  • Unexpected risks may occur during the operation. Back up data beforehand.
                                                                                                                                                                                  • When a node is removed, the backend will make it unschedulable.
                                                                                                                                                                                  • After you remove the node and re-install the OS, the original LVM partitions will be cleared and the data managed by LVM will be cleared. Therefore, back up data in advance.
                                                                                                                                                                                  
+
                                                                                                                                                                                  Precautions
                                                                                                                                                                                  • Removing a node will migrate the pods running on it to other nodes, which could potentially affect your services. To avoid any disruptions, drain the node so that pods can be gracefully evicted to other available nodes. Perform this task during off-peak hours. If pods remain when the node is removed, CCE will evict them. If a Pod Disruption Budget (PDB) policy is configured for your pods, they may fail to be evicted. In this case, the node will be forcibly removed after a period of time.
                                                                                                                                                                                  • Unexpected risks may occur during the operation. Back up data beforehand.
                                                                                                                                                                                  • When a node is removed, the backend will make it unschedulable.
                                                                                                                                                                                  • After you remove the node and re-install the OS, the original LVM partitions will be cleared and the data managed by LVM will be cleared. Therefore, back up data in advance.
                                                                                                                                                                                  
 
                                                                                                                                                                                  
-
                                                                                                                                                                                  Procedure
                                                                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                  2. In the navigation pane, choose Nodes. On the displayed page, click the Nodes tab.
                                                                                                                                                                                  3. Locate the target node and choose More > Remove in the Operation column.
                                                                                                                                                                                  4. In the dialog box displayed, configure the login information required for re-installing the OS and click Yes. Wait until the node is removed.
                                                                                                                                                                                    After the node is removed, workload pods on the node are automatically migrated to other available nodes.
                                                                                                                                                                                    
+
                                                                                                                                                                                    Procedure
                                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                    2. In the navigation pane, choose Nodes. On the displayed page, click the Nodes tab.
                                                                                                                                                                                    3. Locate the target node and choose More > Remove in the Operation column.
                                                                                                                                                                                    4. In the dialog box displayed, configure the login information required for re-installing the OS and click Yes. Wait until the node is removed.
                                                                                                                                                                                      After the node is removed, workload pods on the node are automatically migrated to other available nodes.
                                                                                                                                                                                      
 
                                                                                                                                                                                    
 
                                                                                                                                                                                    
 
                                                                                                                                                                                    Handling Failed OS Reinstallation
                                                                                                                                                                                    You can perform the following steps to re-install the OS and clear the CCE components on the node if previous attempts fail:
                                                                                                                                                                                    
diff --git a/docs/cce/umn/cce_10_0341.html b/docs/cce/umn/cce_10_0341.html
index b5456b9bc..79647cc21 100644
--- a/docs/cce/umn/cce_10_0341.html
+++ b/docs/cce/umn/cce_10_0341.html
@@ -17,10 +17,10 @@
 
                                                                                                                                                                                    • Rootfs (Device Mapper)
                                                                                                                                                                                      By default, the container engine and image space, occupying 90% of the data disk, can be divided into the following two parts:
                                                                                                                                                                                      • The /var/lib/docker directory is used as the Docker working directory and occupies 20% of the container engine and container image space by default. (Space size of the /var/lib/docker directory = Data disk space x 90% x 20%)
                                                                                                                                                                                      • The thin pool is used to store container image data, image metadata, and container data, and occupies 80% of the container engine and container image space by default. (Thin pool space = Data disk space x 90% x 80%)
                                                                                                                                                                                        The thin pool is dynamically mounted. You can view it by running the lsblk command on a node, but not the df -h command.
                                                                                                                                                                                        
 
                                                                                                                                                                                      
 
                                                                                                                                                                                      
-
                                                                                                                                                                                      Figure 1 Space allocation for container engines of Device Mapper
                                                                                                                                                                                      
+
                                                                                                                                                                                      Figure 1 Space allocation for container engines of Device Mapper
                                                                                                                                                                                      
 
                                                                                                                                                                                    
 
                                                                                                                                                                                    • Rootfs (OverlayFS)
                                                                                                                                                                                      No separate thin pool. The entire container engine and container image space (90% of the data disk by default) are in the /var/lib/docker directory.
                                                                                                                                                                                      
-
                                                                                                                                                                                      Figure 2 Space allocation for container engines of OverlayFS
                                                                                                                                                                                      
+
                                                                                                                                                                                      Figure 2 Space allocation for container engines of OverlayFS
                                                                                                                                                                                      
 
                                                                                                                                                                                    
 
                                                                                                                                                                                    
 
                                                                                                                                                                                    Space Allocation for Pods
                                                                                                                                                                                    The customized pod container space (basesize) is related to the node OS and container storage Rootfs. For details about the container storage Rootfs, see Mapping Between OS and Container Storage Rootfs.
                                                                                                                                                                                    
diff --git a/docs/cce/umn/cce_10_0342.html b/docs/cce/umn/cce_10_0342.html
index b59edbe58..bd5d0a21a 100644
--- a/docs/cce/umn/cce_10_0342.html
+++ b/docs/cce/umn/cce_10_0342.html
@@ -3,78 +3,70 @@
 
                                                                                                                                                                                    Comparison Between Cluster Types
                                                                                                                                                                                    
 
                                                                                                                                                                                    Comparison
                                                                                                                                                                                    CCE provides different types of clusters for you to select. The following table lists the differences between them.
                                                                                                                                                                                    
 
-
                                                                                                                                                                                7. Table 6 APIs deprecated in Kubernetes v1.16
                                                                                                                                                                                Resource
                                                                                                                                                                                
+
                                                                                                                                                                                
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/docs/cce/umn/cce_10_0307.html b/docs/cce/umn/cce_10_0307.html
index 4510c62b8..593f2a8ca 100644
--- a/docs/cce/umn/cce_10_0307.html
+++ b/docs/cce/umn/cce_10_0307.html
@@ -1,8 +1,8 @@
 
 
-
                                                                                                                                                                                Overview
                                                                                                                                                                                
-
                                                                                                                                                                                Container Storage
                                                                                                                                                                                CCE container storage is implemented based on Kubernetes container storage APIs (CSI). CCE integrates multiple types of cloud storage and covers different application scenarios. CCE is fully compatible with Kubernetes native storage services, such as emptyDir, hostPath, secret, and ConfigMap.
                                                                                                                                                                                
-
                                                                                                                                                                                Figure 1 Container storage types
                                                                                                                                                                                
+
                                                                                                                                                                                Storage Overview
                                                                                                                                                                                
+
                                                                                                                                                                                Container Storage
                                                                                                                                                                                The Kubernetes Container Storage Interface (CSI) is a standardized storage add-on framework launched by the Cloud Native Computing Foundation (CNCF). It aims to decouple storage systems from Kubernetes, enabling storage services to be accessed as add-ons without modifying the core code of Kubernetes. CCE container storage is built based on the CSI and supports a wide range of storage types, including block storage, file storage, and object storage, to meet the needs of both stateless and stateful applications. CSI is fully compatible with the native Kubernetes storage system and supports multiple storage forms like emptyDir, hostPath, secret, and ConfigMap.
                                                                                                                                                                                
+
                                                                                                                                                                                Figure 1 Container storage types
                                                                                                                                                                                
 
                                                                                                                                                                                
 
                                                                                                                                                                                CCE allows workload pods to use multiple types of storage:
                                                                                                                                                                                
 
                                                                                                                                                                                • In terms of implementation, storage supports Container Storage Interface (CSI) and Kubernetes native storage.
@@ -14,12 +14,13 @@
 
 
                                                                                                                                                                                
-
-
@@ -36,15 +37,15 @@
 
-
-
-
-
-
@@ -270,7 +271,8 @@
 
                                                                                                                                                                                Table 7 APIs deprecated in Kubernetes v1.16
                                                                                                                                                                                Resource
                                                                                                                                                                                
 
                                                                                                                                                                                Deprecated API Version
                                                                                                                                                                                
+
                                                                                                                                                                                Deprecated API Version
                                                                                                                                                                                
 
                                                                                                                                                                                Substitute API Version
                                                                                                                                                                                
+
                                                                                                                                                                                Substitute API Version
                                                                                                                                                                                
 
                                                                                                                                                                                Change Description
                                                                                                                                                                                
+
                                                                                                                                                                                Change Description
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                
 
                                                                                                                                                                                NetworkPolicy
                                                                                                                                                                                
+
                                                                                                                                                                                NetworkPolicy
                                                                                                                                                                                
 
                                                                                                                                                                                extensions/v1beta1
                                                                                                                                                                                
+
                                                                                                                                                                                extensions/v1beta1
                                                                                                                                                                                
 
                                                                                                                                                                                networking.k8s.io/v1
                                                                                                                                                                                
+
                                                                                                                                                                                networking.k8s.io/v1
                                                                                                                                                                                
 
                                                                                                                                                                                (This API has been available since v1.8.)
                                                                                                                                                                                
 
                                                                                                                                                                                None
                                                                                                                                                                                
+
                                                                                                                                                                                None
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                DaemonSet
                                                                                                                                                                                
+
                                                                                                                                                                                DaemonSet
                                                                                                                                                                                
 
                                                                                                                                                                                extensions/v1beta1
                                                                                                                                                                                
+
                                                                                                                                                                                extensions/v1beta1
                                                                                                                                                                                
 
                                                                                                                                                                                apps/v1beta2
                                                                                                                                                                                
 
                                                                                                                                                                                apps/v1
                                                                                                                                                                                
+
                                                                                                                                                                                apps/v1
                                                                                                                                                                                
 
                                                                                                                                                                                (This API has been available since v1.9.)
                                                                                                                                                                                
 
                                                                                                                                                                                • The spec.templateGeneration field is deleted.
                                                                                                                                                                                • spec.selector is now a mandatory field and cannot be changed after the object is created. The label of an existing template can be used as a selector for seamless migration.
                                                                                                                                                                                • The default value of spec.updateStrategy.type is changed to RollingUpdate (the default value in the extensions/v1beta1 API version is OnDelete).
                                                                                                                                                                                
+
                                                                                                                                                                                • The spec.templateGeneration field is deleted.
                                                                                                                                                                                • spec.selector is now a mandatory field and cannot be changed after the object is created. The label of an existing template can be used as a selector for seamless migration.
                                                                                                                                                                                • The default value of spec.updateStrategy.type is changed to RollingUpdate (the default value in the extensions/v1beta1 API version is OnDelete).
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                Deployment
                                                                                                                                                                                
+
                                                                                                                                                                                Deployment
                                                                                                                                                                                
 
                                                                                                                                                                                extensions/v1beta1
                                                                                                                                                                                
+
                                                                                                                                                                                extensions/v1beta1
                                                                                                                                                                                
 
                                                                                                                                                                                apps/v1beta1
                                                                                                                                                                                
 
                                                                                                                                                                                apps/v1beta2
                                                                                                                                                                                
 
                                                                                                                                                                                apps/v1
                                                                                                                                                                                
+
                                                                                                                                                                                apps/v1
                                                                                                                                                                                
 
                                                                                                                                                                                (This API has been available since v1.9.)
                                                                                                                                                                                
 
                                                                                                                                                                                • The spec.rollbackTo field is deleted.
                                                                                                                                                                                • spec.selector is now a mandatory field and cannot be changed after the Deployment is created. The label of an existing template can be used as a selector for seamless migration.
                                                                                                                                                                                • The default value of spec.progressDeadlineSeconds is changed to 600 seconds (the default value in extensions/v1beta1 is unlimited).
                                                                                                                                                                                • The default value of spec.revisionHistoryLimit is changed to 10. (In the apps/v1beta1 API version, the default value of this field is 2. In the extensions/v1beta1 API version, all historical records are retained by default.)
                                                                                                                                                                                • The default values of maxSurge and maxUnavailable are changed to 25%. (In the extensions/v1beta1 API version, these fields default to 1.)
                                                                                                                                                                                
+
                                                                                                                                                                                • The spec.rollbackTo field is deleted.
                                                                                                                                                                                • spec.selector is now a mandatory field and cannot be changed after the Deployment is created. The label of an existing template can be used as a selector for seamless migration.
                                                                                                                                                                                • The default value of spec.progressDeadlineSeconds is changed to 600 seconds (the default value in extensions/v1beta1 is unlimited).
                                                                                                                                                                                • The default value of spec.revisionHistoryLimit is changed to 10. (In the apps/v1beta1 API version, the default value of this field is 2. In the extensions/v1beta1 API version, all historical records are retained by default.)
                                                                                                                                                                                • The default values of maxSurge and maxUnavailable are changed to 25%. (In the extensions/v1beta1 API version, these fields default to 1.)
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                StatefulSet
                                                                                                                                                                                
+
                                                                                                                                                                                StatefulSet
                                                                                                                                                                                
 
                                                                                                                                                                                apps/v1beta1
                                                                                                                                                                                
+
                                                                                                                                                                                apps/v1beta1
                                                                                                                                                                                
 
                                                                                                                                                                                apps/v1beta2
                                                                                                                                                                                
 
                                                                                                                                                                                apps/v1
                                                                                                                                                                                
+
                                                                                                                                                                                apps/v1
                                                                                                                                                                                
 
                                                                                                                                                                                (This API has been available since v1.9.)
                                                                                                                                                                                
 
                                                                                                                                                                                • spec.selector is now a mandatory field and cannot be changed after the StatefulSet is created. The label of an existing template can be used as a selector for seamless migration.
                                                                                                                                                                                • The default value of spec.updateStrategy.type is changed to RollingUpdate (the default value in the apps/v1beta1 API version is OnDelete).
                                                                                                                                                                                
+
                                                                                                                                                                                • spec.selector is now a mandatory field and cannot be changed after the StatefulSet is created. The label of an existing template can be used as a selector for seamless migration.
                                                                                                                                                                                • The default value of spec.updateStrategy.type is changed to RollingUpdate (the default value in the apps/v1beta1 API version is OnDelete).
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                ReplicaSet
                                                                                                                                                                                
+
                                                                                                                                                                                ReplicaSet
                                                                                                                                                                                
 
                                                                                                                                                                                extensions/v1beta1
                                                                                                                                                                                
+
                                                                                                                                                                                extensions/v1beta1
                                                                                                                                                                                
 
                                                                                                                                                                                apps/v1beta1
                                                                                                                                                                                
 
                                                                                                                                                                                apps/v1beta2
                                                                                                                                                                                
 
                                                                                                                                                                                apps/v1
                                                                                                                                                                                
+
                                                                                                                                                                                apps/v1
                                                                                                                                                                                
 
                                                                                                                                                                                (This API has been available since v1.9.)
                                                                                                                                                                                
 
                                                                                                                                                                                spec.selector is now a mandatory field and cannot be changed after the object is created. The label of an existing template can be used as a selector for seamless migration.
                                                                                                                                                                                
+
                                                                                                                                                                                spec.selector is now a mandatory field and cannot be changed after the object is created. The label of an existing template can be used as a selector for seamless migration.
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                PodSecurityPolicy
                                                                                                                                                                                
+
                                                                                                                                                                                PodSecurityPolicy
                                                                                                                                                                                
 
                                                                                                                                                                                extensions/v1beta1
                                                                                                                                                                                
+
                                                                                                                                                                                extensions/v1beta1
                                                                                                                                                                                
 
                                                                                                                                                                                policy/v1beta1
                                                                                                                                                                                
+
                                                                                                                                                                                policy/v1beta1
                                                                                                                                                                                
 
                                                                                                                                                                                (This API has been available since v1.10.)
                                                                                                                                                                                
 
                                                                                                                                                                                PodSecurityPolicy for the policy/v1beta1 API version will be removed in v1.25.
                                                                                                                                                                                
+
                                                                                                                                                                                PodSecurityPolicy for the policy/v1beta1 API version will be removed in v1.25.
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                
 
                                                                                                                                                                                CSI
                                                                                                                                                                                
 
                                                                                                                                                                                An out-of-tree volume add-on, which specifies the standard container storage API and allows storage vendors to use standard custom storage plugins that are mounted using PVCs and PVs without the need to add their plugin source code to the Kubernetes repository for unified build, compilation, and release. CSI is a recommended in Kubernetes 1.13 and later versions.
                                                                                                                                                                                
+
                                                                                                                                                                                A standardized plugin mechanism (corresponding to CCE Everest) designed to decouple storage systems from orchestration platforms, addressing the issue of tight coupling between traditional in-tree storage plugins and Kubernetes core code. Its core design involves defining a unified gRPC interface specification, enabling storage vendors to develop custom storage plugins in an out-of-tree manner. This allows for independent building, compilation, and release of storage functionalities without embedding the plugin source code into the Kubernetes source code repository. You only need to declare your storage requirements through PVCs and PVs. The CSI driver handles the rest, enabling dynamic storage provisioning and management.
                                                                                                                                                                                
+
                                                                                                                                                                                From Kubernetes 1.13 onward, CSI has become the officially recommended implementation for storage plugins.
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                
 
                                                                                                                                                                                Kubernetes native storage
                                                                                                                                                                                
 
                                                                                                                                                                                An "in-tree" volume add-on that is built, compiled, and released with the Kubernetes repository.
                                                                                                                                                                                
+
                                                                                                                                                                                Runs in an in-tree manner, where the storage plugin code is embedded directly within the Kubernetes core code repository. This means that storage plugins are built, compiled, and released together with core Kubernetes components such as kubelet and kube-controller-manager. Storage plugins must be upgraded alongside Kubernetes. They cannot be developed, upgraded, or extended independently of the Kubernetes release cycle. This limits the flexibility of supporting third-party storage systems.
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                
                                                                                                                                                                                 
 
                                                                                                                                                                                Cloud storage
                                                                                                                                                                                
 
                                                                                                                                                                                The storage media is provided by storage vendors. Storage volumes of this type are mounted using PVCs and PVs.
                                                                                                                                                                                
+
                                                                                                                                                                                The storage is provided by cloud service vendors and allows storage data to be stored in remote clusters through networks. This enables centralized management and elastic scaling of storage resources. In a cluster, you only need to declare your storage requirements through PVCs and PVs. The CSI add-on automatically handles access to cloud storage, eliminating the need to manually configure underlying resources.
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                Data requires high availability or needs to be shared, for example, logs and media resources.
                                                                                                                                                                                
-
                                                                                                                                                                                Select a proper cloud storage type based on the application scenario. For details, see Cloud Storage Comparison.
                                                                                                                                                                                
+
                                                                                                                                                                                Select a proper cloud StorageClass based on the application scenario. For details, see Cloud Storage Comparison.
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                
 
                                                                                                                                                                                Local storage
                                                                                                                                                                                
 
                                                                                                                                                                                The storage media is the local data disk or memory of the node. The local PV is a customized storage type provided by CCE and mounted using PVCs and PVs through the CSI. Other storage types are Kubernetes native storage.
                                                                                                                                                                                
+
                                                                                                                                                                                The storage media is the local data disk or memory of the node. The local PV is a customized StorageClass provided by CCE and mounted using PVCs and PVs through the CSI. Other StorageClasses are native to Kubernetes.
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                Non-HA data requires high I/O and low latency.
                                                                                                                                                                                
 
                                                                                                                                                                                Select a proper local storage type based on the application scenario. For details, see Local Storage Comparison.
                                                                                                                                                                                
@@ -77,14 +78,14 @@
 
 
                                                                                                                                                                                Definition
                                                                                                                                                                                
 
                                                                                                                                                                                EVS offers scalable block storage for cloud servers. With high reliability, high performance, and rich specifications, EVS disks can be used for distributed file systems, dev/test environments, data warehouses, and high-performance computing (HPC) applications.
                                                                                                                                                                                
+
                                                                                                                                                                                A block storage service that operates in shared storage resource pools. It offers scalable, high-performance, and reliable storage volumes for cloud servers. EVS disks come in various specifications and are cost-effective.
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                Expandable to petabytes, SFS provides fully hosted shared file storage, highly available and stable to handle data- and bandwidth-intensive applications in HPC, media processing, file sharing, content management, and web services.
                                                                                                                                                                                
 
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                Expandable to 320 TB, SFS Turbo provides fully hosted shared file storage, which is highly available and stable, to support small files and applications requiring low latency and high IOPS. You can use SFS Turbo in high-traffic websites, log storage, compression/decompression, DevOps, enterprise OA, and containerized applications.
                                                                                                                                                                                
 
                                                                                                                                                                                Object Storage Service (OBS) provides massive, secure, and cost-effective data storage for you to store data of any type and size. You can use it in enterprise backup/archiving, video on demand (VoD), video surveillance, and many other scenarios.
                                                                                                                                                                                
+
                                                                                                                                                                                Massive, secure, reliable, and cost-effective storage for any type and size of data. You can use it in enterprise backup/archiving, video on demand (VoD), video surveillance, and many other scenarios.
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                
 
                                                                                                                                                                                Data storage logic
                                                                                                                                                                                
@@ -126,7 +127,7 @@
                                                                                                                                                                                 		
 
                                                                                                                                                                                Supported. For details, see Using an SFS File System Through a Dynamic PV.
                                                                                                                                                                                
 
                                                                                                                                                                                Not supported
                                                                                                                                                                                
+
                                                                                                                                                                                Supported for SFS Turbo subdirectories. For details, see (Recommended) Creating an SFS Turbo Subdirectory Using a Dynamic PV.
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                Supported. For details, see Using an OBS Bucket Through a Dynamic PV.
                                                                                                                                                                                
 
                                                                                                                                                                                
 
                                                                                                                                                                                
 
-
                                                                                                                                                                                Documentation
                                                                                                                                                                                
+
                                                                                                                                                                                Helpful Links
                                                                                                                                                                                
 
                                                                                                                                                                                
 
                                                                                                                                                                                
 
                                                                                                                                                                                
diff --git a/docs/cce/umn/cce_10_0336.html b/docs/cce/umn/cce_10_0336.html
index 1f95cb66b..686b99be4 100644
--- a/docs/cce/umn/cce_10_0336.html
+++ b/docs/cce/umn/cce_10_0336.html
@@ -5,15 +5,15 @@
 
                                                                                                                                                                                
 
                                                                                                                                                                                Prerequisites
                                                                                                                                                                                
 
                                                                                                                                                                                
-
                                                                                                                                                                                Notes and Constraints
                                                                                                                                                                                • When an OBS volume is mounted using a custom access key (AK/SK), the access key cannot be deleted or disabled. Otherwise, the service container cannot access the mounted OBS volume.
                                                                                                                                                                                • Custom access keys cannot be configured for Kata containers.
                                                                                                                                                                                
+
                                                                                                                                                                                Notes and Constraints
                                                                                                                                                                                • When an OBS volume is mounted using a custom access key (AK/SK), the access key cannot be deleted or disabled. Otherwise, the service container cannot access the mounted OBS volume.
                                                                                                                                                                                • Custom access keys cannot be configured for secure containers.
                                                                                                                                                                                
 
                                                                                                                                                                                
 
                                                                                                                                                                                Disabling Auto Key Mounting
                                                                                                                                                                                On the earlier version's console, you need to upload the AK/SK, which is then used by default for mounting an OBS volume. As a result, all IAM users within your account will use the same key to mount OBS buckets, and they will have identical permissions on the buckets. However, this setting does not allow you to set different permissions for individual IAM users.
                                                                                                                                                                                
 
                                                                                                                                                                                If you have uploaded the AK/SK, disable the automatic mounting of access keys by enabling the DISABLE_AUTO_MOUNT_SECRET parameter in the Everest add-on to prevent IAM users from performing unauthorized operations. In this way, the access keys uploaded on the console will not be used when you use OBS volumes.
                                                                                                                                                                                
 
                                                                                                                                                                                 
                                                                                                                                                                                • Before enabling DISABLE_AUTO_MOUNT_SECRET, ensure that there are no OBS volumes in the cluster. Workloads using OBS volumes may fail to remount after scaling or restart due to missing access keys, which are blocked by DISABLE_AUTO_MOUNT_SECRET.
                                                                                                                                                                                • If DISABLE_AUTO_MOUNT_SECRET is set to true, an access key must be specified when a PV or PVC is created. Otherwise, mounting the OBS volume will fail.
                                                                                                                                                                                
 
                                                                                                                                                                                
-
                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Add-ons, locate CCE Container Storage (Everest) on the right, and click Edit.
                                                                                                                                                                                2. Configure the add-on parameters. Set Prohibit Global Secret from Mounting Object Storage (disable_auto_mount_secret) to Yes.
                                                                                                                                                                                3. Click OK.
                                                                                                                                                                                
+
                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                2. In the navigation pane, choose Add-ons. In the right pane, find the CCE Container Storage (Everest) add-on and click Edit.
                                                                                                                                                                                3. Configure the add-on parameters. Set Prohibit Global Secret from Mounting Object Storage (disable_auto_mount_secret) to Yes.
                                                                                                                                                                                4. Click OK.
                                                                                                                                                                                
 
                                                                                                                                                                                
-
                                                                                                                                                                                Obtaining an Access Key
                                                                                                                                                                                1. Log in to the console.
                                                                                                                                                                                2. Hover the cursor over the username in the upper right corner and choose My Credentials from the drop-down list.
                                                                                                                                                                                3. In the navigation pane, choose Access Keys.
                                                                                                                                                                                4. Click Create Access Key. The Create Access Key dialog box is displayed.
                                                                                                                                                                                5. Click OK to download the access key.
                                                                                                                                                                                
+
                                                                                                                                                                                Obtaining an Access Key
                                                                                                                                                                                1. Access the My Credentials page.
                                                                                                                                                                                2. In the navigation pane, choose Access Keys.
                                                                                                                                                                                3. Click Create Access Key. The Create Access Key dialog box is displayed.
                                                                                                                                                                                4. Click OK to download the access key.
                                                                                                                                                                                
 
                                                                                                                                                                                
 
                                                                                                                                                                                Creating a Secret Using an Access Key
                                                                                                                                                                                1. Obtain an access key.
                                                                                                                                                                                2. Encode the keys using Base64. (Assume that the AK is xxx and the SK is yyy.)
                                                                                                                                                                                  echo -n xxx|base64
                                                                                                                                                                                  
 
                                                                                                                                                                                  echo -n yyy|base64
                                                                                                                                                                                  
@@ -59,7 +59,7 @@ type: cfe/secure-opaque
 
                                                                                                                                                                                
 
                                                                                                                                                                                secret.kubernetes.io/used-by: csi
                                                                                                                                                                                
 
                                                                                                                                                                                Add this label in the YAML file if you want to make it available on the CCE console when you create an OBS PV/PVC.
                                                                                                                                                                                
+
                                                                                                                                                                                Add this label if you want to make it available on the CCE console when you create an OBS PV/PVC.
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                
 
                                                                                                                                                                                type
                                                                                                                                                                                
@@ -74,8 +74,8 @@ type: cfe/secure-opaque
 
                                                                                                                                                                              7. Create the secret.
                                                                                                                                                                                kubectl create -f test-user.yaml
                                                                                                                                                                                
 
                                                                                                                                                                                8. 
 
-
                                                                                                                                                                                Mounting a Secret When Statically Creating an OBS Volume
                                                                                                                                                                                After a secret is created using the AK/SK, you can associate the secret with the PV to be created and then use the AK/SK in the secret to mount an OBS volume.
                                                                                                                                                                                
-
                                                                                                                                                                                1. Log in to the OBS console, create an OBS bucket, and record the bucket name and storage class. The parallel file system is used as an example.
                                                                                                                                                                                2. Create a YAML file for the PV, for example, pv-example.yaml.
                                                                                                                                                                                  
+
                                                                                                                                                                                  Specifying a Secret for Mounting During Static Creation of an OBS Volume
                                                                                                                                                                                  After a secret is created using the AK/SK, you can associate the secret with the PV to be created and then use the AK/SK in the secret to mount an OBS volume.
                                                                                                                                                                                  
+
                                                                                                                                                                                  1. Log in to the OBS console, create an OBS bucket, and record the bucket name and StorageClass. The parallel file system is used as an example.
                                                                                                                                                                                  2. Create a YAML file for the PV, for example, pv-example.yaml.
                                                                                                                                                                                    
 
                                                                                                                                                                                    apiVersion: v1
 kind: PersistentVolume
 metadata:
@@ -110,7 +110,7 @@ spec:
 
                                                                                                                                                                                nodePublishSecretRef
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                Secret specified during the mounting.
                                                                                                                                                                                
-
                                                                                                                                                                                • name: name of the secret
                                                                                                                                                                                • namespace: namespace of the secret
                                                                                                                                                                                
+
                                                                                                                                                                                • name: name of the secret
                                                                                                                                                                                • namespace: The namespace of the secret
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                
 
                                                                                                                                                                                fsType
                                                                                                                                                                                
@@ -157,12 +157,12 @@ spec:
 
 
                                                                                                                                                                                csi.storage.k8s.io/node-publish-secret-name
                                                                                                                                                                                
 
                                                                                                                                                                                Name of the secret
                                                                                                                                                                                
+
                                                                                                                                                                                The name of the secret
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                
 
                                                                                                                                                                                csi.storage.k8s.io/node-publish-secret-namespace
                                                                                                                                                                                
 
                                                                                                                                                                                Namespace of the secret
                                                                                                                                                                                
+
                                                                                                                                                                                The namespace of the secret
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                
                                                                                                                                                                                 
 
 
                                                                                                                                                                                csi.storage.k8s.io/node-publish-secret-name
                                                                                                                                                                                
 
                                                                                                                                                                                Name of the secret
                                                                                                                                                                                
+
                                                                                                                                                                                The name of the secret
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                
 
                                                                                                                                                                                csi.storage.k8s.io/node-publish-secret-namespace
                                                                                                                                                                                
 
                                                                                                                                                                                Namespace of the secret
                                                                                                                                                                                
+
                                                                                                                                                                                The namespace of the secret
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                
                                                                                                                                                                                 
 
                                                                                                                                                                                Category
                                                                                                                                                                                
+
                                                                                                                                                                                
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/docs/cce/umn/cce_10_0345.html b/docs/cce/umn/cce_10_0345.html
index 9d73a2130..a78df6c3d 100644
--- a/docs/cce/umn/cce_10_0345.html
+++ b/docs/cce/umn/cce_10_0345.html
@@ -1,11 +1,13 @@
 
                                                                                                                                                                                Default GPU Scheduling in Kubernetes
                                                                                                                                                                                
-
                                                                                                                                                                                You can use GPUs in CCE containers.
                                                                                                                                                                                
-
                                                                                                                                                                                Prerequisites
                                                                                                                                                                                • A GPU node has been created. For details, see Creating a Node.
                                                                                                                                                                                • The CCE AI Suite (NVIDIA GPU) add-on has been installed, with the selected driver matching the GPU model on the node. For details, see CCE AI Suite (NVIDIA GPU).
                                                                                                                                                                                • When default GPU scheduling is used in clusters of v1.27 or earlier, the CCE AI Suite (NVIDIA GPU) add-on mounts the driver directory to /usr/local/nvidia/lib64. To use GPU resources in containers, you need to add /usr/local/nvidia/lib64 to the LD_LIBRARY_PATH environment variable. You can skip this step for clusters of v1.28 or later.
                                                                                                                                                                                  You can add environment variables in any of the following ways:
                                                                                                                                                                                  
-
                                                                                                                                                                                  • Configure the LD_LIBRARY_PATH environment variable in the Dockerfile used for creating an image. (Recommended)
                                                                                                                                                                                    ENV LD_LIBRARY_PATH /usr/local/nvidia/lib64:$LD_LIBRARY_PATH
                                                                                                                                                                                    
-
                                                                                                                                                                                  • Configure the LD_LIBRARY_PATH environment variable in the image startup command.
                                                                                                                                                                                    /bin/bash -c "export LD_LIBRARY_PATH=/usr/local/nvidia/lib64:$LD_LIBRARY_PATH && ..."
                                                                                                                                                                                    
-
                                                                                                                                                                                  • Define the LD_LIBRARY_PATH environment variable when creating a workload. (Ensure that this variable is not configured in the container. Otherwise, it will be overwritten.)
                                                                                                                                                                                    ...
+
                                                                                                                                                                                    CCE standard and Turbo clusters support Kubernetes' default GPU scheduling mode. This mode uses a device plugin to manage GPUs as a standard resource type. After the CCE AI Suite (NVIDIA GPU) add-on is installed on a node, CCE automatically detects the number of GPUs on the node and allocates them to pods based on the resources.limits specified during scheduling. nvidia.com/gpu can be set to an integer or a decimal.
                                                                                                                                                                                    
+
                                                                                                                                                                                    • If nvidia.com/gpu is set to a positive integer, for example, 1, an entire physical GPU will be exclusively allocated to the target pod. This is ideal for scenarios requiring high performance and strict isolation.
                                                                                                                                                                                    • If nvidia.com/gpu is set to a decimal, for example, 0.2, multiple pods can share a physical GPU, including its compute and memory resources. This is suitable for scenarios with lower compute demands, such as lightweight inference tasks.
                                                                                                                                                                                    
+
                                                                                                                                                                                    This section describes how to use Kubernetes' default GPU scheduling. For more information, see Schedule GPUs.
                                                                                                                                                                                    
+
                                                                                                                                                                                    Prerequisites
                                                                                                                                                                                    • A GPU node has been created. For details, see Creating a Node.
                                                                                                                                                                                    • The CCE AI Suite (NVIDIA GPU) add-on has been installed, with the selected driver matching the GPU model on the node. For details, see CCE AI Suite (NVIDIA GPU).
                                                                                                                                                                                    • When default GPU scheduling is used in clusters of v1.27 or earlier, the CCE AI Suite (NVIDIA GPU) add-on mounts the driver directory to /usr/local/nvidia/lib64. To use GPU resources in containers, you need to add /usr/local/nvidia/lib64 to the LD_LIBRARY_PATH environment variable. You can skip this step for clusters of v1.28 or later.
                                                                                                                                                                                      You can add environment variables in any of the following ways:
                                                                                                                                                                                      
+
                                                                                                                                                                                      • (Recommended) Configure the LD_LIBRARY_PATH environment variable in the Dockerfile used for creating an image.
                                                                                                                                                                                        ENV LD_LIBRARY_PATH /usr/local/nvidia/lib64:$LD_LIBRARY_PATH
                                                                                                                                                                                        
+
                                                                                                                                                                                      • Configure the LD_LIBRARY_PATH environment variable in the image startup command.
                                                                                                                                                                                        /bin/bash -c "export LD_LIBRARY_PATH=/usr/local/nvidia/lib64:$LD_LIBRARY_PATH && ..."
                                                                                                                                                                                        
+
                                                                                                                                                                                      • Define the LD_LIBRARY_PATH environment variable when creating a workload. (Ensure that this variable is not configured in the container. Otherwise, it will be overwritten.)
                                                                                                                                                                                        ...
           env:
             - name: LD_LIBRARY_PATH
               value: /usr/local/nvidia/lib64
@@ -13,50 +15,13 @@
 
                                                                                                                                                                                      
 
                                                                                                                                                                                    
 
                                                                                                                                                                                    
-
                                                                                                                                                                                    Using GPUs
                                                                                                                                                                                    Create a workload and request GPUs. You can specify the number of GPUs as follows:
                                                                                                                                                                                    
-
                                                                                                                                                                                    apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: gpu-test
-  namespace: default
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: gpu-test
-  template:
-    metadata:
-      labels:
-        app: gpu-test
-    spec:
-      containers:
-      - image: nginx:perl
-        name: container-0
-        resources:
-          requests:
-            cpu: 250m
-            memory: 512Mi
-            nvidia.com/gpu: 1   # Number of requested GPUs
-          limits:
-            cpu: 250m
-            memory: 512Mi
-            nvidia.com/gpu: 1   # Maximum number of GPUs that can be used
-      imagePullSecrets:
-      - name: default-secret
                                                                                                                                                                                    
-
                                                                                                                                                                                    nvidia.com/gpu specifies the number of GPUs to be requested. The value can be smaller than 1. For example, nvidia.com/gpu: 0.5 indicates that multiple pods share a GPU. In this case, all the requested GPU resources come from the same GPU card.
                                                                                                                                                                                    
-
                                                                                                                                                                                     
                                                                                                                                                                                    When you use nvidia.com/gpu to specify the number of GPUs, the values of requests and limits must be the same.
                                                                                                                                                                                    
-
                                                                                                                                                                                    
-
                                                                                                                                                                                    After nvidia.com/gpu is specified, workloads will not be scheduled to nodes without GPUs. If the node is GPU-starved, Kubernetes events similar to the following are reported:
                                                                                                                                                                                    
-
                                                                                                                                                                                    • 0/2 nodes are available: 2 Insufficient nvidia.com/gpu.
                                                                                                                                                                                    • 0/4 nodes are available: 1 InsufficientResourceOnSingleGPU, 3 Insufficient nvidia.com/gpu.
                                                                                                                                                                                    
-
                                                                                                                                                                                    To use GPU resources on the CCE console, you only need to configure the GPU quota when creating a workload.
                                                                                                                                                                                    
-
                                                                                                                                                                                    
+
                                                                                                                                                                                    Using the Console
                                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Workloads. In the upper right corner of the displayed page, click Create Workload.
                                                                                                                                                                                    2. In the Container Settings area, choose Basic Info, locate GPU Quota, select a scheduling mode, and specify the required resources. Default GPU scheduling involves GPU card and Shared.
                                                                                                                                                                                      • GPU card: An entire physical GPU will be exclusively allocated to the target pod.
                                                                                                                                                                                      • Shared: Multiple pods can share a physical GPU, including its compute and memory resources.
                                                                                                                                                                                      
+
                                                                                                                                                                                      
+
                                                                                                                                                                                    3. (Optional) Specify GPU memory for the workload. After the setting, CCE will enable affinity between pods and nodes based on the resource type so that the pods can be scheduled to appropriate nodes.
                                                                                                                                                                                    4. Configure other parameters by referring to Creating a Workload. After completing the settings, click Create Workload in the lower right corner. When the workload changes to the Running state, it is created.
                                                                                                                                                                                    
 
                                                                                                                                                                                    
-
                                                                                                                                                                                    GPU Node Labels
                                                                                                                                                                                    CCE will label GPU nodes that are ready to use. When using GPUs, you can enable affinity between pods and nodes based on labels so that the pods can be scheduled to the correct nodes. To do so, perform the following operations:
                                                                                                                                                                                    
-
                                                                                                                                                                                    1. Run the following command to view all nodes in the cluster and retrieve the value of the accelerator label (if applicable):
                                                                                                                                                                                      kubectl get node -L accelerator
                                                                                                                                                                                      
-
                                                                                                                                                                                      The following information is displayed, showing the label value:
                                                                                                                                                                                      
-
                                                                                                                                                                                      NAME           STATUS   ROLES    AGE     VERSION                                    ACCELERATOR
-10.100.2.179   Ready    <none>   8m43s   v1.19.10-r0-CCE21.11.1.B006-21.11.1.B006   nvidia-t4
                                                                                                                                                                                      
-
                                                                                                                                                                                    2. When using a YAML file to create a workload, add the following parameters to define affinity between pods and nodes:
                                                                                                                                                                                      apiVersion: apps/v1
+
                                                                                                                                                                                      Using kubectl
                                                                                                                                                                                      1. Use kubectl to access the cluster.
                                                                                                                                                                                      2. Write a YAML file for creating a workload with Kubernetes' default GPU scheduling enabled:
                                                                                                                                                                                        vim gpu-app.yaml
                                                                                                                                                                                        
+
                                                                                                                                                                                        Example file content:
                                                                                                                                                                                        
+
                                                                                                                                                                                        apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: gpu-test
@@ -71,8 +36,8 @@ spec:
       labels:
         app: gpu-test
     spec:
-      nodeSelector:
-        accelerator: nvidia-t4
+      nodeSelector:
+        accelerator: nvidia-t4
       containers:
       - image: nginx:perl
         name: container-0
@@ -80,14 +45,34 @@ spec:
           requests:
             cpu: 250m
             memory: 512Mi
-            nvidia.com/gpu: 1   # Number of requested GPUs
+            nvidia.com/gpu: 1   # (Optional) The value must be the same as that of limits.nvidia.com/gpu.
           limits:
             cpu: 250m
             memory: 512Mi
-            nvidia.com/gpu: 1   # Maximum number of GPUs that can be used
+            nvidia.com/gpu: 1   # Specified number of GPUs
       imagePullSecrets:
       - name: default-secret
                                                                                                                                                                                        
-
                                                                                                                                                                                      
+
                                                                                                                                                                                      • nodeSelector: (Optional) specifies a node selector. After a GPU node is created, CCE adds a label to it. When using GPUs, you can enable affinity between pods and nodes based on labels so that the pods can be scheduled to appropriate nodes.
                                                                                                                                                                                        Obtain nodes with a specified label:
                                                                                                                                                                                        
+
                                                                                                                                                                                        kubectl get node -L accelerator
                                                                                                                                                                                        
+
                                                                                                                                                                                        Information similar to the following is displayed, where the information in bold is the label value:
                                                                                                                                                                                        
+
                                                                                                                                                                                        NAME           STATUS   ROLES    AGE     VERSION                                    ACCELERATOR
+10.100.2.179   Ready    <none>   8m43s   v1.19.10-r0-CCE21.11.1.B006-21.11.1.B006   nvidia-t4
                                                                                                                                                                                        
+
                                                                                                                                                                                      • resources.limits.nvidia.com/gpu: specifies the number of GPUs.
                                                                                                                                                                                        • If nvidia.com/gpu is set to a positive integer, for example, 1, an entire physical GPU will be exclusively allocated to the target pod.
                                                                                                                                                                                        • If nvidia.com/gpu is set to a decimal, for example, 0.2, multiple pods can share a physical GPU, including its compute and memory resources.
                                                                                                                                                                                        
+
                                                                                                                                                                                         
                                                                                                                                                                                        requests.nvidia.com/gpu is optional. If it is specified, ensure its value is the same as that of limits.nvidia.com/gpu.
                                                                                                                                                                                        
+
                                                                                                                                                                                        
+
                                                                                                                                                                                      
+
                                                                                                                                                                                    3. Create the workload.
                                                                                                                                                                                      kubectl apply -f gpu-app.yaml
                                                                                                                                                                                      
+
                                                                                                                                                                                      If information similar to the following is displayed, the workload has been created:
                                                                                                                                                                                      
+
                                                                                                                                                                                      deployment.apps/gpu-test created
                                                                                                                                                                                      
+
                                                                                                                                                                                    4. View the created pod.
                                                                                                                                                                                      kubectl get pod -n default
                                                                                                                                                                                      
+
                                                                                                                                                                                      Information similar to the following is displayed:
                                                                                                                                                                                      
+
                                                                                                                                                                                      NAME                      READY   STATUS    RESTARTS   AGE
+gpu-test-6bdb4d7cb-pmtc2   1/1     Running   0          21s
                                                                                                                                                                                      
+
                                                                                                                                                                                    5. Access the container.
                                                                                                                                                                                      kubectl -n default exec -it gpu-test-6bdb4d7cb-pmtc2 -c container-0 -- /bin/bash
                                                                                                                                                                                      
+
                                                                                                                                                                                    6. Check whether the GPU has been allocated to the container.
                                                                                                                                                                                      nvidia-smi
                                                                                                                                                                                      
+
                                                                                                                                                                                      The command output indicates that the GPU has been allocated.
                                                                                                                                                                                      
+
                                                                                                                                                                                      
+
                                                                                                                                                                                    
 
                                                                                                                                                                                    
 
                                                                                                                                                                                    
 
                                                                                                                                                                                    
diff --git a/docs/cce/umn/cce_10_0348.html b/docs/cce/umn/cce_10_0348.html
index 29c3049bc..d2628b206 100644
--- a/docs/cce/umn/cce_10_0348.html
+++ b/docs/cce/umn/cce_10_0348.html
@@ -20,25 +20,25 @@
 
 
                                                                                                                                                                                
-
-
-
-
                                                                                                                                                                                Cluster Type
                                                                                                                                                                                
 
                                                                                                                                                                                Subcategory
                                                                                                                                                                                
+
                                                                                                                                                                                CCE Standard
                                                                                                                                                                                
 
                                                                                                                                                                                CCE Standard
                                                                                                                                                                                
-
                                                                                                                                                                                CCE Turbo
                                                                                                                                                                                
+
                                                                                                                                                                                CCE Turbo
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                
 
                                                                                                                                                                                Positioning
                                                                                                                                                                                
+
                                                                                                                                                                                Positioning
                                                                                                                                                                                
 
                                                                                                                                                                                -
                                                                                                                                                                                
+
                                                                                                                                                                                Standard clusters that provide highly reliable and secure containers for commercial use
                                                                                                                                                                                
 
                                                                                                                                                                                Standard clusters that provide highly reliable and secure containers for commercial use
                                                                                                                                                                                
-
                                                                                                                                                                                Next-generation clusters designed for Cloud Native 2.0, with accelerated compute, networking, and scheduling
                                                                                                                                                                                
+
                                                                                                                                                                                Next-generation clusters designed for Cloud Native 2.0, with accelerated compute, networking, and scheduling
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                Application scenario
                                                                                                                                                                                
+
                                                                                                                                                                                Application scenario
                                                                                                                                                                                
 
                                                                                                                                                                                -
                                                                                                                                                                                
+
                                                                                                                                                                                For users who expect to use container clusters to manage applications, obtain elastic compute resources, and enable simplified management on compute, network, and storage resources
                                                                                                                                                                                
 
                                                                                                                                                                                For users who expect to use container clusters to manage applications, obtain elastic compute resources, and enable simplified management on compute, network, and storage resources
                                                                                                                                                                                
-
                                                                                                                                                                                For users who have higher requirements on performance, resource utilization, and full-scenario coverage
                                                                                                                                                                                
+
                                                                                                                                                                                For users who have higher requirements on performance, resource utilization, and full-scenario coverage
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                Specification difference
                                                                                                                                                                                
+
                                                                                                                                                                                Network model
                                                                                                                                                                                
 
                                                                                                                                                                                Network model
                                                                                                                                                                                
-
                                                                                                                                                                                Cloud native 1.0 networks: for scenarios where requirements on performance are not high and there are not so many containers
                                                                                                                                                                                
+
                                                                                                                                                                                Cloud native 1.0 networks: for scenarios where requirements on performance are not high and there are not so many containers
                                                                                                                                                                                
 
                                                                                                                                                                                • Tunnel network
                                                                                                                                                                                • Virtual Private Cloud (VPC) network
                                                                                                                                                                                
 
                                                                                                                                                                                Cloud Native 2.0 networks: for scenarios where requirements on performance are high and there are many containers
                                                                                                                                                                                
-
                                                                                                                                                                                Max networking scale: 2,000 nodes
                                                                                                                                                                                
+
                                                                                                                                                                                Cloud Native 2.0 networks: for scenarios where there are many containers and need high performance
                                                                                                                                                                                
+
                                                                                                                                                                                A maximum of 2000 nodes is supported.
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                hostPort
                                                                                                                                                                                
+
                                                                                                                                                                                hostPort
                                                                                                                                                                                
 
                                                                                                                                                                                Supported
                                                                                                                                                                                
+
                                                                                                                                                                                Supported
                                                                                                                                                                                
 
                                                                                                                                                                                Not supported
                                                                                                                                                                                
+
                                                                                                                                                                                Not supported
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                Network performance
                                                                                                                                                                                
+
                                                                                                                                                                                Network performance
                                                                                                                                                                                
 
                                                                                                                                                                                The container network is overlaid with the VPC network, causing certain performance loss.
                                                                                                                                                                                
+
                                                                                                                                                                                The container network is overlaid with the VPC network, causing certain performance loss.
                                                                                                                                                                                
 
                                                                                                                                                                                The VPC network and container network are flattened into one for zero performance loss.
                                                                                                                                                                                
+
                                                                                                                                                                                The VPC network and container network are flattened into one for zero performance loss.
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                Network isolation
                                                                                                                                                                                
+
                                                                                                                                                                                Network isolation
                                                                                                                                                                                
 
                                                                                                                                                                                • Tunnel network model: network policies supported for communications within a cluster
                                                                                                                                                                                • VPC network model: isolation not supported
                                                                                                                                                                                
+
                                                                                                                                                                                • Tunnel networks: network policies for communications within a cluster
                                                                                                                                                                                • VPC networks: isolation not supported
                                                                                                                                                                                
 
                                                                                                                                                                                Pods can be associated with security groups for isolation. This isolation policy, based on security groups, ensures consistent security isolation both within and outside of a cluster.
                                                                                                                                                                                
+
                                                                                                                                                                                Pods can be associated with security groups for isolation. This isolation policy, based on security groups, ensures consistent security isolation both within and outside a cluster.
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                Container resource isolation
                                                                                                                                                                                
+
                                                                                                                                                                                Container resource isolation
                                                                                                                                                                                
 
                                                                                                                                                                                cgroups are used to isolate common containers.
                                                                                                                                                                                
+
                                                                                                                                                                                cgroups are used to isolate common containers.
                                                                                                                                                                                
 
                                                                                                                                                                                • VM-level isolation is supported for secure containers that run only on physical machines.
                                                                                                                                                                                • cgroups are used to isolate common containers.
                                                                                                                                                                                
+
                                                                                                                                                                                • VM-level isolation is supported for secure containers that run only on physical machines.
                                                                                                                                                                                • cgroups are used to isolate common containers.
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                Edge infrastructure management
                                                                                                                                                                                
+
                                                                                                                                                                                Edge infrastructure management
                                                                                                                                                                                
 
                                                                                                                                                                                Not supported
                                                                                                                                                                                
+
                                                                                                                                                                                Not supported
                                                                                                                                                                                
 
                                                                                                                                                                                Management of CloudPond edge sites
                                                                                                                                                                                
+
                                                                                                                                                                                Management of CloudPond edge sites
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                
                                                                                                                                                                                 
 
 
                                                                                                                                                                                VPC network
                                                                                                                                                                                
 
                                                                                                                                                                                The smaller value between the maximum number of pods on a node and the number of container IP addresses that can be allocated on a node
                                                                                                                                                                                
+
                                                                                                                                                                                The smaller value between the Maximum Number of Pods on a Node and Number of Allocatable Pod IP Addresses on a Node
                                                                                                                                                                                
 
                                                                                                                                                                                To ensure new pods run smoothly on a node, make sure that the number of pods on the node does not exceed the number of container IP addresses that can be assigned to it. If there are not enough container IP addresses available on the node, the new pods may not function properly.
                                                                                                                                                                                
+
                                                                                                                                                                                To ensure that new pods run smoothly on a node, verify that the maximum number of pods on the node does not exceed the number of allocatable pod IP addresses. If the node lacks sufficient pod IP addresses, new pods will not function properly.
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                
 
                                                                                                                                                                                Cloud Native Network 2.0 (for CCE Turbo clusters)
                                                                                                                                                                                
 
                                                                                                                                                                                The smaller value between the maximum number of pods on a node and the number of ENIs on a node in a CCE Turbo cluster
                                                                                                                                                                                
+
                                                                                                                                                                                The smaller value between the maximum number of pods on a node and the number of network interfaces on a node in a CCE Turbo cluster
                                                                                                                                                                                
 
                                                                                                                                                                                To ensure new pods run smoothly on a node, make sure that the number of pods on the node does not exceed the number of ENIs on it. If there are not enough ENIs available on the node, the new pods may not function properly.
                                                                                                                                                                                
+
                                                                                                                                                                                To ensure new pods run smoothly on a node, make sure that the number of pods on the node does not exceed the number of network interfaces on it. If there are not enough network interfaces available on the node, the new pods may not function properly.
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                
                                                                                                                                                                                 
 
                                                                                                                                                                                
 
                                                                                                                                                                                
 
-
                                                                                                                                                                                Number of Allocatable Container IP Addresses on a Node
                                                                                                                                                                                When creating a cluster in the VPC network model, follow the  and specify the number of container IP addresses that can be allocated to each node using alpha.cce/fixPoolMask.
                                                                                                                                                                                
-
                                                                                                                                                                                The maximum number of pods that can be created on a node is determined by the number of container IP addresses that can be allocated to it. In a container network, each pod needs its own IP address. If there are not enough pre-allocated container IP addresses on the node, pods cannot be created. If hostNetwork: true is configured in the YAML file, pods will use the host network instead of the allocatable container IP addresses. For details, see Pod IP Address Allocation Differences Between the Container Network and Host Network.
                                                                                                                                                                                
-
                                                                                                                                                                                By default, a node occupies three container IP addresses (network address, gateway address, and broadcast address). Therefore, the number of container IP addresses that can be allocated to a node equals the number of selected container IP addresses minus 3. 
                                                                                                                                                                                
+
                                                                                                                                                                                Number of Allocatable Pod IP Addresses on a Node
                                                                                                                                                                                The number of allocatable pod IP addresses on a node is the maximum number of IP addresses that can be allocated to pods on that node. When creating a cluster in the VPC network model, follow the  and specify the number of pod IP addresses that each node can allocate using alpha.cce/fixPoolMask.
                                                                                                                                                                                
+
                                                                                                                                                                                The maximum number of pods that can be created on a node is determined by the number of pod IP addresses available for allocation. In a containerized environment, each pod requires its own unique IP address. If the node runs out of reserved pod IP addresses, new pods cannot be created. If hostNetwork: true is configured in the YAML file, pods will use the host network instead of the reserved pod IP addresses. For details, see Pod IP Address Allocation Differences Between the Container Network and Host Network.
                                                                                                                                                                                
+
                                                                                                                                                                                By default, each node in a cluster is assigned a CIDR block from which pod IP addresses are allocated. The usable number of IP addresses for pods within this block is typically the total number of addresses in the CIDR block minus three reserved addresses (including the network address, gateway address, and broadcast address). 
                                                                                                                                                                                
 
                                                                                                                                                                                
 
                                                                                                                                                                                Maximum Number of Pods on a Node
                                                                                                                                                                                When creating a node, you can configure the maximum number of pods (maxPods) that can be created on the node. This parameter is a configuration item of kubelet and determines the maximum number of pods that can be created by kubelet.
                                                                                                                                                                                
 
                                                                                                                                                                                 
                                                                                                                                                                                For nodes in the default node pool (DefaultPool), the maximum number of pods cannot be changed after the nodes are created.
                                                                                                                                                                                
@@ -81,10 +81,10 @@
 
                                                                                                                                                                                
 
                                                                                                                                                                                
 
-
                                                                                                                                                                                Number of Node ENIs (Available Only in CCE Turbo Clusters)
                                                                                                                                                                                In a CCE Turbo cluster, ECS nodes use sub-ENIs. The maximum number of pods that can be created on a node depends on the number of ENIs that can be used by the node.
                                                                                                                                                                                
+
                                                                                                                                                                                Number of Node Network Interfaces (Available Only in CCE Turbo Clusters)
                                                                                                                                                                                In a CCE Turbo cluster, ECS nodes use supplementary network interfaces. The maximum number of pods that can be created on a node depends on the number of network interfaces that can be used by the node.
                                                                                                                                                                                
 
                                                                                                                                                                                
 
                                                                                                                                                                                Pod IP Address Allocation Differences Between the Container Network and Host Network
                                                                                                                                                                                When creating a pod, you can select the container network or host network for the pod.
                                                                                                                                                                                
-
                                                                                                                                                                                • Container network (default): Each pod is assigned an IP address by the cluster networking add-ons, which occupies the IP addresses of the container network.
                                                                                                                                                                                • Host network: Pods with hostNetwork: true configured directly use the network of the host.  After the configuration, the pods use the ports on the host and their IP address is identical to that of the host, without relying on the IP addresses of the container network. When using a host network, avoid conflicts between the pod ports and service ports on the host. Use a host network only if a particular application requires access to a specific port on the host.
                                                                                                                                                                                
+
                                                                                                                                                                                • Container network (default): Each pod is assigned an IP address by the cluster networking add-ons, which occupies the IP addresses of the container network.
                                                                                                                                                                                • Host network: Pods with hostNetwork: true configured directly use the network of the host. After the configuration, the pods use the ports on the host and their IP address is identical to that of the host, without relying on the IP addresses of the container network. When using a host network, avoid conflicts between the pod ports and service ports on the host. Use a host network only if a particular application requires access to a specific port on the host.
                                                                                                                                                                                
 
                                                                                                                                                                                
 
                                                                                                                                                                                
 
                                                                                                                                                                                
diff --git a/docs/cce/umn/cce_10_0349.html b/docs/cce/umn/cce_10_0349.html
index 7437c5f43..328e4d074 100644
--- a/docs/cce/umn/cce_10_0349.html
+++ b/docs/cce/umn/cce_10_0349.html
@@ -53,7 +53,8 @@
 
 
                                                                                                                                                                                When there are more than 3000 Services in a cluster, network delay may occur.
                                                                                                                                                                                
 
                                                                                                                                                                                • If you use the same load balancer for both the ingress and Service in the same cluster or for the Service ports in different clusters, you will not be able to access the ingress from the nodes or containers in the cluster, or the Service ports in other clusters. This is because kube-proxy mounts the LoadBalancer Service address to the ipvs-0 bridge, which intercepts the load balancer traffic. Use separate load balancers for these ingresses and Services.
                                                                                                                                                                                
+
                                                                                                                                                                                • If you have an IPVS-backed cluster, kube-proxy mounts the Service's load balancer address to the ipvs-0 bridge, which will intercept the traffic from within the cluster to the load balancer. In this case, there may be the following access exceptions:
                                                                                                                                                                                  • If you use the same load balancer for both a LoadBalancer ingress and Service, the ipvs-0 bridge will intercept the traffic from the cluster to the ingress and redirect it to the Service, resulting in an access failure.
                                                                                                                                                                                  • If you use the same load balancer for a Service in the current cluster and a Service in another cluster, the ipvs-0 bridge will intercept the traffic to the Service in another cluster and redirect the traffic to the Service in the current cluster, resulting in an access failure. You can perform the operations in Configuring Passthrough Networking for a LoadBalancer Service to prevent kube-proxy from forwarding the Service's load balancer traffic from the cluster.
                                                                                                                                                                                  
+
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                
 
 
                                                                                                                                                                                
@@ -26,15 +27,15 @@
 
-
@@ -80,7 +81,7 @@
 
@@ -94,7 +95,7 @@
 
-
-
@@ -154,8 +155,8 @@
 
-
-
-
diff --git a/docs/cce/umn/cce_10_0364.html b/docs/cce/umn/cce_10_0364.html
index b60207d2a..5f36447e8 100644
--- a/docs/cce/umn/cce_10_0364.html
+++ b/docs/cce/umn/cce_10_0364.html
@@ -6,9 +6,11 @@
 
                                                                                                                                                                                Compared with v1beta1, v1 has the following differences in parameters:
                                                                                                                                                                                • The ingress type is specified by spec.ingressClassName instead of kubernetes.io/ingress.class in annotations.
                                                                                                                                                                                • The format of backend has changed.
                                                                                                                                                                                • The pathType parameter must be specified for each path. The options are as follows:
                                                                                                                                                                                  • ImplementationSpecific: The matching method depends on Ingress Controller. The matching method defined by ingress.beta.kubernetes.io/url-match-mode is used in CCE, which is the same as v1beta1.
                                                                                                                                                                                  • Exact: exact matching of the URL, which is case-sensitive.
                                                                                                                                                                                  • Prefix: matching based on the URL prefix separated by a slash (/). The match is case-sensitive, and elements in the path are matched one by one. A path element refers to a list of labels in the path separated by a slash (/).
                                                                                                                                                                                  
 
                                                                                                                                                                                
-
                                                                                                                                                                                
+
                                                                                                                                                                                
-
                                                                                                                                                                                Prerequisites
                                                                                                                                                                                
+
                                                                                                                                                                                Prerequisites
                                                                                                                                                                                • An ingress provides network access for backend workloads. Ensure that a workload is available in a cluster. If no workload is available, deploy a workload by referring to Creating a Deployment, Creating a StatefulSet, or Creating a DaemonSet.
                                                                                                                                                                                • A ClusterIP or NodePort Service has been configured for the workload. For details about how to configure the Service, see ClusterIP or NodePort.
                                                                                                                                                                                • To add Nginx Ingress, ensure that the NGINX Ingress Controller add-on has been installed in the cluster. For details, see Installing the Add-on.
                                                                                                                                                                                
+
                                                                                                                                                                                
+
                                                                                                                                                                                Notes and Constraints
                                                                                                                                                                                • It is not recommended modifying any configuration of a load balancer on the ELB console. Otherwise, the Service will be abnormal. If you have modified the configuration, uninstall the nginx-ingress add-on and reinstall it.
                                                                                                                                                                                • The URL registered in an ingress forwarding policy must be the same as the URL used to access the backend Service. Otherwise, a 404 error will be returned.
                                                                                                                                                                                • The selected or created load balancer must be in the same VPC as the current cluster, and it must match the load balancer type (private or public network).
                                                                                                                                                                                • The load balancer has at least two listeners, and ports 80 and 443 are not occupied by listeners.
                                                                                                                                                                                • When NGINX Ingress Controller accesses a dedicated load balancer and the service affinity is set to the node level, the load balancer's IP address may fail to be accessed within the cluster. For details, see Why a Service Fail to Be Accessed from Within the Cluster.
                                                                                                                                                                                
 
                                                                                                                                                                                
 
                                                                                                                                                                                Creating an Nginx Ingress
                                                                                                                                                                                1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                2. Create a YAML file named ingress-test.yaml. The file name can be customized.
                                                                                                                                                                                  vi ingress-test.yaml
                                                                                                                                                                                  
 
                                                                                                                                                                                   
                                                                                                                                                                                  Starting from cluster v1.23, the ingress version is switched from networking.k8s.io/v1beta1 to networking.k8s.io/v1. For details about the differences between v1 and v1beta1, see Ingress API Version Upgrade in CCE Clusters v1.23.
                                                                                                                                                                                  
@@ -32,7 +34,7 @@ spec:
             property:
               ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
             pathType: ImplementationSpecific
-  ingressClassName: nginx   # Nginx ingresses are used. If multiple NGINX Ingress Controllers are installed in the cluster, replace nginx with the custom names of the controllers associated with the ingresses.
+  ingressClassName: nginx   # Nginx ingresses are used. If multiple NGINX Ingress Controllers are installed in the cluster, replace nginx with the custom names of the controllers associated with the ingresses.
 
                                                                                                                                                                                  
 
                                                                                                                                                                                  For clusters of v1.21 or earlier:
                                                                                                                                                                                  apiVersion: networking.k8s.io/v1beta1
 kind: Ingress
@@ -51,78 +53,78 @@ spec:
               serviceName: <your_service_name>  # Replace it with the name of your target Service.
               servicePort: <your_service_port>  # Replace it with the port number of your target Service.
                                                                                                                                                                                  
 
-
                                                                                                                                                                                Table 1 Node configuration parameters
                                                                                                                                                                                Parameter
                                                                                                                                                                                
 
                                                                                                                                                                                Node Type
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                Select a node type based on service requirements. Then, the available node flavors will be automatically displayed in the Specifications area for you to select.
                                                                                                                                                                                
-
                                                                                                                                                                                CCE standard clusters support the following node types:
                                                                                                                                                                                • ECS (VM): A virtualized ECS is used as a cluster node.
                                                                                                                                                                                
+
                                                                                                                                                                                CCE standard clusters support the following node types:
                                                                                                                                                                                • ECS (VM): A VM ECS is used as a cluster node.
                                                                                                                                                                                
 
                                                                                                                                                                                
-
                                                                                                                                                                                CCE Turbo clusters support the following node types:
                                                                                                                                                                                • ECS (VM): A virtualized ECS is used as a cluster node. A CCE Turbo cluster supports only the cloud servers that allow multiple ENIs. Select a server type displayed on the CCE console.
                                                                                                                                                                                
+
                                                                                                                                                                                CCE Turbo clusters support the following node types:
                                                                                                                                                                                • ECS (VM): A VM ECS is used as a cluster node. A CCE Turbo cluster supports only the cloud servers that allow multiple network interfaces. Select a server type displayed on the CCE console.
                                                                                                                                                                                
 
                                                                                                                                                                                
 
                                                                                                                                                                                		
 
                                                                                                                                                                                
 
                                                                                                                                                                                Specifications
                                                                                                                                                                                
 
                                                                                                                                                                                Select node flavors as needed. A node needs at least two vCPU cores and 4 GiB of memory. For the supported node flavors, see Node Flavor Description.
                                                                                                                                                                                
+
                                                                                                                                                                                Select node flavors as needed. A node needs at least 2 CPU cores and 4 GiB of memory. For the supported node flavors, see Node Flavor Description.
                                                                                                                                                                                
 
                                                                                                                                                                                The available node flavors vary depending on AZs. Obtain the flavors displayed on the console.
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                System Disk
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                System disk used by the node OS. The value ranges from 40 GiB to 1024 GiB. The default value is 50 GiB.
                                                                                                                                                                                
-
                                                                                                                                                                                System Disk Encryption: System disk encryption safeguards your data. Snapshots generated from encrypted disks and disks created using these snapshots automatically inherit the encryption setting. Only the nodes of the Elastic Cloud Server (VM) type in certain regions support system disk encryption. For details, see the console.
                                                                                                                                                                                • Not encrypted is selected by default.
                                                                                                                                                                                • If you select Enabled (key) for System Disk Encryption, choose an existing key. If no key is available, click View Key List and create a key. After the key is created, click the refresh icon next to the text box.
                                                                                                                                                                                • If you select Enabled (KMS key ID) for System Disk Encryption, enter a KMS key (which can be shared by others) in the current region.
                                                                                                                                                                                
+
                                                                                                                                                                                System Disk Encryption: System disk encryption safeguards your data. Snapshots generated from encrypted disks and disks created using these snapshots automatically inherit the encryption setting. Only the nodes of the Elastic Cloud Server (VM) type in certain regions support system disk encryption. For details, see the console.
                                                                                                                                                                                • Not encrypted is selected by default.
                                                                                                                                                                                • If you select Enabled (key) for System Disk Encryption, choose an existing key. If no key is available, click View Key List and create a key. After the key is created, click the refresh icon next to the text box.
                                                                                                                                                                                • If you select Enabled (KMS key ID) for System Disk Encryption, enter a KMS key (which can be shared by others) in the current region.
                                                                                                                                                                                
 
                                                                                                                                                                                
 
                                                                                                                                                                                		
 
                                                                                                                                                                                
 
                                                                                                                                                                                Data Disk
                                                                                                                                                                                
 
                                                                                                                                                                                • At least one default data disk must be added for storing container runtime and kubelet components if System Component Storage is set to Data Disk. This data disk cannot be deleted or detached. Otherwise, the node will be unavailable. This function is available for clusters of a version earlier than v1.23.18-r0, v1.25.13-r0, v1.27.10-r0, v1.28.8-r0, or v1.29.4-r0.
                                                                                                                                                                                  • Default data disk: used for container runtime and kubelet components. The disk size ranges from 20 GiB to 32768 GiB. The default value is 100 GiB.
                                                                                                                                                                                  • Other common data disks: You can set the data disk size to a value ranging from 10 GiB to 32768 GiB. The default value is 100 GiB.
                                                                                                                                                                                  
+
                                                                                                                                                                                • At least one default data disk must be added for storing container runtime and kubelet components if System Component Storage is set to Data Disk. This data disk cannot be deleted or detached. Otherwise, the node will be unavailable. This function is available for clusters of a version earlier than v1.23.18-r0, v1.25.13-r0, v1.27.10-r0, v1.28.8-r0, or v1.29.4-r0.
                                                                                                                                                                                  • Default data disk: used for container runtime and kubelet components. The disk size ranges from 20 GiB to 32768 GiB. The default value is 100 GiB.
                                                                                                                                                                                  • Other common data disks: You can set the data disk size to a value ranging from 10 GiB to 32768 GiB. The default value is 100 GiB.
                                                                                                                                                                                  
 
                                                                                                                                                                                • If System Component Storage is set to System Disk, you do not need to add a default data disk. In this case, all data disks are common ones: You can set the data disk size to a value ranging from 10 GiB to 32768 GiB. The default value is 100 GiB. This function is available for clusters of v1.23.18-r0, v1.25.13-r0, v1.27.10-r0, v1.28.8-r0, v1.29.4-r0, or later versions.
                                                                                                                                                                                
 
                                                                                                                                                                                 NOTE: 
                                                                                                                                                                                • If the node flavor is disk-intensive or ultra-high I/O, one data disk can be a local disk.
                                                                                                                                                                                • Local disks may break down and do not ensure data reliability. Store your service data in EVS disks, which are more reliable than local disks.
                                                                                                                                                                                
 
                                                                                                                                                                                
@@ -135,8 +136,8 @@
 
                                                                                                                                                                                
 
                                                                                                                                                                                EIP
                                                                                                                                                                                
 
                                                                                                                                                                                An ECS without a bound EIP cannot access the Internet or be accessed by public networks.
                                                                                                                                                                                
-
                                                                                                                                                                                The default value is Do not use. Use existing and Auto create are supported.
                                                                                                                                                                                
+
                                                                                                                                                                                An ECS without a bound EIP cannot access the Internet or be accessed from public networks.
                                                                                                                                                                                
+
                                                                                                                                                                                The default value is Do not use. Use existing and Auto assign are supported.
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                
 
                                                                                                                                                                                Resource Tag
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                You can add resource tags to classify resources. A maximum of eight resource tags can be added.
                                                                                                                                                                                
-
                                                                                                                                                                                You can create predefined tags on the TMS console. These tags are available to all resources that support tags. You can use these tags to improve the tag creation and resource migration efficiency. 
                                                                                                                                                                                
-
                                                                                                                                                                                CCE will automatically create the "CCE-Dynamic-Provisioning-Node=Node ID" tag.
                                                                                                                                                                                
+
                                                                                                                                                                                You can create predefined tags on the TMS console. These tags are available to all resources that support tags. You can use these tags to improve the tag creation and resource migration efficiency. 
                                                                                                                                                                                
+
                                                                                                                                                                                CCE will automatically create the CCE-Dynamic-Provisioning-Node=Node ID tag.
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                
 
                                                                                                                                                                                Kubernetes Label
                                                                                                                                                                                
@@ -189,22 +190,22 @@
 
                                                                                                                                                                                
 
                                                                                                                                                                                Pre-installation Command
                                                                                                                                                                                
 
                                                                                                                                                                                Installation script command, in which Chinese characters are not allowed. The script command will be Base64-transcoded. The characters of both the pre-installation and post-installation scripts are centrally calculated, and the total number of characters after transcoding cannot exceed 10240.
                                                                                                                                                                                
+
                                                                                                                                                                                Installation script command. The script command will be Base64-transcoded. The characters of both the pre-installation and post-installation scripts are centrally calculated, and the total number of characters after transcoding cannot exceed 10240.
                                                                                                                                                                                
 
                                                                                                                                                                                The script will be executed before Kubernetes software is installed. Note that if the script is incorrect, Kubernetes software may fail to be installed.
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                
 
                                                                                                                                                                                Post-installation Command
                                                                                                                                                                                
 
                                                                                                                                                                                Installation script command, in which Chinese characters are not allowed. The script command will be Base64-transcoded. The characters of both the pre-installation and post-installation scripts are centrally calculated, and the total number of characters after transcoding cannot exceed 10240.
                                                                                                                                                                                
-
                                                                                                                                                                                The script will be executed after Kubernetes software is installed, which does not affect the installation.
                                                                                                                                                                                
-
                                                                                                                                                                                 NOTE: 
                                                                                                                                                                                Do not run the reboot command in the post-installation script to restart the system immediately. To restart the system, run the shutdown -r 1 command to restart with a delay of one minute.
                                                                                                                                                                                
+
                                                                                                                                                                                Installation script command. The script command will be Base64-transcoded. The characters of both the pre-installation and post-installation scripts are centrally calculated, and the total number of characters after transcoding cannot exceed 10240.
                                                                                                                                                                                
+
                                                                                                                                                                                The script will be executed after Kubernetes software is installed, which does not affect the installation. During post-installation script execution, pods can be scheduled normally. However, if the script execution times out, node installation will fail. To prevent pods from being scheduled to nodes with incomplete script execution, enable the option to schedule pods only after the post-installation script execution completes.
                                                                                                                                                                                 CAUTION: 
                                                                                                                                                                                Do not use the reboot command in the post-installation script to restart the system immediately. Instead, use the shutdown -r 1 command to restart the system with a one-minute delay.
                                                                                                                                                                                
 
                                                                                                                                                                                
+
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                
 
                                                                                                                                                                                Agency
                                                                                                                                                                                
 
                                                                                                                                                                                An agency is created by the tenant administrator on the IAM console. Using an agency, you can share your cloud server resources with another account, or entrust a more professional person or team to manage your resources.
                                                                                                                                                                                
-
                                                                                                                                                                                If no agency is available, click Create Agency on the right to create one.
                                                                                                                                                                                
+
                                                                                                                                                                                If you need to share ECS resources with other accounts or delegate a more professional person or team to manage the resources, you can create an agency on IAM and grant the agency the permissions to manage ECS resources. The delegated account can log in to the cloud system and switch to your account to manage resources. You do not need to share security credentials (such as passwords) with other accounts, ensuring the security of your account.
                                                                                                                                                                                
+
                                                                                                                                                                                If you have created an agency, select the agency from the drop-down list. If no agency is available, click Create Agency on the right to create one. 
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                
                                                                                                                                                                                 
 
 
                                                                                                                                                                                Table 1 Key parameters
                                                                                                                                                                                Parameter
                                                                                                                                                                                
+
                                                                                                                                                                                
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                                                                                                                                                Table 1 Key parameters
                                                                                                                                                                                Parameter
                                                                                                                                                                                
 
                                                                                                                                                                                Mandatory
                                                                                                                                                                                
+
                                                                                                                                                                                Mandatory
                                                                                                                                                                                
 
                                                                                                                                                                                Type
                                                                                                                                                                                
+
                                                                                                                                                                                Type
                                                                                                                                                                                
 
                                                                                                                                                                                Description
                                                                                                                                                                                
+
                                                                                                                                                                                Description
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                
 
                                                                                                                                                                                kubernetes.io/ingress.class
                                                                                                                                                                                
+
                                                                                                                                                                                kubernetes.io/ingress.class
                                                                                                                                                                                
 
                                                                                                                                                                                Yes (only for clusters of v1.21 or earlier)
                                                                                                                                                                                
+
                                                                                                                                                                                Yes (only for clusters of v1.21 or earlier)
                                                                                                                                                                                
 
                                                                                                                                                                                String
                                                                                                                                                                                
+
                                                                                                                                                                                String
                                                                                                                                                                                
 
                                                                                                                                                                                nginx: indicates that Nginx Ingress is used. This option is available only after the NGINX Ingress Controller add-on is installed.
                                                                                                                                                                                
-
                                                                                                                                                                                This parameter is mandatory when an ingress is created by calling the API.
                                                                                                                                                                                
+
                                                                                                                                                                                nginx: indicates that Nginx Ingress is used. This option is available only after the NGINX Ingress Controller add-on is installed.
                                                                                                                                                                                
+
                                                                                                                                                                                This parameter is mandatory when you create an Nginx ingress. If it is not specified, a LoadBalancer ingress will be created by default.
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                ingressClassName
                                                                                                                                                                                
+
                                                                                                                                                                                ingressClassName
                                                                                                                                                                                
 
                                                                                                                                                                                Yes
                                                                                                                                                                                
+
                                                                                                                                                                                Yes
                                                                                                                                                                                
 
                                                                                                                                                                                (only for clusters of v1.23 or later)
                                                                                                                                                                                
 
                                                                                                                                                                                String
                                                                                                                                                                                
+
                                                                                                                                                                                String
                                                                                                                                                                                
 
                                                                                                                                                                                nginx: indicates that Nginx Ingress is used. This option is available only after the NGINX Ingress Controller add-on is installed.
                                                                                                                                                                                
+
                                                                                                                                                                                nginx: indicates that Nginx Ingress is used. This option is available only after the NGINX Ingress Controller add-on is installed.
                                                                                                                                                                                
 
                                                                                                                                                                                Multiple NGINX Ingress Controller add-ons can be installed in a single cluster if the add-on version is 2.5.4 or later. In this case, the value of this parameter must be the controller name customized during controller installation, indicating that the ingress is managed by that specific controller.
                                                                                                                                                                                
-
                                                                                                                                                                                This parameter is mandatory when an ingress is created by calling the API.
                                                                                                                                                                                
+
                                                                                                                                                                                This parameter is mandatory when you create an Nginx ingress. If it is not specified, a LoadBalancer ingress will be created by default.
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                host
                                                                                                                                                                                
+
                                                                                                                                                                                host
                                                                                                                                                                                
 
                                                                                                                                                                                No
                                                                                                                                                                                
+
                                                                                                                                                                                No
                                                                                                                                                                                
 
                                                                                                                                                                                String
                                                                                                                                                                                
+
                                                                                                                                                                                String
                                                                                                                                                                                
 
                                                                                                                                                                                Domain name for accessing the Service. By default, this parameter is left blank, and the domain name needs to be fully matched. Ensure that the domain name has been registered and licensed. Once a forwarding policy is configured with a domain name specified, you must use the domain name for access.
                                                                                                                                                                                
+
                                                                                                                                                                                Domain name for accessing the Service. By default, this parameter is left blank, and the domain name needs to be fully matched. Ensure that the domain name has been registered and licensed. Once a forwarding policy is configured with a domain name specified, you must use the domain name for access.
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                path
                                                                                                                                                                                
+
                                                                                                                                                                                path
                                                                                                                                                                                
 
                                                                                                                                                                                Yes
                                                                                                                                                                                
+
                                                                                                                                                                                Yes
                                                                                                                                                                                
 
                                                                                                                                                                                String
                                                                                                                                                                                
+
                                                                                                                                                                                String
                                                                                                                                                                                
 
                                                                                                                                                                                User-defined route path. All external access requests must match host and path.
                                                                                                                                                                                
+
                                                                                                                                                                                User-defined route path. All external access requests must match host and path.
                                                                                                                                                                                
 
                                                                                                                                                                                 NOTE: 
                                                                                                                                                                                • The access path matching rule of Nginx Ingress is based on the path prefix separated by the slash (/) and is case-sensitive. If the subpath separated by a slash (/) matches the prefix, the access is normal. However, if the prefix is only a part of the character string in the subpath, the access is not matched. For example, if the URL is set to /healthz, /healthz/v1 is matched, but /healthzv1 is not matched.
                                                                                                                                                                                • The access path added here must exist in the backend application. Otherwise, the forwarding fails.
                                                                                                                                                                                  For example, the default access URL of the Nginx application is /usr/share/nginx/html. When adding /test to the ingress forwarding policy, ensure the access URL of your Nginx application contains /usr/share/nginx/html/test. Otherwise, error 404 will be returned.
                                                                                                                                                                                  
 
                                                                                                                                                                                
 
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                ingress.beta.kubernetes.io/url-match-mode
                                                                                                                                                                                
+
                                                                                                                                                                                ingress.beta.kubernetes.io/url-match-mode
                                                                                                                                                                                
 
                                                                                                                                                                                No
                                                                                                                                                                                
+
                                                                                                                                                                                No
                                                                                                                                                                                
 
                                                                                                                                                                                String
                                                                                                                                                                                
+
                                                                                                                                                                                String
                                                                                                                                                                                
 
                                                                                                                                                                                Route matching policy.
                                                                                                                                                                                
+
                                                                                                                                                                                Route matching policy.
                                                                                                                                                                                
 
                                                                                                                                                                                Default: STARTS_WITH (prefix match)
                                                                                                                                                                                
 
                                                                                                                                                                                Options:
                                                                                                                                                                                
 
                                                                                                                                                                                • EQUAL_TO: exact match
                                                                                                                                                                                • STARTS_WITH: prefix match
                                                                                                                                                                                
                                                                                                                                                                                 		
 
                                                                                                                                                                                pathType
                                                                                                                                                                                
+
                                                                                                                                                                                pathType
                                                                                                                                                                                
 
                                                                                                                                                                                Yes
                                                                                                                                                                                
+
                                                                                                                                                                                Yes
                                                                                                                                                                                
 
                                                                                                                                                                                String
                                                                                                                                                                                
+
                                                                                                                                                                                String
                                                                                                                                                                                
 
                                                                                                                                                                                Path type. This field is supported only by clusters of v1.23 or later.
                                                                                                                                                                                • ImplementationSpecific: The matching method depends on Ingress Controller. The matching method defined by ingress.beta.kubernetes.io/url-match-mode is used in CCE.
                                                                                                                                                                                • Exact: exact matching of the URL, which is case-sensitive.
                                                                                                                                                                                • Prefix: prefix matching, which is case-sensitive. With this method, the URL path is separated into multiple elements by slashes (/) and the elements are matched one by one. If each element in the URL matches the path, the subpaths of the URL can be routed normally.
                                                                                                                                                                                   NOTE: 
                                                                                                                                                                                  • During prefix matching, each element must be exactly matched. If the last element of the URL is the substring of the last element in the request path, no matching is performed. For example, /foo/bar matches /foo/bar/baz but does not match /foo/barbaz.
                                                                                                                                                                                  • When elements are separated by slashes (/), if the URL or request path ends with a slash (/), the slash (/) at the end is ignored. For example, /foo/bar matches /foo/bar/.
                                                                                                                                                                                  
+
                                                                                                                                                                                Path type. This field is supported only by clusters of v1.23 or later.
                                                                                                                                                                                • ImplementationSpecific: The matching method depends on Ingress Controller. The matching method defined by ingress.beta.kubernetes.io/url-match-mode is used in CCE.
                                                                                                                                                                                • Exact: exact matching of the URL, which is case-sensitive.
                                                                                                                                                                                • Prefix: prefix matching, which is case-sensitive. With this method, the URL path is separated into multiple elements by slashes (/) and the elements are matched one by one. If each element in the URL matches the path, the subpaths of the URL can be routed normally.
                                                                                                                                                                                   NOTE: 
                                                                                                                                                                                  • During prefix matching, each element must be exactly matched. If the last element of the URL is the substring of the last element in the request path, no matching is performed. For example, /foo/bar matches /foo/bar/baz but does not match /foo/barbaz.
                                                                                                                                                                                  • When elements are separated by slashes (/), if the URL or request path ends with a slash (/), the slash (/) at the end is ignored. For example, /foo/bar matches /foo/bar/.
                                                                                                                                                                                  
 
                                                                                                                                                                                  
 
                                                                                                                                                                                
 
                                                                                                                                                                                
@@ -140,7 +142,7 @@ spec:
 
                                                                                                                                                                                If information similar to the following is displayed, the ingress has been created:
                                                                                                                                                                                
 
                                                                                                                                                                                NAME          CLASS   HOSTS     ADDRESS          PORTS   AGE
 ingress-test  nginx   *         121.**.**.**     80      10s
                                                                                                                                                                                
-
                                                                                                                                                                              8. Enter http://121.**.**.**:80 in the address box of the browser to access the workload (for example, Nginx workload).
                                                                                                                                                                                121.**.**.** indicates the IP address of the unified load balancer.
                                                                                                                                                                                
+
                                                                                                                                                                              9. Enter http://121.**.**.**:80 in the address bar of the browser to access the workload (for example, Nginx workload).
                                                                                                                                                                                121.**.**.** indicates the IP address of the unified load balancer.
                                                                                                                                                                                
 
                                                                                                                                                                                10. 
 
 
diff --git a/docs/cce/umn/cce_10_0365.html b/docs/cce/umn/cce_10_0365.html
index 89b393f54..ebcf847a9 100644
--- a/docs/cce/umn/cce_10_0365.html
+++ b/docs/cce/umn/cce_10_0365.html
@@ -15,7 +15,7 @@
 
 
 
                                                                                                                                                                                Configuring DNS for a Workload Through the Console
                                                                                                                                                                                Kubernetes provides DNS-related configuration options for applications. The use of application's DNS configuration can effectively reduce unnecessary DNS queries in certain scenarios and improve service concurrency. The following procedure uses an Nginx application as an example to describe how to add DNS configurations for a workload on the console.
                                                                                                                                                                                
-
                                                                                                                                                                                1. Log in to the CCE console, access the cluster console, select Workloads in the navigation pane, and click Create Workload in the upper right corner.
                                                                                                                                                                                2. Configure basic information about the workload. For details, see Creating a Workload.
                                                                                                                                                                                3. In the Advanced Settings area, click the DNS tab and set the following parameters as required:
                                                                                                                                                                                  • DNS Policy: The DNS policies provided on the console correspond to the dnsPolicy field in the YAML file. For details, see Table 1.
                                                                                                                                                                                    • Supplement defaults: corresponds to dnsPolicy=ClusterFirst. Containers can resolve both the cluster-internal domain names registered by a Service and the external domain names exposed to public networks.
                                                                                                                                                                                    • Replace defaults: corresponds to dnsPolicy=None. You must configure IP Address and Search Domain. Containers only use the user-defined IP address and search domain configurations for domain name resolution.
                                                                                                                                                                                    • Inherit defaults: corresponds to dnsPolicy=Default. Containers use the domain name resolution configuration from the node that pods run on and cannot resolve the cluster-internal domain names.
                                                                                                                                                                                    
+
                                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                    2. In the navigation pane, choose Workloads. In the upper right corner, click Create Workload.
                                                                                                                                                                                    3. Configure basic information about the workload. For details, see Creating a Workload.
                                                                                                                                                                                    4. In the Advanced Settings area, click the DNS tab and set the following parameters as required:
                                                                                                                                                                                      • DNS Policy: The DNS policies provided on the console correspond to the dnsPolicy field in the YAML file. For details, see Table 1.
                                                                                                                                                                                        • Supplement defaults: corresponds to dnsPolicy=ClusterFirst. Containers can resolve both the cluster-internal domain names registered by a Service and the external domain names exposed to public networks.
                                                                                                                                                                                        • Replace defaults: corresponds to dnsPolicy=None. You must configure IP Address and Search Domain. Containers only use the user-defined IP address and search domain configurations for domain name resolution.
                                                                                                                                                                                        • Inherit defaults: corresponds to dnsPolicy=Default. Containers use the domain name resolution configuration from the node that pods run on and cannot resolve the cluster-internal domain names.
                                                                                                                                                                                        
 
                                                                                                                                                                                      • Optional Objects: The options parameters in the dnsConfig field. Each object may have a name property (required) and a value property (optional). After setting the properties, click confirm to add.
                                                                                                                                                                                        • timeout: Timeout interval, in seconds.
                                                                                                                                                                                        • ndots: Number of dots (.) that must be present in a domain name. If a domain name has dots fewer than this value, the operating system will look up the name in the search domain. If not, the name is a fully qualified domain name (FQDN) and will be tried first as an absolute name.
                                                                                                                                                                                        
 
                                                                                                                                                                                      • IP Address of DNS Server: nameservers in dnsConfig. You can configure a domain name server for a custom domain name. The value is one or a group of DNS IP addresses.
                                                                                                                                                                                      • Search Domain: searches in the dnsConfig. A list of DNS search domains for hostname lookup in the pod. This property is optional. When specified, the provided list will be merged into the search domain names generated from the chosen DNS policy in dnsPolicy. Duplicate domain names are removed.
                                                                                                                                                                                      • Host Alias: Add the mapping between domain names and IP addresses to the local configuration file /etc/hosts of a pod for simplified local domain name resolution. For details, see Adding entries to Pod /etc/hosts with HostAliases
                                                                                                                                                                                      
 
                                                                                                                                                                                    5. Click Create Workload.
                                                                                                                                                                                    
@@ -161,8 +161,8 @@ spec:
   dnsPolicy: Default  # The DNS configuration file that the kubelet --resolv-conf parameter points to is used. In this case, the CCE cluster uses the DNS on the cloud.
   imagePullSecrets:
     - name: default-secret
-
                                                                                                                                                                                    The DNS configuration file of the container is as follows: (100.125.x.x is the DNS address of the node subnet.)
                                                                                                                                                                                    
-
                                                                                                                                                                                    nameserver 100.125.x.x
+
                                                                                                                                                                                    The DNS configuration file of the container is as follows: (100.125.x.x is the DNS address of the node subnet.)
                                                                                                                                                                                    
+
                                                                                                                                                                                    nameserver 100.125.x.x
 options timeout:2 single-request-reopen
                                                                                                                                                                                    
 
                                                                                                                                                                                  • Use Case 3: Using Kube-DNS/CoreDNS for Workloads Running with hostNetwork
                                                                                                                                                                                    Scenario
                                                                                                                                                                                    
 
                                                                                                                                                                                    By default, a DNS is used for workloads running with hostNetwork. If workloads need to use Kube-DNS/CoreDNS, set dnsPolicy to ClusterFirstWithHostNet.
                                                                                                                                                                                    
@@ -182,8 +182,8 @@ spec:
   imagePullSecrets:
     - name: default-secret
 
                                                                                                                                                                                    Container's DNS configuration file:
                                                                                                                                                                                    
-
                                                                                                                                                                                    nameserver 10.247.3.10
-search default.svc.cluster.local svc.cluster.local cluster.local
+
                                                                                                                                                                                    nameserver 10.247.3.10
+search default.svc.cluster.local svc.cluster.local cluster.local
 options ndots:5 single-request-reopen timeout:2
                                                                                                                                                                                    
 
                                                                                                                                                                                  • Use Case 4: Customizing Application's DNS Configuration
                                                                                                                                                                                    Scenario
                                                                                                                                                                                    
 
                                                                                                                                                                                    You can flexibly customize the DNS configuration file for applications. Using dnsPolicy and dnsConfig together can address almost all scenarios, including the scenarios in which an on-premises DNS will be used, multiple DNSs will be cascaded, and DNS configuration options will be modified.
                                                                                                                                                                                    
@@ -213,9 +213,9 @@ spec:
   imagePullSecrets:
     - name: default-secret
 
                                                                                                                                                                                    Container's DNS configuration file:
                                                                                                                                                                                    
-
                                                                                                                                                                                    nameserver 10.2.3.4
-search ns1.svc.cluster.local my.dns.search.suffix
-options timeout:3 ndots:2 single-request-reopen 
                                                                                                                                                                                    
+
                                                                                                                                                                                    nameserver 10.2.3.4
+search ns1.svc.cluster.local my.dns.search.suffix
+options timeout:3 ndots:2 single-request-reopen 
                                                                                                                                                                                    
 
                                                                                                                                                                                    Example 2: Modifying the ndots Option in the DNS Configuration File to Reduce Invalid DNS Queries
                                                                                                                                                                                    
 
                                                                                                                                                                                    Set dnsPolicy to a value other than None so the DNS parameters configured in dnsConfig are added to the DNS configuration file generated based on dnsPolicy.
                                                                                                                                                                                    
 
                                                                                                                                                                                    apiVersion: v1
@@ -237,7 +237,7 @@ spec:
 
                                                                                                                                                                                    Container's DNS configuration file:
                                                                                                                                                                                    
 
                                                                                                                                                                                    nameserver 10.247.3.10
 search default.svc.cluster.local svc.cluster.local cluster.local
-options ndots:2 single-request-reopen timeout:2
                                                                                                                                                                                    
+options ndots:2 single-request-reopen timeout:2
                                                                                                                                                                                    
 
                                                                                                                                                                                    Example 3: Using Multiple DNSs in Serial Sequence
                                                                                                                                                                                    
 
                                                                                                                                                                                    apiVersion: v1
 kind: Pod
@@ -259,7 +259,7 @@ spec:
 
                                                                                                                                                                                
 
                                                                                                                                                                                Container's DNS configuration file:
                                                                                                                                                                                
 
                                                                                                                                                                                nameserver 10.247.3.10 
-nameserver 10.2.3.4
+nameserver 10.2.3.4
 search default.svc.cluster.local svc.cluster.local cluster.local
 options timeout:2 single-request-reopen ndots:5
                                                                                                                                                                                
 
diff --git a/docs/cce/umn/cce_10_0367.html b/docs/cce/umn/cce_10_0367.html
index 403f34902..032ac7bc5 100644
--- a/docs/cce/umn/cce_10_0367.html
+++ b/docs/cce/umn/cce_10_0367.html
@@ -2,20 +2,20 @@
 
 
                                                                                                                                                                                Accessing a Cluster Using a Custom Domain Name
                                                                                                                                                                                
 
                                                                                                                                                                                Scenario
                                                                                                                                                                                Subject Alternative Name (SAN) enables certificates to be associated with multiple values, including IP addresses and domain names. A SAN is usually used by the client to verify the server validity in TLS handshakes. Specifically, the validity check includes whether the server certificate is issued by a CA trusted by the client and whether the SAN in the certificate matches the IP address or DNS domain name that the client actually accesses.
                                                                                                                                                                                
-
                                                                                                                                                                                If the client cannot directly access the private IP or EIP of the cluster, you can sign the IP address or DNS domain name that can be directly accessed by the client into the cluster server certificate as a SAN to enable two-way authentication on the client, which improves security. Typical use cases include DNAT access and domain name access.
                                                                                                                                                                                
+
                                                                                                                                                                                If a client cannot access the cluster's private IP address or EIP, add the client's accessible IP address or DNS domain name to the cluster server certificate as a SAN. This enhances security through two-way authentication. Typical use cases include DNAT access and domain name access.
                                                                                                                                                                                
 
                                                                                                                                                                                If you have particular proxy access requirements or need to access resources in other regions, you can customize a SAN. Typical domain name access scenarios:
                                                                                                                                                                                
 
                                                                                                                                                                                • Add the domain name mapping by either adding the DNS domain name address in the host domain name configuration on the client or configuring /etc/hosts on the client host.
                                                                                                                                                                                • Use domain name access in the intranet. DNS allows you to configure mappings between cluster EIPs and custom domain names. After an EIP is updated, you can continue to use two-way authentication and the domain name to access the cluster without downloading the kubeconfig.json file again.
                                                                                                                                                                                • Add A records on a self-built DNS server.
                                                                                                                                                                                
 
                                                                                                                                                                                
 
                                                                                                                                                                                Prerequisites
                                                                                                                                                                                A cluster of v1.19 or later is available.
                                                                                                                                                                                
 
                                                                                                                                                                                
 
                                                                                                                                                                                Customizing a SAN
                                                                                                                                                                                You can add a custom SAN on the CCE console. To do so, perform the following operations:
                                                                                                                                                                                
-
                                                                                                                                                                                1. Log in to the CCE console.
                                                                                                                                                                                2. Click the name of the target cluster in the cluster list to go to the cluster Overview page.
                                                                                                                                                                                3. In the Connection Information area, click  next to Custom SAN. In the dialog box displayed, enter the IP address or domain name and click Save.
                                                                                                                                                                                  
+
                                                                                                                                                                                  1. Log in to the CCE console.
                                                                                                                                                                                  2. Click the name of the target cluster in the cluster list to go to the cluster Overview page.
                                                                                                                                                                                  3. In the Connection Information area, click  next to Custom SAN. In the dialog box displayed, enter the IP address or domain name and click Save.
                                                                                                                                                                                    
 
                                                                                                                                                                                     
                                                                                                                                                                                    • The kube-apiserver will be restarted and the kubeconfig certificate will be updated, which will take approximately 5 minutes. Do not perform any operations on the cluster during this period. After the operation is complete, download the updated kubeconfig certificate.
                                                                                                                                                                                    • A maximum of 128 domain names or IP addresses, separated by commas (,), are allowed.
                                                                                                                                                                                    • If a custom domain name needs to be bound to an EIP, ensure that you have configured an EIP.
                                                                                                                                                                                    
 
                                                                                                                                                                                    
 
                                                                                                                                                                                  
 
                                                                                                                                                                                
 
                                                                                                                                                                                Using kubectl to Access a Cluster
                                                                                                                                                                                After the SAN is modified, the original kubeconfig.json file becomes invalid. If you previously accessed the cluster using kubectl, you need to reconfigure the settings.
                                                                                                                                                                                
-
                                                                                                                                                                                1. Download the kubeconfig.json file again after the SAN is modified.
                                                                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                  2. On the Overview page, locate the Connection Information area, click Configure next to kubectl. On the page displayed, download the configuration file.
                                                                                                                                                                                  
+
                                                                                                                                                                                  1. Download the kubeconfig.json file again after the SAN is modified.
                                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                    2. On the Overview page, locate the Connection Information area, and click Configure next to kubectl. On the page displayed, download the configuration file.
                                                                                                                                                                                    
 
                                                                                                                                                                                  2. Configure kubectl.
                                                                                                                                                                                    1. Log in to your client and copy the kubeconfig.json file downloaded in 1 to the /home directory on your client.
                                                                                                                                                                                    2. Configure the kubectl authentication file.
                                                                                                                                                                                      cd /home
 mkdir -p $HOME/.kube
 mv -f kubeconfig.json $HOME/.kube/config
                                                                                                                                                                                      
@@ -30,7 +30,7 @@ To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
 
                                                                                                                                                                                    
 
                                                                                                                                                                                
 
                                                                                                                                                                                Using an X.509 Certificate to Access a Cluster
                                                                                                                                                                                After the SAN is modified, the original X.509 certificate becomes invalid. If you previously accessed the cluster using the X.509 certificate, you need to reconfigure the settings.
                                                                                                                                                                                
-
                                                                                                                                                                                1. After the SAN is modified, download the X.509 certificate again.
                                                                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                  2. On the Overview page, locate the Connection Information area, and click Download next to X.509 certificate.
                                                                                                                                                                                  3. In the Obtain Certificate dialog box displayed, select the certificate expiration time and download the X.509 certificate of the cluster as prompted.
                                                                                                                                                                                  
+
                                                                                                                                                                                  1. After the SAN is modified, download the X.509 certificate again.
                                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                    2. On the Overview page, locate the Connection Information area, and click Download next to X.509 certificate.
                                                                                                                                                                                    3. In the Obtain Certificate dialog box displayed, select the certificate expiration time and download the X.509 certificate of the cluster as prompted.
                                                                                                                                                                                    
 
                                                                                                                                                                                  2. Call Kubernetes native APIs using the cluster certificate.
                                                                                                                                                                                    For example, run the curl command to call an API to obtain the pod information. In the following information, example.com:5443 indicates the custom SAN.
                                                                                                                                                                                    
 
                                                                                                                                                                                    curl --cacert ./ca.crt --cert ./client.crt --key ./client.key  https://example.com:5443/api/v1/namespaces/default/pods/
                                                                                                                                                                                    
 
                                                                                                                                                                                    If the following information is displayed, the X.509 certificate is correctly configured and the API Server of the cluster is running properly:
                                                                                                                                                                                    
@@ -44,7 +44,7 @@ To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
 
                                                                                                                                                                                
 
                                                                                                                                                                                
 
                                                                                                                                                                                
-
                                                                                                                                                                                Parent topic: Connecting to a Cluster
                                                                                                                                                                                
+
                                                                                                                                                                                Parent topic: Accessing a Cluster
                                                                                                                                                                                
 
                                                                                                                                                                                
 
                                                                                                                                                                                
 
diff --git a/docs/cce/umn/cce_10_0373.html b/docs/cce/umn/cce_10_0373.html
index 6181a512b..5eec4ff6c 100644
--- a/docs/cce/umn/cce_10_0373.html
+++ b/docs/cce/umn/cce_10_0373.html
@@ -18,12 +18,12 @@ nginx_connections_reading 0
 
                                                                                                                                                                                
 
                                                                                                                                                                                Constraints
                                                                                                                                                                                • To use Prometheus to monitor custom metrics, the application needs to provide a metric monitoring API. For details, see Prometheus Monitoring Data Collection.
                                                                                                                                                                                • Currently, metrics in the kube-system and monitoring namespaces cannot be collected when pod and service annotations are used. To collect metrics in the two namespaces, use PodMonitor and ServiceMonitor.
                                                                                                                                                                                • The nginx/nginx-prometheus-exporter:0.9.0 image is pulled for the Nginx application. You need to add an EIP for the node where the application is deployed or upload the image to SWR to prevent application deployment failures.
                                                                                                                                                                                
 
                                                                                                                                                                                
-
                                                                                                                                                                                Installing and Accessing Cloud Native Cluster Monitoring
                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                2. In the navigation pane, choose Add-ons. On the displayed page, locate Cloud Native Cluster Monitoring and click Install. 
                                                                                                                                                                                  When installing this add-on, pay attention to the following configurations. Configure other parameters as required. For details, see Cloud Native Cluster Monitoring.
                                                                                                                                                                                  • For 3.8.0 or later, enable custom metric collection.
                                                                                                                                                                                    
+
                                                                                                                                                                                    Installing and Accessing Cloud Native Cluster Monitoring
                                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                    2. In the navigation pane, choose Add-ons. On the displayed page, locate Cloud Native Cluster Monitoring and click Install. 
                                                                                                                                                                                      When installing this add-on, pay attention to the following configurations. Configure other parameters as required. For details, see Cloud Native Cluster Monitoring.
                                                                                                                                                                                      • For 3.8.0 or later, enable custom metric collection.
                                                                                                                                                                                        
 
                                                                                                                                                                                        
 
                                                                                                                                                                                      • For 3.8.0 or earlier, do not enable custom metric collection.
                                                                                                                                                                                      
 
                                                                                                                                                                                      
 
                                                                                                                                                                                    3. After this add-on is installed, deploy workloads and Services. The Prometheus server will be deployed as a StatefulSet in the monitoring namespace.
                                                                                                                                                                                      You can create a public network LoadBalancer Service so that Prometheus can be accessed from external networks.
                                                                                                                                                                                      
-
                                                                                                                                                                                      1. Log in to the CCE console and click the name of the cluster with Prometheus installed to access the cluster console. In the navigation pane, choose Services & Ingresses.
                                                                                                                                                                                      2. Click Create from YAML in the upper right corner to create a public network LoadBalancer Service.
                                                                                                                                                                                        apiVersion: v1
+
                                                                                                                                                                                        1. Log in to the CCE console and click the name of the cluster with Prometheus installed to access the cluster console. In the navigation pane, choose Services & Ingresses.
                                                                                                                                                                                        2. Click Create from YAML in the upper right corner to create a public network LoadBalancer Service.
                                                                                                                                                                                          apiVersion: v1
 kind: Service
 metadata:
   name: prom-lb     # Service name, which is customizable.
@@ -43,7 +43,7 @@ spec:
     app.kubernetes.io/name: prometheus
     prometheus: server
   type: LoadBalancer
                                                                                                                                                                                          
-
                                                                                                                                                                                        3. After the Service is created, enter Public IP address of the load balancer:Service port in the address box of the browser to access Prometheus.
                                                                                                                                                                                        
+
                                                                                                                                                                                      3. After the Service is created, enter {public IP address of the load balancer}:{Service port} in the address box of the browser to access Prometheus.
                                                                                                                                                                                      
 
                                                                                                                                                                                    
 
                                                                                                                                                                                    
 
                                                                                                                                                                                    Preparing an Application
                                                                                                                                                                                    User-developed applications must provide a metric monitoring API, and the monitoring data must comply with the Prometheus specifications. For details, see Prometheus Monitoring Data Collection.
                                                                                                                                                                                    
@@ -87,12 +87,12 @@ ADD nginx.conf /etc/nginx/nginx.conf
 EXPOSE 80
 CMD ["nginx", "-g", "daemon off;"]
 
                                                                                                                                                                                    
-
                                                                                                                                                                                  • Use this Dockerfile to create an image and upload it to SWR. The image name is nginx:exporter. 
                                                                                                                                                                                    1. In the navigation pane, choose My Images. In the upper right corner, click Upload Through Client. In the displayed dialog box, click Generate a temporary login command. Then, click  to copy the command.
                                                                                                                                                                                    2. Run the login command copied in the previous step on the node. If the login is successful, the message "Login Succeeded" is displayed.
                                                                                                                                                                                    3. Run the following command to build an image named nginx. The image version is exporter.
                                                                                                                                                                                      docker build -t nginx:exporter .
                                                                                                                                                                                      
+
                                                                                                                                                                                    4. Use this Dockerfile to create an image and upload it to SWR. The image name is nginx:exporter. 
                                                                                                                                                                                      1. In the navigation pane, choose My Images. In the upper right corner, click Upload Through Client. In the displayed dialog box, click Generate a temporary login command. Then, click  to copy the command.
                                                                                                                                                                                      2. Run the login command copied in the previous step on the node. If the login is successful, the message "Login Succeeded" is displayed.
                                                                                                                                                                                      3. Run the following command to build an image named nginx. The image version is exporter.
                                                                                                                                                                                        docker build -t nginx:exporter .
                                                                                                                                                                                        
 
                                                                                                                                                                                      4. Tag the image and upload it to the image repository. Change the image repository address and organization name based on your requirements.
                                                                                                                                                                                        docker tag nginx:exporter {swr-address}/{group}/nginx:exporter
 docker push {swr-address}/{group}/nginx:exporter
                                                                                                                                                                                        
 
                                                                                                                                                                                      
-
                                                                                                                                                                                    5. View application metrics.
                                                                                                                                                                                      1. Use nginx:exporter to create a workload.
                                                                                                                                                                                      2. Log in to the container and obtain the Nginx monitoring data through http://<ip_address>:8080/stub_status. <ip_address> indicates the IP address of the container.
                                                                                                                                                                                        curl http://127.0.0.1:8080/stub_status
                                                                                                                                                                                        
-
                                                                                                                                                                                        The command output is as follows:
                                                                                                                                                                                        
+
                                                                                                                                                                                      3. View application metrics.
                                                                                                                                                                                        1. Use nginx:exporter to create a workload.
                                                                                                                                                                                        2. Log in to the container and use http://<ip_address>:8080/stub_status to obtain nginx monitoring data. <ip_address> indicates the IP address of the container.
                                                                                                                                                                                          curl http://127.0.0.1:8080/stub_status
                                                                                                                                                                                          
+
                                                                                                                                                                                          Information similar to the following is displayed:
                                                                                                                                                                                          
 
                                                                                                                                                                                          Active connections: 3 
 server accepts handled requests
  146269 146269 212 
diff --git a/docs/cce/umn/cce_10_0374.html b/docs/cce/umn/cce_10_0374.html
index 48294711d..e6ffe6bb0 100644
--- a/docs/cce/umn/cce_10_0374.html
+++ b/docs/cce/umn/cce_10_0374.html
@@ -5,25 +5,25 @@
 
                                                                                                                                                                                  
 
diff --git a/docs/cce/umn/cce_10_0377.html b/docs/cce/umn/cce_10_0377.html
index 6b523987f..51d589f2a 100644
--- a/docs/cce/umn/cce_10_0377.html
+++ b/docs/cce/umn/cce_10_0377.html
@@ -4,8 +4,8 @@
 
                                                                                                                                                                                  hostPath is used for mounting the file directory of the host where the container is located to the specified mount point of the container. If the container needs to access /etc/hosts, use hostPath to map /etc/hosts.
                                                                                                                                                                                  
 
                                                                                                                                                                                   
                                                                                                                                                                                  • Avoid using hostPath volumes as much as possible, as they are prone to security risks. If hostPath volumes must be used, they can only be applied to files or directories and mounted in read-only mode.
                                                                                                                                                                                  • After the pod to which a hostPath volume is mounted is deleted, the data in the hostPath volume is retained.
                                                                                                                                                                                  
 
                                                                                                                                                                                  
-
                                                                                                                                                                                  Mounting a hostPath Volume on the Console
                                                                                                                                                                                  You can mount a path on the host to a specified container path. A hostPath volume is usually used to store workload logs permanently or used by workloads that need to access internal data structure of the Docker engine on the host.
                                                                                                                                                                                  
-
                                                                                                                                                                                  1. Log in to the CCE console.
                                                                                                                                                                                  2. When creating a workload, click Data Storage in the Container Information area under Container Settings and choose Add Volume > hostPath.
                                                                                                                                                                                  3. Set parameters for adding a local volume, as listed in Table 1.
                                                                                                                                                                                    
+
                                                                                                                                                                                    Using a hostPath Through the Console
                                                                                                                                                                                    You can mount a path on the host to a specified container path. A hostPath volume is usually used to store workload logs permanently or used by workloads that need to access internal data structure of the Docker engine on the host.
                                                                                                                                                                                    
+
                                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                    2. When creating a workload, click Data Storage in the Container Information area under Container Settings and choose Add Volume > hostPath.
                                                                                                                                                                                    3. Set parameters for adding a local volume, as listed in Table 1.
                                                                                                                                                                                      
 
                                                                                                                                                                                      Table 1 Setting parameters for mounting a hostPath volume
                                                                                                                                                                                      Parameter
                                                                                                                                                                                      
                                                                                                                                                                                       		
 
                                                                                                                                                                                      Description
                                                                                                                                                                                      
@@ -49,7 +49,7 @@
 
 
                                                                                                                                                                                    4. After the configuration, click Create Workload.
                                                                                                                                                                                      5. 
 
-
                                                                                                                                                                                      Mounting a hostPath Volume Through kubectl
                                                                                                                                                                                      1. Use kubectl to access the cluster.
                                                                                                                                                                                      2. Create a file named nginx-hostpath.yaml and edit it.
                                                                                                                                                                                        vi nginx-hostpath.yaml
                                                                                                                                                                                        
+
                                                                                                                                                                                        Using a hostPath Through kubectl
                                                                                                                                                                                        1. Use kubectl to access the cluster.
                                                                                                                                                                                        2. Create a file named nginx-hostpath.yaml and edit it.
                                                                                                                                                                                          vi nginx-hostpath.yaml
                                                                                                                                                                                          
 
                                                                                                                                                                                          The content of the YAML file is as follows. Mount the /data directory on the node to the /data directory in the container.
                                                                                                                                                                                          
 
                                                                                                                                                                                          apiVersion: apps/v1
 kind: Deployment
diff --git a/docs/cce/umn/cce_10_0378.html b/docs/cce/umn/cce_10_0378.html
index a93ea5048..19111b220 100644
--- a/docs/cce/umn/cce_10_0378.html
+++ b/docs/cce/umn/cce_10_0378.html
@@ -5,7 +5,7 @@
 
                                                                                                                                                                                          1. When a container is rebuilt, files in the container will be lost.
                                                                                                                                                                                          2. When multiple containers run in a pod at the same time, files need to be shared among the containers.
                                                                                                                                                                                          
 
                                                                                                                                                                                          Kubernetes volumes resolve both of these problems. Volumes, as part of a pod, cannot be created independently and can only be defined in pods. All containers in a pod can access its volumes, but the volumes must have been mounted to any directory in a container.
                                                                                                                                                                                          
 
                                                                                                                                                                                          The following figure shows how a storage volume is used between containers in a pod.
                                                                                                                                                                                          
-
                                                                                                                                                                                          
+
                                                                                                                                                                                          
 
                                                                                                                                                                                          The basic principles for using volumes are as follows:
                                                                                                                                                                                          
 
                                                                                                                                                                                          • Multiple volumes can be mounted to a pod. However, do not mount too many volumes to a pod.
                                                                                                                                                                                          • Multiple types of volumes can be mounted to a pod.
                                                                                                                                                                                          • Each volume mounted to a pod can be shared among containers in the pod.
                                                                                                                                                                                          • You are advised to use PVCs and PVs to mount volumes for Kubernetes.
                                                                                                                                                                                          
 
                                                                                                                                                                                           
                                                                                                                                                                                          The lifecycle of a volume is the same as that of the pod to which the volume is mounted. When the pod is deleted, the volume is also deleted. However, files in the volume may outlive the volume, depending on the volume type.
                                                                                                                                                                                          
@@ -37,7 +37,7 @@
 
                                                                                                                                                                                          PV and PVC
                                                                                                                                                                                          Kubernetes provides PersistentVolumes (PVs) and PersistentVolumeClaims (PVCs) to abstract details of how storage is provided from how it is consumed. You can request specific size of storage when needed, just like pods can request specific levels of resources (CPU and memory).
                                                                                                                                                                                          
 
                                                                                                                                                                                          • PV: describes a persistent storage volume in a cluster. A PV is a cluster-level resource just like a node. It applies to the entire Kubernetes cluster. A PV has a lifecycle independent of any individual Pod that uses the PV.
                                                                                                                                                                                          • PVC: describes a request for storage by a user. When configuring storage for an application, claim a storage request (that is, PVC). Kubernetes selects a PV that best meets the request and binds the PV to the PVC. A PVC to PV binding is a one-to-one mapping. When creating a PVC, describe the attributes of the requested persistent storage, such as the storage size and read/write permission.
                                                                                                                                                                                          
 
                                                                                                                                                                                          You can bind PVCs to PVs in a pod so that the pod can use storage resources. The following figure shows the relationship between PVs and PVCs.
                                                                                                                                                                                          
-
                                                                                                                                                                                          Figure 1 PVC-to-PV binding
                                                                                                                                                                                          
+
                                                                                                                                                                                          Figure 1 PVC-to-PV binding
                                                                                                                                                                                          
 
                                                                                                                                                                                          
 
                                                                                                                                                                                          CSI
                                                                                                                                                                                          CSI is a standard for container storage interfaces and a storage plugin implementation solution recommended by the Kubernetes community. CCE Container Storage (Everest) is a storage add-on developed based on CSI. It provides different types of persistent storage for containers.
                                                                                                                                                                                          
 
                                                                                                                                                                                          
@@ -92,7 +92,7 @@
 
                                                                                                                                                                                          
 
                                                                                                                                                                                          
 
                                                                                                                                                                                          Mounting a Storage Volume
                                                                                                                                                                                          You can mount volumes in the following ways:
                                                                                                                                                                                          
-
                                                                                                                                                                                          Use PVs to describe existing storage resources, and then create PVCs to use the storage resources in pods. You can also use the dynamic creation mode. That is, specify the StorageClass when creating a PVC and use the provisioner in the StorageClass to automatically create a PV and bind the PV to the PVC.
                                                                                                                                                                                          
+
                                                                                                                                                                                          Use PVs to describe existing storage resources, and then create PVCs to use the storage resources in pods. You can also use the dynamic creation mode. That is, specify the StorageClasses when creating a PVC and use the provisioner in the StorageClass to automatically create a PV and bind the PV to the PVC.
                                                                                                                                                                                          
 
 
                                                                                                                                                                                          
@@ -104,18 +104,20 @@
 
-
-
-
-
@@ -124,7 +126,8 @@
 
-
@@ -138,7 +141,7 @@
 
                                                                                                                                                                                          PV Reclaim Policy
                                                                                                                                                                                          A PV reclaim policy is used to delete or reclaim underlying volumes when a PVC is deleted. The value can be Delete or Retain.
                                                                                                                                                                                          
 
                                                                                                                                                                                          • Delete: Deleting a PVC will remove the PV from Kubernetes, and the associated underlying storage assets will also be removed from the external infrastructure.
                                                                                                                                                                                          • Retain: When a PVC is deleted, both the PV and underlying storage resources will be retained. You need to manually delete these resources. After the PVC is deleted, the PV is in the Released state and cannot be bound to a PVC again.
                                                                                                                                                                                            You can manually delete and reclaim volumes by performing the following operations:
                                                                                                                                                                                            
 
                                                                                                                                                                                            1. Delete the PV.
                                                                                                                                                                                            2. Clear data on the associated underlying storage resources as required.
                                                                                                                                                                                            3. Delete the associated underlying storage resources.
                                                                                                                                                                                            
-
                                                                                                                                                                                            To reuse the underlying storage resources, create a PV.
                                                                                                                                                                                            
+
                                                                                                                                                                                            If you want to continue using the underlying storage resources, delete the existing PV first. Then, create a new PV and PVC and associate them with the underlying storage resources.
                                                                                                                                                                                            
 
                                                                                                                                                                                          
 
                                                                                                                                                                                          CCE also allows you to delete a PVC without deleting underlying storage resources. This function can be achieved only by using a YAML file: Set the PV reclaim policy to Delete and add everest.io/reclaim-policy: retain-volume-only to annotations. In this way, when the PVC is deleted, the PV is deleted, but the underlying storage resources are retained.
                                                                                                                                                                                          
 
                                                                                                                                                                                          The following YAML file takes EVS as an example:
                                                                                                                                                                                          apiVersion: v1
@@ -170,8 +173,8 @@ metadata:
     everest.io/reclaim-policy: retain-volume-only
   name: pv-evs-test
   labels:
-    failure-domain.beta.kubernetes.io/region: <your_region>   # Region of the node where the application is to be deployed
-    failure-domain.beta.kubernetes.io/zone: <your_zone>       # AZ of the node where the application is to be deployed
+    failure-domain.beta.kubernetes.io/region: <your_region>   # Region of the node where the application is to be deployed
+    failure-domain.beta.kubernetes.io/zone: <your_zone>       # AZ of the node where the application is to be deployed
 spec:
   accessModes:
     - ReadWriteOnce
@@ -189,7 +192,97 @@ spec:
   storageClassName: csi-disk
                                                                                                                                                                                          
 
                                                                                                                                                                                          
 
                                                                                                                                                                                          
-
                                                                                                                                                                                          Documentation
                                                                                                                                                                                          • For more information about Kubernetes storage, see Storage.
                                                                                                                                                                                          • For more information about CCE container storage, see Overview.
                                                                                                                                                                                          
+
                                                                                                                                                                                          StorageClasses
                                                                                                                                                                                          StorageClasses are resource objects that define storage types in Kubernetes. They enable dynamic provisioning of storage volumes. Once you modify the parameter settings of a StorageClass, it can automatically provision and adjust storage resources based on service requirements. When you specify a StorageClass name (StorageClassName) in a PVC, Kubernetes will automatically provision a PV and the underlying storage resources based on the requirements declared in the PVC. If no matching PV is found in the cluster, Kubernetes will call the target provisioner specified in the StorageClass to create a new PV and storage resources. This simplifies the process of manually creating and maintaining PVs. The StorageClass defines default parameters for storage provisioning. If there are conflicts between the StorageClass settings and the PVC settings, the PVC settings will take precedence.
                                                                                                                                                                                          
+
                                                                                                                                                                                          The following table lists default StorageClasses offered by CCE. These default StorageClasses cannot be modified. If the default StorageClasses cannot meet your service requirements, you can create a new StorageClass and set parameters such as the reclaim policy and binding mode. For details, see Customizing a StorageClass.
                                                                                                                                                                                          
+
+
                                                                                                                                                                                          Table 2 Modes of mounting volumes
                                                                                                                                                                                          Mount Mode
                                                                                                                                                                                          
                                                                                                                                                                                           		
 
                                                                                                                                                                                          
 
                                                                                                                                                                                          Statically creating storage volume (using existing storage)
                                                                                                                                                                                          
+
                                                                                                                                                                                          Statically creating a storage volume (using existing storage)
                                                                                                                                                                                          
 
                                                                                                                                                                                          Use existing storage (such as EVS disks and SFS file systems) to create PVs and mount the PVs to the workload through PVCs. Kubernetes binds PVCs to the matching PVs so that workloads can access storage services.
                                                                                                                                                                                          
+
                                                                                                                                                                                          You can manually create PVs and PVCs using existing storage resources, such as EVS disks or SFS file systems. Kubernetes automatically matches and binds the PVC to a suitable PV based on the resource requirements specified in the PVC. Once bound, the PVC can be mounted to a workload, enabling the workload to access the storage resources for persistent data storage.
                                                                                                                                                                                          
+
                                                                                                                                                                                          If the PV's access mode is ReadWriteOnce, the workload can only run on a single pod.
                                                                                                                                                                                          
                                                                                                                                                                                           		
 
                                                                                                                                                                                          All volumes
                                                                                                                                                                                          
                                                                                                                                                                                           		
 
                                                                                                                                                                                          None
                                                                                                                                                                                          
                                                                                                                                                                                           		
 
                                                                                                                                                                                          Dynamically creating storage volumes (automatically creating storage)
                                                                                                                                                                                          
+
                                                                                                                                                                                          Dynamically creating a storage volume (automatically creating storage)
                                                                                                                                                                                          
 
                                                                                                                                                                                          Specify a StorageClass for a PVC. The storage provisioner creates underlying storage media as required to automatically create PVs and directly bind the PV to the PVC.
                                                                                                                                                                                          
+
                                                                                                                                                                                          You can specify a StorageClass in a PVC. The storage provisioner will then dynamically create the underlying storage resources and a PV based on the resource requirements declared in the PVC. The PV is automatically bound to the PVC, enabling automatic provisioning of storage resources.
                                                                                                                                                                                          
+
                                                                                                                                                                                          If the PV's access mode is ReadWriteOnce, the workload can only run on a single pod.
                                                                                                                                                                                          
                                                                                                                                                                                           		
 
                                                                                                                                                                                          EVS, OBS, SFS, and local PV
                                                                                                                                                                                          
 
                                                                                                                                                                                          
 
                                                                                                                                                                                          Dynamic mounting (VolumeClaimTemplate)
                                                                                                                                                                                          
 
                                                                                                                                                                                          Achieved by using the volumeClaimTemplates field and depends on the dynamic PV creation capability of StorageClass. In this mode, each pod is associated with a unique PVC and PV. After a pod is rescheduled, the original data can still be mounted to it based on the PVC name.
                                                                                                                                                                                          
+
                                                                                                                                                                                          Dynamic mounting is achieved using volumeClaimTemplates and relies on the dynamic PV creation capability of the specified StorageClass. In this mode, each pod is associated with a unique PVC and PV. When a pod is rescheduled, it can still mount the original data based on the PVC name.
                                                                                                                                                                                          
+
                                                                                                                                                                                          Even if the PV's access mode is ReadWriteOnce, the workload can still run on multiple pods.
                                                                                                                                                                                          
                                                                                                                                                                                           		
 
                                                                                                                                                                                          EVS and local PV
                                                                                                                                                                                          
 
                                                                                                                                                                                          
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                          Table 3 Default StorageClasses
                                                                                                                                                                                          StorageClass Name
                                                                                                                                                                                          
+
                                                                                                                                                                                          Storage Type
                                                                                                                                                                                          
+
                                                                                                                                                                                          Provisioner
                                                                                                                                                                                          
+
                                                                                                                                                                                          Reclaim Policy
                                                                                                                                                                                          
+
                                                                                                                                                                                          Binding
                                                                                                                                                                                          
+
                                                                                                                                                                                          Capacity Expansion
                                                                                                                                                                                          
+
                                                                                                                                                                                          csi-disk
                                                                                                                                                                                          
+
                                                                                                                                                                                          EVS
                                                                                                                                                                                          
+
                                                                                                                                                                                          everest-csi-provisioner
                                                                                                                                                                                          
+
                                                                                                                                                                                          Delete
                                                                                                                                                                                          
+
                                                                                                                                                                                          Immediate
                                                                                                                                                                                          
+
                                                                                                                                                                                          Supported
                                                                                                                                                                                          
+
                                                                                                                                                                                          csi-disk-topology
                                                                                                                                                                                          
+
                                                                                                                                                                                          EVS disk created with a delay
                                                                                                                                                                                          
+
                                                                                                                                                                                          everest-csi-provisioner
                                                                                                                                                                                          
+
                                                                                                                                                                                          Delete
                                                                                                                                                                                          
+
                                                                                                                                                                                          WaitForFirstConsumer
                                                                                                                                                                                          
+
                                                                                                                                                                                          Supported
                                                                                                                                                                                          
+
                                                                                                                                                                                          csi-nas
                                                                                                                                                                                          
+
                                                                                                                                                                                          SFS Capacity-Oriented
                                                                                                                                                                                          
+
                                                                                                                                                                                          everest-csi-provisioner
                                                                                                                                                                                          
+
                                                                                                                                                                                          Delete
                                                                                                                                                                                          
+
                                                                                                                                                                                          Immediate
                                                                                                                                                                                          
+
                                                                                                                                                                                          Supported
                                                                                                                                                                                          
+
                                                                                                                                                                                          csi-sfsturbo
                                                                                                                                                                                          
+
                                                                                                                                                                                          SFS Turbo
                                                                                                                                                                                          
+
                                                                                                                                                                                          everest-csi-provisioner
                                                                                                                                                                                          
+
                                                                                                                                                                                          Delete
                                                                                                                                                                                          
+
                                                                                                                                                                                          Immediate
                                                                                                                                                                                          
+
                                                                                                                                                                                          Supported
                                                                                                                                                                                          
+
                                                                                                                                                                                          csi-obs
                                                                                                                                                                                          
+
                                                                                                                                                                                          OBS
                                                                                                                                                                                          
+
                                                                                                                                                                                          everest-csi-provisioner
                                                                                                                                                                                          
+
                                                                                                                                                                                          Delete
                                                                                                                                                                                          
+
                                                                                                                                                                                          Immediate
                                                                                                                                                                                          
+
                                                                                                                                                                                          Not supported
                                                                                                                                                                                          
+
                                                                                                                                                                                          
+
                                                                                                                                                                                          
+
                                                                                                                                                                                          The parameters in Table 3 are as follows:
                                                                                                                                                                                          
+
                                                                                                                                                                                          • Storage Type: The underlying storage type created by the StorageClass.
                                                                                                                                                                                          • Provisioner: The storage resource provisioner.
                                                                                                                                                                                          • Reclaim Policy: The policy for reclaiming the underlying storage when the PVC is deleted. For details, see PV Reclaim Policy.
                                                                                                                                                                                          • Binding Mode: How a volume is bound when a PV is dynamically created. The value can be Immediate or WaitForFirstConsumer.
                                                                                                                                                                                            • Immediate: When a PVC is created, the storage resources and PV are created and bound to the PVC immediately, without delay.
                                                                                                                                                                                            • WaitForFirstConsumer: When a PVC is created, it is not immediately bound to a PV. Instead, the storage resources and PV are created and bound to the PVC only after the pod that requires the PVC is scheduled.
                                                                                                                                                                                            
+
                                                                                                                                                                                          • Capacity Expansion: Whether the PV created using the StorageClass supports dynamic capacity expansion.
                                                                                                                                                                                          
+
                                                                                                                                                                                          
+
                                                                                                                                                                                          For more information about the default StorageClasses, see Accessing a Cluster Using kubectl. Run kubectl describe sc <storageclass-name> for detailed information.
                                                                                                                                                                                          
+
                                                                                                                                                                                          Helpful Links
                                                                                                                                                                                          • For more information about Kubernetes storage, see Storage.
                                                                                                                                                                                          • For more information about CCE container storage, see Storage Overview.
                                                                                                                                                                                          
 
                                                                                                                                                                                          
 
                                                                                                                                                                                        
 
                                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_10_0379.html b/docs/cce/umn/cce_10_0379.html
index 45f9917c0..bf819ed95 100644
--- a/docs/cce/umn/cce_10_0379.html
+++ b/docs/cce/umn/cce_10_0379.html
@@ -4,11 +4,11 @@
 
                                                                                                                                                                                        This section describes how to use an existing Object Storage Service (OBS) bucket to statically create PVs and PVCs for data persistence and sharing in workloads.
                                                                                                                                                                                        
 
                                                                                                                                                                                        Prerequisites
                                                                                                                                                                                        
 
                                                                                                                                                                                        
-
                                                                                                                                                                                        Notes and Constraints
                                                                                                                                                                                        • If OBS volumes are used, the owner group and permission of the mount point cannot be modified.
                                                                                                                                                                                        • Every time an OBS volume is mounted to a workload through a PVC, a resident process is created in the backend. When a workload uses too many OBS volumes or reads and writes a large number of object storage files, resident processes will consume a significant amount of memory. To ensure stable running of the workload, make sure that the number of OBS volumes used does not exceed the requested memory. For example, if the workload requests for 4 GiB of memory, the number of OBS volumes should be no more than 4.
                                                                                                                                                                                        • Secure containers do not support OBS volumes.
                                                                                                                                                                                        • Hard links are not supported when common buckets are mounted.
                                                                                                                                                                                        
-
                                                                                                                                                                                        • Multiple PVs can use the same OBS storage volume with the following restrictions:
                                                                                                                                                                                          • Do not mount multiple PVCs or PVs that use the same underlying OBS volume to a single pod. Doing so will cause pod startup failures, as not all PVCs can be mounted due to identical volumeHandle value.
                                                                                                                                                                                          • The persistentVolumeReclaimPolicy parameter in the PVs must be set to Retain. Otherwise, when a PV is deleted, the associated underlying volume may be deleted. In this case, other PVs associated with the underlying volume malfunction.
                                                                                                                                                                                          • If underlying storage is repeatedly used, you are required to maintain data consistency. Enable isolation and protection for ReadWriteMany at the application layer and prevent multiple clients from writing the same file to prevent data overwriting and loss.
                                                                                                                                                                                          
+
                                                                                                                                                                                          Notes and Constraints
                                                                                                                                                                                          • If OBS volumes are used, the owner group and permission of the mount point cannot be modified.
                                                                                                                                                                                          • Every time an OBS volume is mounted to a workload through a PVC, a resident process is created in the backend. When a workload uses too many OBS volumes or reads and writes a large number of object storage files, resident processes will consume a significant amount of memory. To ensure stable running of the workload, make sure that the number of OBS volumes used does not exceed the requested memory. For example, if the workload requests for 4 GiB of memory, the number of OBS volumes should be no more than 4.
                                                                                                                                                                                          • Secure containers do not support OBS volumes.
                                                                                                                                                                                          • Hard links are not supported when common buckets are mounted.
                                                                                                                                                                                          • Read-only is not supported when an OBS PVC is mounted to a workload.
                                                                                                                                                                                          
+
                                                                                                                                                                                          • Multiple PVs can use the same OBS storage volume with the following restrictions:
                                                                                                                                                                                            • Do not mount multiple PVCs or PVs that use the same underlying OBS volume to a single pod. Doing so will cause pod startup failures, as not all PVCs can be mounted due to identical volumeHandle value.
                                                                                                                                                                                            • The persistentVolumeReclaimPolicy parameter in the PVs must be set to Retain. Otherwise, when a PV is deleted, the associated underlying volume may be deleted. In this case, other PVs associated with the underlying volume malfunction.
                                                                                                                                                                                            • If underlying storage is repeatedly used, you are required to maintain data consistency. Enable application-layer isolation and protection for ReadWriteMany to prevent multiple clients from writing to the same file, thereby avoiding data overwriting and loss.
                                                                                                                                                                                            
 
                                                                                                                                                                                          
 
                                                                                                                                                                                          
-
                                                                                                                                                                                          Using an Existing OBS Bucket on the Console
                                                                                                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                          2. Statically create a PVC and PV.
                                                                                                                                                                                            1. Choose Storage in the navigation pane. In the right pane, click the PVCs tab. Click Create PVC in the upper right corner. In the dialog box displayed, configure PVC parameters.
+
                                                                                                                                                                                              Using an Existing OBS Bucket Through the Console
                                                                                                                                                                                              1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                              2. Statically create a PVC and PV.
                                                                                                                                                                                                1. Choose Storage in the navigation pane. In the right pane, click the PVCs tab. Click Create PVC in the upper right corner. In the dialog box displayed, configure PVC parameters.
 
                                                                                                                                                                                                  Parameter
                                                                                                                                                                                                  
                                                                                                                                                                                                   		
 
                                                                                                                                                                                                  Description
                                                                                                                                                                                                  
@@ -28,7 +28,7 @@
 
                                                                                                                                                                                                  Creation Method
                                                                                                                                                                                                  
                                                                                                                                                                                                   		
 
                                                                                                                                                                                                  • If underlying storage is available, create a PV or use an existing PV to statically create a PVC.
                                                                                                                                                                                                  • If no underlying storage is available, select Dynamically provision. For details, see Using an OBS Bucket Through a Dynamic PV.
                                                                                                                                                                                                  
-
                                                                                                                                                                                                  In this example, select Create new to create both a PV and PVC on the console.
                                                                                                                                                                                                  
+
                                                                                                                                                                                                  In this example, select Create new to create both a PV and PVC on the console.
                                                                                                                                                                                                  
                                                                                                                                                                                                   		
 
                                                                                                                                                                                                  
 
                                                                                                                                                                                                  PVa
                                                                                                                                                                                                  
@@ -75,11 +75,11 @@
 
                                                                                                                                                                                                  
 
                                                                                                                                                                                                  
 
                                                                                                                                                                                                   
                                                                                                                                                                                                  a: The parameter is available when Creation Method is set to Use existing.
                                                                                                                                                                                                  
-
                                                                                                                                                                                                  b: The parameter is available when Creation Method is set to Create new.
                                                                                                                                                                                                  
+
                                                                                                                                                                                                  b: The parameter is available when Creation Method is set to Create new.
                                                                                                                                                                                                  
 
                                                                                                                                                                                                  
 
                                                                                                                                                                                                2. Click Create to create a PVC and a PV.
                                                                                                                                                                                                  You can choose Storage in the navigation pane and view the created PVC and PV on the PVCs and PVs tab pages, respectively.
                                                                                                                                                                                                  
 
                                                                                                                                                                                                
-
                                                                                                                                                                                              3. Create an application.
                                                                                                                                                                                                1. Choose Workloads in the navigation pane. In the right pane, click the Deployments tab.
                                                                                                                                                                                                2. Click Create Workload in the upper right corner. On the displayed page, click Data Storage in the Container Information area under Container Settings and choose Add Volume > PVC.
                                                                                                                                                                                                  Mount and use storage volumes, as shown in Table 1. For details about other parameters, see Workloads.
+
                                                                                                                                                                                                3. Create an application.
                                                                                                                                                                                                  1. Choose Workloads in the navigation pane. In the right pane, click the Deployments tab.
                                                                                                                                                                                                  2. Click Create Workload in the upper right corner. On the displayed page, click Data Storage in the Container Information area under Container Settings and choose Add Volume > PVC.
                                                                                                                                                                                                    Mount and use storage volumes. For details about the parameters, see Table 1. For other parameters, see Workloads.
 
                                                                                                                                                                                                    
-
@@ -439,7 +439,7 @@ static
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    
-
                                                                                                                                                                                                    Parent topic: Object Storage Service
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    Parent topic: OBS
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    
 
diff --git a/docs/cce/umn/cce_10_0380.html b/docs/cce/umn/cce_10_0380.html
index f1d8b6160..0d7923f2f 100644
--- a/docs/cce/umn/cce_10_0380.html
+++ b/docs/cce/umn/cce_10_0380.html
@@ -1,471 +1,652 @@
 
 
-
                                                                                                                                                                                                    StorageClass
                                                                                                                                                                                                    
-
                                                                                                                                                                                                    Introduction
                                                                                                                                                                                                    A StorageClass in Kubernetes is a resource that categorizes storage types in a cluster. It can also serve as a configuration template for creating PVs. When creating a PVC or PV, you must specify a StorageClass. This resource object defines the storage mode and configuration parameters for dynamic volume provisioning, such as volume type, access mode, and volume lifecycle policy.
                                                                                                                                                                                                    
-
                                                                                                                                                                                                    When creating a PVC, you only need to specify the StorageClassName. Kubernetes will then automatically create the PVs and underlying storage based on the StorageClass. This greatly reduces the need for manual creation and maintenance of PVs.
                                                                                                                                                                                                    
-
                                                                                                                                                                                                    In addition to the default StorageClasses provided by CCE, you can customize StorageClasses. For details, see Application Scenarios of Custom Storage.
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    Customizing a StorageClass
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    StorageClasses are resource objects that define storage types in Kubernetes. They enable dynamic provisioning of storage volumes. Once you modify the parameter settings of a StorageClass, it can automatically provision and adjust storage resources based on service requirements. When you specify a StorageClass name (StorageClassName) in a PVC, Kubernetes will automatically provision a PV and the underlying storage resources based on the requirements declared in the PVC. If no matching PV is found in the cluster, Kubernetes will call the target provisioner specified in the StorageClass to create a new PV and storage resources. This simplifies the process of manually creating and maintaining PVs. The StorageClass defines default parameters for storage provisioning. If there are conflicts between the StorageClass settings and the PVC settings, the PVC settings will take precedence.
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    If CCE's default StorageClasses (listed in Table 3) do not meet your service needs, you can customize StorageClasses by setting parameters such as reclaim policies and binding modes.
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    Prerequisites
                                                                                                                                                                                                    CCE Container Storage (Everest) is installed and running. For details, see CCE Container Storage (Everest).
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    
-
                                                                                                                                                                                                    Creating a StorageClass Using the CCE Console
                                                                                                                                                                                                     
                                                                                                                                                                                                    The Everest add-on must be in the running state in the target cluster.
                                                                                                                                                                                                    
-
                                                                                                                                                                                                    
-
                                                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                    2. Choose Storage in the navigation pane. In the right pane, click the Storage Classes tab. Click Create Storage Class in the upper right corner. In the dialog box displayed, configure parameters.
                                                                                                                                                                                                      
-
                                                                                                                                                                                                    Table 1 Mounting a storage volume
                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                    
                                                                                                                                                                                                     		
 
                                                                                                                                                                                                    Description
                                                                                                                                                                                                    
@@ -130,7 +130,7 @@ spec:
   accessModes:
   - ReadWriteMany    # Access mode. The value must be ReadWriteMany for OBS.
   capacity:
-    storage: 1Gi     # OBS volume capacity
+    storage: 1Gi     # Storage capacity. This parameter is only for verification. It must not be empty or 0, but the specified size will not take effect.
   csi:
     driver: obs.csi.everest.io        # Dependent storage driver for the mounting
     fsType: obsfs                     # Instance type
@@ -220,7 +220,7 @@ spec:
 
                                                                                                                                                                                                    The Delete and Retain reclaim policies are supported. For details, see PV Reclaim Policy. If multiple PVs use the same OBS volume, use Retain to prevent the underlying volume from being deleted with a PV.
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    Delete:
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    • If everest.io/reclaim-policy is not specified, both the PV and storage resources will be deleted when a PVC is deleted.
                                                                                                                                                                                                    • If everest.io/reclaim-policy is set to retain-volume-only, when a PVC is deleted, the PV will be deleted but the storage resources will be retained.
                                                                                                                                                                                                    
-
                                                                                                                                                                                                    Retain: When a PVC is deleted, both the PV and underlying storage resources will be retained. You need to manually delete these resources. After the PVC is deleted, the PV is in the Released state and cannot be bound to a PVC again.
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    Retain: When a PVC is deleted, both the PV and underlying storage resources will be retained. You need to manually delete these resources. After the PVC is deleted, the PV is in the Released state and cannot be bound to a PVC again. If you want to continue to use the underlying storage resources, delete the PV first. Then create another PV and PVC and associate them with the underlying storage resources.
                                                                                                                                                                                                    
 
 
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    storage
                                                                                                                                                                                                    
@@ -228,7 +228,7 @@ spec:
 
                                                                                                                                                                                                    Yes
                                                                                                                                                                                                    
                                                                                                                                                                                                     		
 
                                                                                                                                                                                                    Storage capacity, in Gi.
                                                                                                                                                                                                    
-
                                                                                                                                                                                                    For OBS, this parameter is used only for verification (cannot be empty or 0). Its value is fixed at 1, and any value you set does not take effect for OBS.
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    For OBS, this parameter is only for verification. It must not be empty or 0, and its value is fixed at 1Gi. Any value you set will not take effect.
                                                                                                                                                                                                    
                                                                                                                                                                                                     		
 
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    storageClassName
                                                                                                                                                                                                    
@@ -290,7 +290,7 @@ spec:
 
                                                                                                                                                                                                    Yes
                                                                                                                                                                                                    
                                                                                                                                                                                                     		
 
                                                                                                                                                                                                    Requested capacity in the PVC, in Gi.
                                                                                                                                                                                                    
-
                                                                                                                                                                                                    For OBS, this parameter is used only for verification (cannot be empty or 0). Its value is fixed at 1, and any value you set does not take effect for OBS.
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    For OBS, this parameter is only for verification. It must not be empty or 0, and its value is fixed at 1Gi. Any value you set will not take effect.
                                                                                                                                                                                                    
                                                                                                                                                                                                     		
 
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    storageClassName
                                                                                                                                                                                                    
@@ -349,7 +349,7 @@ spec:
 
                                                                                                                                                                                                    Expected output:
                                                                                                                                                                                                    web-demo-846b489584-mjhm9   1/1     Running   0             46s
 web-demo-846b489584-wvv5s   1/1     Running   0             46s
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    
-
                                                                                                                                                                                                  3. Run the following commands in sequence to view the files in the /data path of the pods:
                                                                                                                                                                                                    kubectl exec web-demo-846b489584-mjhm9 -- ls /data
+
                                                                                                                                                                                                  4. Run the following commands in sequence to check the files in the /data path of the pods:
                                                                                                                                                                                                    kubectl exec web-demo-846b489584-mjhm9 -- ls /data
 kubectl exec web-demo-846b489584-wvv5s -- ls /data
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    If no result is returned for both pods, no file exists in the /data path.
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    5. 
@@ -428,7 +428,7 @@ static
                                                                                                                                                                                                     		
 
                                                                                                                                                                                                    View, copy, or download the YAML file of a PVC or PV.
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    1. Choose Storage in the navigation pane. In the right pane, click the PVCs or PVs tab.
                                                                                                                                                                                                    2. Click View YAML in the Operation column of the target PVC or PV to view or download the YAML.
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    1. Choose Storage in the navigation pane. In the right pane, click the PVCs or PVs tab.
                                                                                                                                                                                                    2. Click View YAML in the Operation column of the target PVC or PV to view, copy, or download the YAML.
                                                                                                                                                                                                    
                                                                                                                                                                                                     		
 
                                                                                                                                                                                                    
 
 
 
                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    Creating a StorageClass Through the Console
                                                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                    2. Choose Storage in the navigation pane. In the right pane, click the Storage Classes tab. Click Create Storage Class in the upper right corner. In the dialog box displayed, configure parameters.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      
-
-
-
-
-
-
-
-
-
                                                                                                                                                                                                      Parameter
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      Description
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Description
                                                                                                                                                                                                      
                                                                                                                                                                                                       		
 
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      StorageClass Type
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Type
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      Select an underlying storage type.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The type of the underlying storage.
                                                                                                                                                                                                      
                                                                                                                                                                                                       		
 
                                                                                                                                                                                                      Name
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Name
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      Enter the StorageClass name. The name of a StorageClass must be unique within a cluster.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The StorageClass name. The name of a StorageClass must be unique within a cluster.
                                                                                                                                                                                                      
                                                                                                                                                                                                       		
 
                                                                                                                                                                                                      Reclaim Policy
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Reclaim Policy
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      You can select Delete or Retain to specify the reclaim policy of the underlying storage when the PVC is deleted. For details, see PV Reclaim Policy.
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      • Delete: When a PVC is deleted, its associated underlying storage resources will be deleted and the PV resources will be removed. Exercise caution if you select this option.
                                                                                                                                                                                                      • Retain: When a PVC is deleted, both of the PV and its associated underlying storage resources will be retained and the PV is marked as released. If you manually delete the PV afterwards, the underlying storage resources will not be deleted. To bind the PV to a new PVC, you need to remove the original binding information from the PV.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The policy for reclaiming the underlying storage when the PVC is deleted. For details, see PV Reclaim Policy.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      • Delete: When a PVC is deleted, its associated underlying storage resources are deleted and the PV resources are removed. Exercise caution if you select this option.
                                                                                                                                                                                                      • Retain: When a PVC is deleted, the associated PV and underlying storage resources are retained and need to be manually deleted.
                                                                                                                                                                                                      
                                                                                                                                                                                                       		
 
                                                                                                                                                                                                      Binding Mode
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Binding
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      Time when a PV is dynamically created, which can be created immediately or with a delay.
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      • Immediate: After a PVC is created, the storage resources and PV will be created and associated with the PVC without delay. Local PVs do not support Immediate.
                                                                                                                                                                                                      • WaitForFirstConsumer: After a PVC is created, it will not be immediately bound to a PV. Instead, the storage resources and PV will be generated and bound to the PVC only after the pod that requires the PVC is scheduled. OBS, SFS, and SFS Turbo do not support WaitForFirstConsumer.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      When a PV is dynamically created, either immediately or with a delay.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      • Immediate: When a PVC is created, the storage resources and PV are created and bound to the PVC immediately, without delay. Local PVs do not support Immediate.
                                                                                                                                                                                                      • WaitForFirstConsumer: When a PVC is created, it is not immediately bound to a PV. Instead, the storage resources and PV are created and bound to the PVC only after the pod that requires the PVC is scheduled. OBS, SFS, and SFS Turbo do not support WaitForFirstConsumer.
                                                                                                                                                                                                      
                                                                                                                                                                                                       		
 
                                                                                                                                                                                                      
                                                                                                                                                                                                       
 
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      
-
                                                                                                                                                                                                    3. Click Create. On the Storage Classes tab page, view the created StorageClass and its information.
                                                                                                                                                                                                    
+
                                                                                                                                                                                                  5. Click Create. On the Storage Classes tab page, view the created StorageClass and its information.
                                                                                                                                                                                                    6. 
 
                                                                                                                                                                                                    
-
                                                                                                                                                                                                    Creating a StorageClass Using a YAML File
                                                                                                                                                                                                    As of now, CCE provides StorageClasses such as csi-disk, csi-nas, and csi-obs by default. When defining a PVC, you can use a StorageClassName to automatically create a PV of the corresponding type and automatically create underlying storage resources.
                                                                                                                                                                                                    
-
                                                                                                                                                                                                    Run the following kubectl command to obtain the StorageClasses that CCE supports. Use the CSI add-on provided by CCE to create a StorageClass.
                                                                                                                                                                                                    
-
                                                                                                                                                                                                    # kubectl get sc
-NAME                PROVISIONER                     AGE
-csi-disk            everest-csi-provisioner         17d          # EVS disk
-csi-disk-topology   everest-csi-provisioner         17d          # EVS disks created with delay
-csi-nas             everest-csi-provisioner         17d          # SFS 1.0
-csi-obs             everest-csi-provisioner         17d          # OBS
-csi-sfsturbo        everest-csi-provisioner         17d          # SFS Turbo
-
                                                                                                                                                                                                    
-
                                                                                                                                                                                                    Each StorageClass contains the default parameters used for dynamically creating a PV. The following is an example of StorageClass for EVS disks:
                                                                                                                                                                                                    kind: StorageClass
+
                                                                                                                                                                                                    Creating a StorageClass Using kubectl
                                                                                                                                                                                                    This section provides several StorageClass templates. You can choose the one that best suits your needs to quickly create a StorageClass resource.
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    EVS
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    1. Use kubectl to access the cluster (Accessing a Cluster Using kubectl).
                                                                                                                                                                                                    2. Create a YAML file for the StorageClass. The file name is customizable.
                                                                                                                                                                                                      vim evs-storageclass.yaml
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The file content is as follows:
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      kind: StorageClass
 apiVersion: storage.k8s.io/v1
 metadata:
-  name: csi-disk
-provisioner: everest-csi-provisioner
-parameters:
+  name: csi-disk-evs
+  annotations:
+    storageclass.kubernetes.io/is-default-class: "false"   # (Optional) Specify the default StorageClass in a cluster. Only one default StorageClass is allowed per cluster.
+provisioner: everest-csi-provisioner
+parameters:
   csi.storage.k8s.io/csi-driver-name: disk.csi.everest.io
-  csi.storage.k8s.io/fstype: ext4    # (Optional) Set the file system type to xfs or ext4. If it is left blank, ext4 will be used by default.
-  everest.io/disk-volume-type: SAS
+  csi.storage.k8s.io/fstype: ext4    # (Optional) The file system is of the xfs or ext4 type. If it is left blank, ext4 will be used by default.
+  everest.io/disk-volume-type: GPSSD2
   everest.io/passthrough: 'true'
-reclaimPolicy: Delete
-allowVolumeExpansion: true
-volumeBindingMode: Immediate
                                                                                                                                                                                                      
+  everest.io/disk-iops: '3000'  # This parameter is only available for General Purpose SSD v2 disks.
+  everest.io/disk-throughput: '100'  # This parameter is only available for General Purpose SSD v2 disks.
+reclaimPolicy: Delete
+allowVolumeExpansion: true
+volumeBindingMode: Immediate
                                                                                                                                                                                                    
 
-
                                                                                                                                                                                                    Table 1 Key parameters
                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                                                                                                                                                                    Table 1 Parameters
                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    Description
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    Description
                                                                                                                                                                                                    
                                                                                                                                                                                                     		
 
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    provisioner
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    metadata.annotations.storageclass.kubernetes.io/is-default-class
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    Specifies the storage resource provider, which is the Everest add-on for CCE. Set this parameter to everest-csi-provisioner.
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    The default StorageClass. Configure only one default StorageClass per cluster. If multiple default StorageClasses exist, CCE will not report an error, but the behavior may be unpredictable.
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    • true: The current StorageClass is the default one. If StorageClassName is not explicitly specified when you create a PVC, CCE will use the default StorageClass.
                                                                                                                                                                                                    • false or not set: The current StorageClass is not the default one.
                                                                                                                                                                                                    
                                                                                                                                                                                                     		
 
                                                                                                                                                                                                    parameters
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    provisioner
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    Specifies the storage parameters, which vary with storage types. For details, see Table 2.
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    The storage resource provisioner. CCE storage is provided by Everest. You can only enter everest-csi-provisioner.
                                                                                                                                                                                                    
                                                                                                                                                                                                     		
 
                                                                                                                                                                                                    reclaimPolicy
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    parameters
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    Specifies the value of persistentVolumeReclaimPolicy for creating a PV. The value can be Delete or Retain. If reclaimPolicy is not specified when a StorageClass object is created, the value defaults to Delete.
                                                                                                                                                                                                    
-
                                                                                                                                                                                                    • Delete: When a PVC is deleted, its associated underlying storage resources will be deleted and the PV resources will be removed. Exercise caution if you select this option.
                                                                                                                                                                                                    • Retain: When a PVC is deleted, both of the PV and its associated underlying storage resources will be retained and the PV is marked as released. If you manually delete the PV afterwards, the underlying storage resources will not be deleted. To bind the PV to a new PVC, you need to remove the original binding information from the PV.
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    The configuration parameters of a StorageClass. For details, see Table 2.
                                                                                                                                                                                                    
                                                                                                                                                                                                     		
 
                                                                                                                                                                                                    allowVolumeExpansion
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    reclaimPolicy
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    Specifies whether the PV of this StorageClass supports dynamic capacity expansion. The default value is false. Dynamic capacity expansion is implemented by the underlying storage add-on. This is only a switch.
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    The policy for reclaiming the underlying storage when the PVC is deleted. For details, see PV Reclaim Policy. If this parameter is not specified, the default value Delete will be used.
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    • Delete: When a PVC is deleted, its associated underlying storage resources will be deleted and the PV resources will be removed. Exercise caution if you select this option.
                                                                                                                                                                                                    • Retain: When a PVC is deleted, both of the PV and its associated underlying storage resources will be retained and the PV is marked as released. If you manually delete the PV afterwards, the underlying storage resources will not be deleted. To bind the PV to a new PVC, you need to remove the original binding information from the PV.
                                                                                                                                                                                                    
                                                                                                                                                                                                     		
 
                                                                                                                                                                                                    volumeBindingMode
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    allowVolumeExpansion
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    Specifies the volume binding mode, which is the time when a PV is dynamically created. The value can be Immediate or WaitForFirstConsumer.
                                                                                                                                                                                                    
-
                                                                                                                                                                                                    • Immediate: After a PVC is created, the storage resources and PV will be created and associated with the PVC without delay.
                                                                                                                                                                                                    • WaitForFirstConsumer: After a PVC is created, it will not be immediately bound to a PV. Instead, the storage resources and PV will be generated and bound to the PVC only after the pod that requires the PVC is scheduled.
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    Whether the PVs provisioned by a StorageClass can be dynamically expanded by modifying the PVC. The default value is false.
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    This parameter is used to enable dynamic capacity expansion. Whether this function applies depends on the underlying storage add-on. If the underlying storage add-on does not support dynamic capacity expansion, the capacity cannot be expanded even if this parameter is set to true. Only EVS and SFS Turbo (without subdirectories or with limited subdirectories) support dynamic capacity expansion.
                                                                                                                                                                                                    
                                                                                                                                                                                                     		
 
                                                                                                                                                                                                    mountOptions
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    volumeBindingMode
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    This field must be supported by the underlying storage. If this field is not supported but is specified, the PV creation will fail.
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    How a volume is bound when a PV is dynamically created. The value can be Immediate or WaitForFirstConsumer.
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    • Immediate: When a PVC is created, the storage resources and PV are created and bound to the PVC immediately, without delay.
                                                                                                                                                                                                    • WaitForFirstConsumer: When a PVC is created, it is not immediately bound to a PV. Instead, the storage resources and PV are created and bound to the PVC only after the pod that requires the PVC is scheduled.
                                                                                                                                                                                                    
                                                                                                                                                                                                     		
 
                                                                                                                                                                                                    
                                                                                                                                                                                                     
 
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    
 
-
                                                                                                                                                                                                    Table 2 Parameters
                                                                                                                                                                                                    Volume Type
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
                                                                                                                                                                                                    Table 2 Parameters
                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    Mandatory
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    Mandatory
                                                                                                                                                                                                    
-
                                                                                                                                                                                                    Description
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    Description
                                                                                                                                                                                                    
                                                                                                                                                                                                     		
 
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    EVS
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    csi.storage.k8s.io/csi-driver-name
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    csi.storage.k8s.io/csi-driver-name
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    Yes
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    Yes
                                                                                                                                                                                                    
-
                                                                                                                                                                                                    Driver type. If an EVS disk is used, the parameter value is fixed at disk.csi.everest.io.
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    The driver type. If an EVS disk is used, the parameter value is fixed at disk.csi.everest.io.
                                                                                                                                                                                                    
                                                                                                                                                                                                     		
 
                                                                                                                                                                                                    EVS
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    csi.storage.k8s.io/fstype
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    csi.storage.k8s.io/fstype
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    Yes
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    Yes
                                                                                                                                                                                                    
-
                                                                                                                                                                                                    If an EVS disk is used, the parameter value can be ext4 or xfs.
                                                                                                                                                                                                    
-
                                                                                                                                                                                                    The restrictions on using xfs are as follows:
                                                                                                                                                                                                    • The nodes must run CentOS 7, HCE OS 2.0, or Ubuntu 22.04, and the Everest version in the cluster must be 2.3.2 or later.
                                                                                                                                                                                                    • Only common containers are supported.
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    The file system type used by a CSI driver to create storage volumes. If an EVS disk is used, the parameter value can be ext4 or xfs.
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    The restrictions on using xfs are as follows:
                                                                                                                                                                                                    • The nodes must run CentOS 7, HCE OS 2.0, or Ubuntu 22.04, and the Everest version in the cluster must be 2.3.2 or later.
                                                                                                                                                                                                    • Only regular containers are supported.
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    
                                                                                                                                                                                                     		
 
                                                                                                                                                                                                    EVS
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    everest.io/disk-volume-type
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    everest.io/disk-volume-type
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    Yes
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    Yes
                                                                                                                                                                                                    
-
                                                                                                                                                                                                    EVS disk type. All letters are in uppercase.
                                                                                                                                                                                                    • SATA: common I/O
                                                                                                                                                                                                    • SAS: high I/O
                                                                                                                                                                                                    • SSD: ultra-high I/O
                                                                                                                                                                                                    • GPSSD: general-purpose SSD
                                                                                                                                                                                                    • ESSD: extreme SSD
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    EVS disk type. All letters are in uppercase.
                                                                                                                                                                                                    • SATA: common I/O
                                                                                                                                                                                                    • SAS: high I/O
                                                                                                                                                                                                    • SSD: ultra-high I/O
                                                                                                                                                                                                    • GPSSD: general-purpose SSD
                                                                                                                                                                                                    • ESSD: extreme SSD
                                                                                                                                                                                                    • GPSSD2: general-purpose SSD v2, which is supported when the Everest version is 2.4.4 or later and the everest.io/disk-iops and everest.io/disk-throughput annotations are configured
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    
                                                                                                                                                                                                     		
 
                                                                                                                                                                                                    EVS
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    everest.io/passthrough
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    everest.io/passthrough
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    Yes
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    Yes
                                                                                                                                                                                                    
-
                                                                                                                                                                                                    The parameter value is fixed at true, which indicates that the EVS device type is SCSI. No other parameter values are allowed.
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    The parameter value is fixed at true. This indicates that the EVS device type is SCSI. No other parameter values are allowed.
                                                                                                                                                                                                    
                                                                                                                                                                                                     		
 
                                                                                                                                                                                                    SFS
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    everest.io/disk-iops
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    csi.storage.k8s.io/csi-driver-name
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    No
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    Yes
                                                                                                                                                                                                    
-
                                                                                                                                                                                                    Driver type. If SFS is used, the parameter value is fixed at nas.csi.everest.io.
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    The IOPS of the underlying storage. This parameter is only available for General Purpose SSD v2 disks.
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    • The IOPS of General Purpose SSD v2 disks ranges from 3000 to 128000, and the maximum value is 500 times of the capacity (GiB).
                                                                                                                                                                                                      If the IOPS of General Purpose SSD v2 disks is greater than 3000, extra IOPS will be billed. 
                                                                                                                                                                                                      
+
                                                                                                                                                                                                    
                                                                                                                                                                                                     		
 
                                                                                                                                                                                                    SFS
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    everest.io/disk-throughput
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    csi.storage.k8s.io/fstype
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    No
                                                                                                                                                                                                    
 
                                                                                                                                                                                                    Yes
                                                                                                                                                                                                    
-
                                                                                                                                                                                                    If SFS is used, the value can be nfs.
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    The throughput of the underlying storage. This parameter is only available for General Purpose SSD v2 disks. The value ranges from 125 MiB/s to 1000 MiB/s. The maximum value is a quarter of IOPS.
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    If the throughput is greater than 125 MiB/s, extra throughput will be billed. 
                                                                                                                                                                                                    
                                                                                                                                                                                                     		
 
                                                                                                                                                                                                    SFS
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    
+
                                                                                                                                                                                                  6. Create the StorageClass.
                                                                                                                                                                                                    kubectl apply -f evs-storageclass.yaml
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    Information similar to the following is displayed:
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    storageclass.storage.k8s.io/csi-disk-evs created
                                                                                                                                                                                                    
+
                                                                                                                                                                                                  7. Check details of csi-disk-evs.
                                                                                                                                                                                                    kubectl describe sc csi-disk-evs
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    Information similar to the following is displayed:
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    Name:            csi-disk-evs
+IsDefaultClass:  No
+Annotations:     kubectl.kubernetes.io/last-applied-configuration={"allowVolumeExpansion":true,"apiVersion":"storage.k8s.io/v1","kind":"StorageClass","metadata":{"annotations":{},"name":"csi-disk-evs"},......
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    8. 
+
                                                                                                                                                                                                    SFS
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    1. Use kubectl to access the cluster (Accessing a Cluster Using kubectl).
                                                                                                                                                                                                    2. Create a YAML file for the StorageClass. The file name is customizable.
                                                                                                                                                                                                      vim sfs-storageclass.yaml
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The file content is as follows:
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      kind: StorageClass
+apiVersion: storage.k8s.io/v1
+metadata:
+  name: csi-nas-sfs3
+  annotations:
+    storageclass.kubernetes.io/is-default-class: "false"   # (Optional) Specify the default StorageClass in a cluster. Only one default StorageClass is allowed per cluster.
+provisioner: everest-csi-provisioner
+parameters:
+  csi.storage.k8s.io/csi-driver-name: nas.csi.everest.io
+  csi.storage.k8s.io/fstype: nfs
+  everest.io/share-access-level: rw
+  everest.io/share-access-to: xxx-xxx-xxx-xxx-xxx
+reclaimPolicy: Delete
+allowVolumeExpansion: false
+volumeBindingMode: Immediate
+mountOptions: []  # This parameter is optional and is supported only by certain StorageClasses. If it is not supported by the specified StorageClass, delete this parameter.
                                                                                                                                                                                                      
+
+
                                                                                                                                                                                                      
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
                                                                                                                                                                                                      Table 3 Parameters
                                                                                                                                                                                                      Parameter
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Description
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      metadata.annotations.storageclass.kubernetes.io/is-default-class
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      everest.io/share-access-level
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      Yes
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      The parameter value is fixed at rw, indicating that the SFS data is readable and writable.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The default StorageClass. Configure only one default StorageClass per cluster. If multiple default StorageClasses exist, CCE will not report an error, but the behavior may be unpredictable.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      • true: The current StorageClass is the default one. If StorageClassName is not explicitly specified when you create a PVC, CCE will use the default StorageClass.
                                                                                                                                                                                                      • false or not set: The current StorageClass is not the default one.
                                                                                                                                                                                                      
                                                                                                                                                                                                       		
 
                                                                                                                                                                                                      SFS
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      provisioner
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      everest.io/share-access-to
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      Yes
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      VPC ID of the cluster.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The storage resource provisioner. CCE storage is provided by Everest. You can only enter everest-csi-provisioner.
                                                                                                                                                                                                      
                                                                                                                                                                                                       		
 
                                                                                                                                                                                                      SFS
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      parameters
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      everest.io/share-is-public
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      No
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      The parameter value is fixed at false, indicating that the file is shared to private.
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      When you use SFS 3.0, there is no need to configure this parameter.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The configuration parameters of a StorageClass. For details, see Table 4.
                                                                                                                                                                                                      
                                                                                                                                                                                                       		
 
                                                                                                                                                                                                      SFS
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      reclaimPolicy
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      everest.io/sfs-version
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      No
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      This parameter is only required for SFS 3.0 and its value is fixed at sfs3.0.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The policy for reclaiming the underlying storage when the PVC is deleted. For details, see PV Reclaim Policy. If this parameter is not specified, the default value Delete will be used.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      • Delete: When a PVC is deleted, its associated underlying storage resources will be deleted and the PV resources will be removed. Exercise caution if you select this option.
                                                                                                                                                                                                      • Retain: When a PVC is deleted, both of the PV and its associated underlying storage resources will be retained and the PV is marked as released. If you manually delete the PV afterwards, the underlying storage resources will not be deleted. To bind the PV to a new PVC, you need to remove the original binding information from the PV.
                                                                                                                                                                                                      
                                                                                                                                                                                                       		
 
                                                                                                                                                                                                      SFS Turbo
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      allowVolumeExpansion
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      csi.storage.k8s.io/csi-driver-name
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      Yes
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      Driver type. If SFS Turbo is used, the parameter value is fixed at sfsturbo.csi.everest.io.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Whether the PVs provisioned by a StorageClass can be dynamically expanded by modifying the PVC. The default value is false.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      This parameter is used to enable dynamic capacity expansion. Whether this function applies depends on the underlying storage add-on. If the underlying storage add-on does not support dynamic capacity expansion, the capacity cannot be expanded even if this parameter is set to true. Only EVS and SFS Turbo (without subdirectories or with limited subdirectories) support dynamic capacity expansion.
                                                                                                                                                                                                      
                                                                                                                                                                                                       		
 
                                                                                                                                                                                                      SFS Turbo
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      volumeBindingMode
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      csi.storage.k8s.io/fstype
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      Yes
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      If SFS Turbo is used, the value can be nfs.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      How a volume is bound when a PV is dynamically created. The value can be Immediate or WaitForFirstConsumer. SFS supports only Immediate.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      • Immediate: When a PVC is created, the storage resources and PV are created and bound to the PVC immediately, without delay.
                                                                                                                                                                                                      • WaitForFirstConsumer: When a PVC is created, it is not immediately bound to a PV. Instead, the storage resources and PV are created and bound to the PVC only after the pod that requires the PVC is scheduled.
                                                                                                                                                                                                      
                                                                                                                                                                                                       		
 
                                                                                                                                                                                                      SFS Turbo
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      mountOptions
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      everest.io/share-access-to
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      Yes
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      VPC ID of the cluster.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Parameters used to mount volumes, which control the mounting behavior (such as read-only and buffer policies). You can configure mount options for SFS file systems. For details, see Configuring SFS Volume Mount Options.
                                                                                                                                                                                                      
                                                                                                                                                                                                       		
 
                                                                                                                                                                                                      SFS Turbo
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      
+
+
                                                                                                                                                                                                      
+
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
                                                                                                                                                                                                      Table 4 Parameters
                                                                                                                                                                                                      Parameter
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Mandatory
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Description
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      csi.storage.k8s.io/csi-driver-name
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      everest.io/share-expand-type
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Yes
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      No
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      Extension type. The default value is bandwidth, indicating an enhanced file system. This parameter does not take effect.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The driver type. If SFS is used, the parameter value is fixed at nas.csi.everest.io.
                                                                                                                                                                                                      
                                                                                                                                                                                                       		
 
                                                                                                                                                                                                      SFS Turbo
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      csi.storage.k8s.io/fstype
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      everest.io/share-source
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Yes
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      Yes
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      The parameter value is fixed at sfs-turbo.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The file system type used for mounting the storage volume. If SFS is used, the value can be nfs.
                                                                                                                                                                                                      
                                                                                                                                                                                                       		
 
                                                                                                                                                                                                      SFS Turbo
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      everest.io/share-access-level
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      everest.io/share-volume-type
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Yes
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      No
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      SFS Turbo StorageClass. The default value is STANDARD, indicating standard and standard enhanced editions. This parameter does not take effect.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The parameter value is fixed at rw. This indicates that the SFS data is readable and writable.
                                                                                                                                                                                                      
                                                                                                                                                                                                       		
 
                                                                                                                                                                                                      SFS Turbo
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      everest.io/share-access-to
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      everest.io/reclaim-policy
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Yes
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      No
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The VPC ID of the cluster.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      To obtain the ID, go to the cluster overview page, find VPC in the Networking Configuration pane, hover over the target VPC, and copy the VPC ID.
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      Whether to retain subdirectories when deleting a PVC. This parameter must be used with reclaim policies. This parameter is available only when the PV reclaim policy is Delete. Options:
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      • retain-volume-only: If a PVC is deleted, the PV will be deleted, but its associated subdirectories will be retained.
                                                                                                                                                                                                      • delete: When a PVC is deleted, the associated PV and its subdirectories will also be deleted.
                                                                                                                                                                                                         NOTE: 
                                                                                                                                                                                                        When a subdirectory is deleted, only the absolute path of the subdirectory configured in the PVC will be deleted. The upper-layer directory will not be deleted.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                      everest.io/share-is-public
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      No
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The parameter value is fixed at false. This indicates that the file is shared to private.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      
+
                                                                                                                                                                                                    3. Create the StorageClass.
                                                                                                                                                                                                      kubectl apply -f sfs-storageclass.yaml
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Information similar to the following is displayed:
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      storageclass.storage.k8s.io/csi-nas-sfs3 created
                                                                                                                                                                                                      
+
                                                                                                                                                                                                    4. Check details of csi-nas-sfs3.
                                                                                                                                                                                                      kubectl describe sc csi-nas-sfs3
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Information similar to the following is displayed:
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Name:            csi-nas-sfs3
+IsDefaultClass:  No
+Annotations:     kubectl.kubernetes.io/last-applied-configuration={"allowVolumeExpansion":true,"apiVersion":"storage.k8s.io/v1","kind":"StorageClass","metadata":{"annotations":{"storageclass.kubernetes.io/is-default-class":"false"},...
                                                                                                                                                                                                      
+
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    SFS Turbo
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    1. Use kubectl to access the cluster (Accessing a Cluster Using kubectl).
                                                                                                                                                                                                    2. Create a YAML file for the StorageClass. The file name is customizable.
                                                                                                                                                                                                      vim sfsturbo-storageclass.yaml
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The file content is as follows:
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      kind: StorageClass
+apiVersion: storage.k8s.io/v1
+metadata:
+  name: csi-sfsturbo-test1
+  annotations:
+    storageclass.kubernetes.io/is-default-class: "false"   # (Optional) Specify the default StorageClass in a cluster. Only one default StorageClass is allowed per cluster.
+provisioner: everest-csi-provisioner
+parameters:
+  csi.storage.k8s.io/csi-driver-name: sfsturbo.csi.everest.io
+  csi.storage.k8s.io/fstype: nfs
+  everest.io/reclaim-policy: retain-volume-only
+  everest.io/share-access-to: xxx-xxx-xxx-xxx-xxx
+  everest.io/share-expand-type: bandwidth
+  everest.io/share-source: sfs-turbo
+  everest.io/share-volume-type: STANDARD
+reclaimPolicy: Delete
+allowVolumeExpansion: true
+volumeBindingMode: Immediate
                                                                                                                                                                                                      
+
+
                                                                                                                                                                                                      
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                      Table 5 Parameters
                                                                                                                                                                                                      Parameter
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Description
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      metadata.annotations.storageclass.kubernetes.io/is-default-class
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The default StorageClass. Configure only one default StorageClass per cluster. If multiple default StorageClasses exist, CCE will not report an error, but the behavior may be unpredictable.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      • true: The current StorageClass is the default one. If StorageClassName is not explicitly specified when you create a PVC, CCE will use the default StorageClass.
                                                                                                                                                                                                      • false or not set: The current StorageClass is not the default one.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      provisioner
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The storage resource provisioner. CCE storage is provided by Everest. You can only enter everest-csi-provisioner.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      parameters
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The configuration parameters of a StorageClass. For details, see Table 6.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      reclaimPolicy
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The policy for reclaiming the underlying storage when the PVC is deleted. For details, see PV Reclaim Policy. If this parameter is not specified, the default value Delete will be used.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      • Delete: When a PVC is deleted, its associated underlying storage resources will be deleted and the PV resources will be removed. Exercise caution if you select this option.
                                                                                                                                                                                                      • Retain: When a PVC is deleted, both of the PV and its associated underlying storage resources will be retained and the PV is marked as released. If you manually delete the PV afterwards, the underlying storage resources will not be deleted. To bind the PV to a new PVC, you need to remove the original binding information from the PV.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      allowVolumeExpansion
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Whether the PVs provisioned by a StorageClass can be dynamically expanded by modifying the PVC. The default value is false.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      This parameter is used to enable dynamic capacity expansion. Whether this function applies depends on the underlying storage add-on. If the underlying storage add-on does not support dynamic capacity expansion, the capacity cannot be expanded even if this parameter is set to true. Only EVS and SFS Turbo (without subdirectories or with limited subdirectories) support dynamic capacity expansion.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      volumeBindingMode
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      How a volume is bound when a PV is dynamically created. The value can be Immediate or WaitForFirstConsumer. SFS Turbo supports only Immediate.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      • Immediate: When a PVC is created, the storage resources and PV are created and bound to the PVC immediately, without delay.
                                                                                                                                                                                                      • WaitForFirstConsumer: When a PVC is created, it is not immediately bound to a PV. Instead, the storage resources and PV are created and bound to the PVC only after the pod that requires the PVC is scheduled.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      
+
+
                                                                                                                                                                                                      
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                                                                                                                                                                      Table 6 Parameters
                                                                                                                                                                                                      Parameter
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Mandatory
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Description
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      csi.storage.k8s.io/csi-driver-name
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Yes
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The driver type. If SFS Turbo is used, the parameter value is fixed at sfsturbo.csi.everest.io.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      csi.storage.k8s.io/fstype
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Yes
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The file system type used for mounting the storage volume. If SFS Turbo is used, the value can be nfs.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      everest.io/share-access-to
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Yes
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The VPC ID of the cluster.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      To obtain the ID, go to the cluster overview page, find VPC in the Networking Configuration pane, hover over the target VPC, and copy the VPC ID.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      everest.io/share-expand-type
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      No
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The expansion type. The default value is bandwidth, indicating an enhanced file system.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      This field has been deprecated and is no longer effective.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      everest.io/share-source
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Yes
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The parameter value is fixed at sfs-turbo.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      everest.io/share-volume-type
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      No
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The SFS Turbo StorageClass. The default value is STANDARD, indicating both the standard and standard enhanced editions.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      This field has been deprecated and is no longer effective.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      everest.io/reclaim-policy
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      No
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Whether to retain subdirectories when deleting a PVC. This parameter must be used with reclaimPolicy. This parameter is available only when the PV reclaim policy is Delete. Options:
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      • retain-volume-only: When a PVC is deleted, the PV is deleted, but its associated subdirectories are retained.
                                                                                                                                                                                                      • delete: When a PVC is deleted, the PV and its associated subdirectories are also deleted.
                                                                                                                                                                                                         NOTE: 
                                                                                                                                                                                                        When a subdirectory is deleted, only the absolute path of the subdirectory specified in the PVC is deleted. The parent directory is retained.
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        
 
                                                                                                                                                                                                      
                                                                                                                                                                                                       		
 
                                                                                                                                                                                                      OBS
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      csi.storage.k8s.io/csi-driver-name
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      Yes
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      Driver type. If OBS is used, the parameter value is fixed at obs.csi.everest.io.
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      OBS
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      csi.storage.k8s.io/fstype
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      Yes
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      Instance type, which can be obsfs or s3fs.
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      • obsfs: a parallel file system
                                                                                                                                                                                                      • s3fs: object bucket
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      OBS
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      everest.io/obs-volume-type
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      Yes
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      OBS StorageClass.
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      • If fsType is set to s3fs, standard buckets (STANDARD) and infrequent access buckets (WARM) are supported.
                                                                                                                                                                                                      • This parameter is invalid when fsType is set to obsfs.
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      Local PV
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      csi.storage.k8s.io/csi-driver-name
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      Yes
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      Driver type. If a local PV is used, the parameter value is fixed at local.csi.everest.io.
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      Local PV
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      csi.storage.k8s.io/fstype
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      Yes
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      File system type. The value can only be ext4.
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      Local PV
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      volume-type
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      Yes
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      Volume type. The value can only be persistent.
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      
                                                                                                                                                                                                       
 
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      
-
                                                                                                                                                                                                    
-
                                                                                                                                                                                                    
-
                                                                                                                                                                                                    Application Scenarios of Custom Storage
                                                                                                                                                                                                    When using storage resources in CCE, the most common method is to specify StorageClassName to define the type of storage resources to be created when creating a PVC. The following configuration shows how to use a PVC to apply for a SAS (high I/O) EVS disk (block storage).
                                                                                                                                                                                                    
-
                                                                                                                                                                                                    apiVersion: v1
-kind: PersistentVolumeClaim
+
                                                                                                                                                                                                  8. Create the StorageClass.
                                                                                                                                                                                                    kubectl apply -f sfsturbo-storageclass.yaml
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    Information similar to the following is displayed:
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    storageclass.storage.k8s.io/csi-sfsturbo-test1 created
                                                                                                                                                                                                    
+
                                                                                                                                                                                                  9. Check details of csi-sfsturbo-test1.
                                                                                                                                                                                                    kubectl describe sc csi-sfsturbo-test1
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    Information similar to the following is displayed:
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    Name:            csi-sfsturbo-test1
+IsDefaultClass:  No
+Annotations:     kubectl.kubernetes.io/last-applied-configuration={"allowVolumeExpansion":false,"apiVersion":"storage.k8s.io/v1","kind":"StorageClass","metadata":{"annotations":{"storageclass.kubernetes.io/is-default-class":"false"},...
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    10. 
+
                                                                                                                                                                                                    OBS
                                                                                                                                                                                                    
+
                                                                                                                                                                                                    1. Use kubectl to access the cluster (Accessing a Cluster Using kubectl).
                                                                                                                                                                                                    2. Create a YAML file for the StorageClass. The file name is customizable.
                                                                                                                                                                                                      vim obs-storageclass.yaml
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The file content is as follows:
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      kind: StorageClass
+apiVersion: storage.k8s.io/v1
 metadata:
-  name: pvc-evs-example
-  namespace: default
-  annotations:
-    everest.io/disk-volume-type: SAS
-spec:
-  accessModes:
-  - ReadWriteOnce
-  resources:
-    requests:
-      storage: 10Gi
-  storageClassName: csi-disk
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      To specify the EVS disk type on CCE, use the everest.io/disk-volume-type field. SAS indicates the EVS disk type.
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      The preceding is a basic method of using StorageClass. In real-world scenarios, you can use StorageClass to perform other operations.
-
                                                                                                                                                                                                      Application Scenario
                                                                                                                                                                                                      
+  name: csi-obs-test1
+  annotations:
+    storageclass.kubernetes.io/is-default-class: "false"   # (Optional) Specify the default StorageClass in a cluster. Only one default StorageClass is allowed per cluster.
+provisioner: everest-csi-provisioner
+parameters:
+  csi.storage.k8s.io/csi-driver-name: obs.csi.everest.io
+  csi.storage.k8s.io/fstype: s3fs
+  everest.io/obs-volume-type: STANDARD
+reclaimPolicy: Delete
+volumeBindingMode: Immediate
+mountOptions: []  # This parameter is optional and is supported only by certain StorageClasses. If it is not supported by the specified StorageClass, delete this parameter.
+
+
                                                                                                                                                                                                      
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
                                                                                                                                                                                                      Table 7 Parameters
                                                                                                                                                                                                      Parameter
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      Solution
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      Procedure
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Description
                                                                                                                                                                                                      
                                                                                                                                                                                                       		
 
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      When annotations is used to specify storage configuration, the configuration is complex. For example, the everest.io/disk-volume-type field is used to specify the EVS disk type.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      metadata.annotations.storageclass.kubernetes.io/is-default-class
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      Define PVC annotations in the parameters field of StorageClass. When compiling a YAML file, you only need to specify StorageClassName.
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      For example, you can define SAS EVS disk and SSD EVS disk as a StorageClass, respectively. If a StorageClass named csi-disk-sas is defined, it is used to create SAS storage.
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      Scenario 1: Specifying the Disk Type in a StorageClass
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The default StorageClass. Configure only one default StorageClass per cluster. If multiple default StorageClasses exist, CCE will not report an error, but the behavior may be unpredictable.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      • true: The current StorageClass is the default one. If StorageClassName is not explicitly specified when you create a PVC, CCE will use the default StorageClass.
                                                                                                                                                                                                      • false or not set: The current StorageClass is not the default one.
                                                                                                                                                                                                      
                                                                                                                                                                                                       		
 
                                                                                                                                                                                                      When a user migrates services from an on-premises Kubernetes cluster or other Kubernetes services to CCE, the StorageClass used in the original application YAML file is different from that used in CCE. As a result, a large number of YAML files or Helm chart packages need to be modified when the storage is used, which is complex and error-prone.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      provisioner
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      Create a StorageClass with the same name as that in the original application YAML file in the CCE cluster. After the migration, you do not need to modify the StorageClassName in the application YAML file.
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      For example, the StorageClass of the EVS disk used before the migration is disk-standard. After migrating services to a CCE cluster, you can copy the YAML file of the csi-disk StorageClass in the CCE cluster, change its name to disk-standard, and create another StorageClass.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The storage resource provisioner. CCE storage is provided by Everest. You can only enter everest-csi-provisioner.
                                                                                                                                                                                                      
                                                                                                                                                                                                       		
 
                                                                                                                                                                                                      StorageClassName must be specified in the YAML file to use the storage. If not, the storage cannot be created.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      parameters
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      If you set the default StorageClass in the cluster, you can create storage without specifying the StorageClassName in the YAML file.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The configuration parameters of a StorageClass. For details, see Table 8.
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      Scenario 2: Specifying the Default StorageClass
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      reclaimPolicy
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The policy for reclaiming the underlying storage when the PVC is deleted. For details, see PV Reclaim Policy. If this parameter is not specified, the default value Delete will be used.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      • Delete: When a PVC is deleted, its associated underlying storage resources will be deleted and the PV resources will be removed. Exercise caution if you select this option.
                                                                                                                                                                                                      • Retain: When a PVC is deleted, both of the PV and its associated underlying storage resources will be retained and the PV is marked as released. If you manually delete the PV afterwards, the underlying storage resources will not be deleted. To bind the PV to a new PVC, you need to remove the original binding information from the PV.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      volumeBindingMode
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      How a volume is bound when a PV is dynamically created. The value can be Immediate or WaitForFirstConsumer. OBS supports only Immediate.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      • Immediate: When a PVC is created, the storage resources and PV are created and bound to the PVC immediately, without delay.
                                                                                                                                                                                                      • WaitForFirstConsumer: When a PVC is created, it is not immediately bound to a PV. Instead, the storage resources and PV are created and bound to the PVC only after the pod that requires the PVC is scheduled.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      mountOptions
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Parameters used to mount volumes, which control the mounting behavior (such as read-only and buffer policies). You can configure mount options for OBS volumes. For details, see Configuring OBS Mount Options.
                                                                                                                                                                                                      
                                                                                                                                                                                                       		
 
                                                                                                                                                                                                      
                                                                                                                                                                                                       
 
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      
+
+
                                                                                                                                                                                                      
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                      Table 8 Parameters
                                                                                                                                                                                                      Parameter
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Mandatory
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Description
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      csi.storage.k8s.io/csi-driver-name
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Yes
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The driver type. If OBS is used, the parameter value is fixed at obs.csi.everest.io.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      csi.storage.k8s.io/fstype
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Yes
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The instance type, which can be obsfs or s3fs.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      • obsfs: a parallel file system
                                                                                                                                                                                                      • s3fs: an object bucket
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      everest.io/obs-volume-type
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Yes
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The OBS StorageClass.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      • If fsType is set to s3fs, standard buckets (STANDARD) and infrequent access buckets (WARM) are supported.
                                                                                                                                                                                                      • This parameter is invalid when fsType is set to obsfs.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      
-
-
                                                                                                                                                                                                      Scenario 1: Specifying the Disk Type in a StorageClass
                                                                                                                                                                                                      This section uses the custom StorageClass of EVS disks as an example to describe how to define SAS EVS disk and SSD EVS disk as a StorageClass, respectively. For example, if you define a StorageClass named csi-disk-sas, which is used to create SAS storage, the differences are shown in the following figure. When editing a PVC's YAML file, you only need to specify StorageClassName.
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      • You can customize a high I/O StorageClass in a YAML file. For example, the name csi-disk-sas indicates that the disk type is SAS (high I/O).
                                                                                                                                                                                                        apiVersion: storage.k8s.io/v1
-kind: StorageClass
+
                                                                                                                                                                                                      • Create the StorageClass.
                                                                                                                                                                                                        kubectl apply -f obs-storageclass.yaml
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        Information similar to the following is displayed:
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        storageclass.storage.k8s.io/csi-obs-test1 created
                                                                                                                                                                                                        
+
                                                                                                                                                                                                      • Check details of csi-obs-test1.
                                                                                                                                                                                                        kubectl describe sc csi-obs-test1
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        Information similar to the following is displayed:
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        Name:            csi-obs-test1
+IsDefaultClass:  No
+Annotations:     kubectl.kubernetes.io/last-applied-configuration={"apiVersion":"storage.k8s.io/v1","kind":"StorageClass","metadata":{"annotations":{"storageclass.kubernetes.io/is-default-class":"false"},......
                                                                                                                                                                                                        
+
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Local PV
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      1. Use kubectl to access the cluster (Accessing a Cluster Using kubectl).
                                                                                                                                                                                                      2. Create a YAML file for the StorageClass. The file name is customizable.
                                                                                                                                                                                                        vim local-storageclass.yaml
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        The file content is as follows:
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        kind: StorageClass
+apiVersion: storage.k8s.io/v1
 metadata:
-  name: csi-disk-sas                          # Name of the high I/O StorageClass, which can be customized
-parameters:
-  csi.storage.k8s.io/csi-driver-name: disk.csi.everest.io
-  csi.storage.k8s.io/fstype: ext4    # (Optional) Set the file system type to xfs or ext4. If it is left blank, ext4 will be used by default.
-   everest.io/disk-volume-type: SAS            # High I/O EVS disk type, which cannot be customized.
-  everest.io/passthrough: "true"
-provisioner: everest-csi-provisioner
-reclaimPolicy: Delete
-volumeBindingMode: Immediate
-allowVolumeExpansion: true                    # true indicates that capacity expansion is allowed.
                                                                                                                                                                                                        
-
                                                                                                                                                                                                      3. For an ultra-high I/O StorageClass, you can set the class name to csi-disk-ssd to create SSD EVS disk (ultra-high I/O).
                                                                                                                                                                                                        apiVersion: storage.k8s.io/v1
-kind: StorageClass
-metadata:
-  name: csi-disk-ssd                       # Name of the ultra-high I/O StorageClass, which can be customized
-parameters:
-  csi.storage.k8s.io/csi-driver-name: disk.csi.everest.io
-  csi.storage.k8s.io/fstype: ext4    # (Optional) Set the file system type to xfs or ext4. If it is left blank, ext4 will be used by default.
-  everest.io/disk-volume-type: SSD         # Ultra-high I/O EVS disk type, which cannot be customized.
-  everest.io/passthrough: "true"
-provisioner: everest-csi-provisioner
-reclaimPolicy: Delete
-volumeBindingMode: Immediate
-allowVolumeExpansion: true
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        4. 
-
                                                                                                                                                                                                        reclaimPolicy: indicates the reclaim policies of the underlying cloud storage. The value can be Delete or Retain.
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        • Delete: When a PVC is deleted, both the PV and the EVS disk are deleted.
                                                                                                                                                                                                        • Retain: When a PVC is deleted, both the PV and underlying storage resources will be retained. You need to manually delete these resources. After the PVC is deleted, the PV is in the Released state and cannot be bound to a PVC again.
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        If high data security is required, select Retain to prevent data from being deleted by mistake.
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        After the definition is complete, run the kubectl create commands to create storage resources.
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        # kubectl create -f sas.yaml
-storageclass.storage.k8s.io/csi-disk-sas created
-# kubectl create -f ssd.yaml
-storageclass.storage.k8s.io/csi-disk-ssd created
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        Query StorageClass again. The command output is as follows:
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        # kubectl get sc
-NAME                PROVISIONER                     AGE
-csi-disk            everest-csi-provisioner         17d
-csi-disk-sas        everest-csi-provisioner         2m28s
-csi-disk-ssd        everest-csi-provisioner         16s
-csi-disk-topology   everest-csi-provisioner         17d
-csi-nas             everest-csi-provisioner         17d
-csi-obs             everest-csi-provisioner         17d
-csi-sfsturbo        everest-csi-provisioner         17d
                                                                                                                                                                                                        
-
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      Scenario 2: Specifying the Default StorageClass
                                                                                                                                                                                                      You can specify a StorageClass as the default class. In this way, any PVCs created without specifying StorageClassName will automatically use the default StorageClass.
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      For example, to specify csi-disk-ssd as the default StorageClass, edit your YAML file as follows:
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      apiVersion: storage.k8s.io/v1
-kind: StorageClass
-metadata:
-  name: csi-disk-ssd
-  annotations:
-    storageclass.kubernetes.io/is-default-class: "true"   # Specify the default StorageClass in a cluster. There can only be one default StorageClass per cluster.
-parameters:
-  csi.storage.k8s.io/csi-driver-name: disk.csi.everest.io
+  name: csi-local-test
+  annotations:
+    storageclass.kubernetes.io/is-default-class: "false"   # (Optional) Specify the default StorageClass in a cluster. Only one default StorageClass is allowed per cluster.
+provisioner: everest-csi-provisioner
+parameters:
+  csi.storage.k8s.io/csi-driver-name: local.csi.everest.io
   csi.storage.k8s.io/fstype: ext4
-  everest.io/disk-volume-type: SSD
-  everest.io/passthrough: "true"
-provisioner: everest-csi-provisioner
-reclaimPolicy: Delete
-volumeBindingMode: Immediate
-allowVolumeExpansion: true
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      Run the kubectl create command to create a StorageClass and then check it.
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      # kubectl create -f ssd.yaml
-storageclass.storage.k8s.io/csi-disk-ssd created
-# kubectl get sc
-NAME                     PROVISIONER                     AGE
-csi-disk                 everest-csi-provisioner         17d
-csi-disk-sas             everest-csi-provisioner         114m
-csi-disk-ssd (default)   everest-csi-provisioner         9s
-csi-disk-topology        everest-csi-provisioner         17d
-csi-nas                  everest-csi-provisioner         17d
-csi-obs                  everest-csi-provisioner         17d
-csi-sfsturbo             everest-csi-provisioner         17d
                                                                                                                                                                                                      
+  volume-type: persistent
+reclaimPolicy: Delete
+volumeBindingMode: WaitForFirstConsumer
+
+
                                                                                                                                                                                                      
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                      Table 9 Parameters
                                                                                                                                                                                                      Parameter
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Description
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      metadata.annotations.storageclass.kubernetes.io/is-default-class
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The default StorageClass. Configure only one default StorageClass per cluster. If multiple default StorageClasses exist, CCE will not report an error, but the behavior may be unpredictable.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      • true: The current StorageClass is the default one. If StorageClassName is not explicitly specified when you create a PVC, CCE will use the default StorageClass.
                                                                                                                                                                                                      • false or not set: The current StorageClass is not the default one.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      provisioner
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The storage resource provisioner. CCE storage is provided by Everest. You can only enter everest-csi-provisioner.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      parameters
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The configuration parameters of a StorageClass. For details, see Table 10.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      reclaimPolicy
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The policy for reclaiming the underlying storage when the PVC is deleted. For details, see PV Reclaim Policy. If this parameter is not specified, the default value Delete will be used.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      • Delete: When a PVC is deleted, its associated underlying storage resources will be deleted and the PV resources will be removed. Exercise caution if you select this option.
                                                                                                                                                                                                      • Retain: When a PVC is deleted, both of the PV and its associated underlying storage resources will be retained and the PV is marked as released. If you manually delete the PV afterwards, the underlying storage resources will not be deleted. To bind the PV to a new PVC, you need to remove the original binding information from the PV.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      volumeBindingMode
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      How a volume is bound when a PV is dynamically created. The value can be Immediate or WaitForFirstConsumer. Local PVs support only WaitForFirstConsumer.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      • Immediate: When a PVC is created, the storage resources and PV are created and bound to the PVC immediately, without delay.
                                                                                                                                                                                                      • WaitForFirstConsumer: When a PVC is created, it is not immediately bound to a PV. Instead, the storage resources and PV are created and bound to the PVC only after the pod that requires the PVC is scheduled.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      
+
+
                                                                                                                                                                                                      
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                      Table 10 Parameters
                                                                                                                                                                                                      Parameter
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Mandatory
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Description
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      csi.storage.k8s.io/csi-driver-name
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Yes
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The driver type. If a local PV is used, the parameter value is fixed at local.csi.everest.io.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      csi.storage.k8s.io/fstype
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Yes
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The file system type. The value can only be ext4.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      volume-type
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Yes
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The volume type. The value can only be persistent.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      
+
                                                                                                                                                                                                    3. Create the StorageClass.
                                                                                                                                                                                                      kubectl apply -f dss-storageclass.yaml
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Information similar to the following is displayed:
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      storageclass.storage.k8s.io/csi-local-test created
                                                                                                                                                                                                      
+
                                                                                                                                                                                                    4. Check details of csi-local-test.
                                                                                                                                                                                                      kubectl describe sc csi-local-test
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Information similar to the following is displayed:
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Name:            csi-local-test
+IsDefaultClass:  No
+Annotations:     kubectl.kubernetes.io/last-applied-configuration={"apiVersion":"storage.k8s.io/v1","kind":"StorageClass","metadata":{"annotations":{"storageclass.kubernetes.io/is-default-class":"false"},...
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      5. 
+
+
                                                                                                                                                                                                      Applications of Custom StorageClasses
                                                                                                                                                                                                      The following provides typical applications of custom StorageClasses:
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      • Meeting customized requirements and simplifying batch operations: You can customize parameters such as reclaimPolicy and volumeBindingMode to flexibly meet diverse service needs. This avoids the need for repeated parameter configuration when batch-creating PVCs, thereby simplifying the operation process and improving management efficiency.
                                                                                                                                                                                                      • Supporting smooth migration and reducing modification costs: When migrating from a custom-built Kubernetes cluster or Kubernetes services of another cloud vendor to CCE, you can create a StorageClass with the same name as that in the original environment. This allows the storageClassName in the YAML file or Helm chart to remain unchanged, effectively avoiding the operational burden and error risks associated with manually modifying a large number of configurations. For example, if the StorageClass used before the migration is named disk-standard, you can copy the YAML file of the StorageClass csi-disk, change its name to disk-standard, and create the StorageClass again.
                                                                                                                                                                                                      • Setting the default StorageClass: When creating a StorageClass, you can set it as the default by using metadata.annotations.storageclass.kubernetes.io/is-default-class. After the setting, you do not need to explicitly specify storageClassName when creating a PVC. CCE will automatically use the default StorageClass, simplifying resource declaration.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Helpful Links
                                                                                                                                                                                                      Before using a new StorageClass, you only need to specify it in the storageClassName field of the target PVC. The parameter settings of the StorageClass will be used by default. If there are conflicts between the StorageClass settings and those specified in the PVC, the PVC's settings will take precedence.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      To simplify the manual creation and maintenance of PVs, see the following resources:
                                                                                                                                                                                                      
+
 
                                                                                                                                                                                                      
 
 
                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_10_0381.html b/docs/cce/umn/cce_10_0381.html
index 9a104dec7..52b5d8377 100644
--- a/docs/cce/umn/cce_10_0381.html
+++ b/docs/cce/umn/cce_10_0381.html
@@ -1,8 +1,8 @@
 
 
 
                                                                                                                                                                                                      Snapshots and Backups
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      CCE works with EVS to support snapshots. A snapshot is a complete copy or image of EVS disk data at a certain point of time, which can be used for data DR.
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      You can create snapshots to rapidly save the disk data at a certain point of time. In addition, you can use snapshots to create disks so that the created disks will contain the snapshot data in the beginning.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      CCE works with EVS to support snapshots. A snapshot is a complete copy or image of EVS disk data at a specific time, which can be used for data DR.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      You can create snapshots to rapidly save the disk data at a specific time. In addition, you can use snapshots to create disks so that the created disks will contain the snapshot data in the beginning.
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      Precautions
                                                                                                                                                                                                      • The snapshot function is available only for clusters of v1.15 or later and requires the CSI-based Everest add-on.
                                                                                                                                                                                                      • The subtype (common I/O, high I/O, or ultra-high I/O), disk mode (VBD or SCSI), data encryption, sharing status, and capacity of an EVS disk created from a snapshot must be the same as those of the disk associated with the snapshot. These attributes cannot be modified after being checked or configured.
                                                                                                                                                                                                      • Snapshots can be created only for EVS disks that are available or in use, and a maximum of seven snapshots can be created for a single EVS disk.
                                                                                                                                                                                                      • Snapshots can be created only for PVCs created using the storage class (whose name starts with csi) provided by the Everest add-on. Snapshots cannot be created for PVCs created using the FlexVolume storage class whose name is ssd, sas, or sata.
                                                                                                                                                                                                      • Snapshot data of encrypted disks is stored encrypted, and that of non-encrypted disks is stored non-encrypted.
                                                                                                                                                                                                      • A PVC of the xfs file system type can generate snapshots. The file system of the disk associated with the PVC created using these snapshots remains xfs.
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      Application Scenarios
                                                                                                                                                                                                      The snapshot feature helps address your following needs:
                                                                                                                                                                                                      
@@ -14,40 +14,83 @@
 
                                                                                                                                                                                                    5. Rapid deployment of multiple services
                                                                                                                                                                                                      You can use a snapshot to create multiple EVS disks containing the same initial data, and these disks can be used as data resources for various services, for example, data mining, report query, and development and testing. This method protects the initial data and creates disks rapidly, meeting the diversified service data requirements.
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      6. 
 
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      Creating a Snapshot
                                                                                                                                                                                                      Using the CCE console
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      1. Log in to the CCE console.
                                                                                                                                                                                                      2. Click the cluster name to go to the cluster console. Choose Storage in the navigation pane. In the right pane, click the Snapshots and Backups tab.
                                                                                                                                                                                                      3. Click Create Snapshot in the upper right corner. In the dialog box displayed, set related parameters.
                                                                                                                                                                                                        • Snapshot Name: Enter a snapshot name.
                                                                                                                                                                                                        • Storage: Select an EVS PVC.
                                                                                                                                                                                                        
-
                                                                                                                                                                                                      4. Click Create.
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      Using YAML
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      kind: VolumeSnapshot
+
                                                                                                                                                                                                      Creating a Snapshot Through the Console
                                                                                                                                                                                                      1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                      2. In the navigation pane, choose Storage. Then, click the Snapshots and Backups tab on the right.
                                                                                                                                                                                                      3. Click Create Snapshot in the upper right corner. In the dialog box displayed, configure parameters.
                                                                                                                                                                                                        • Snapshot Name: Enter a snapshot name.
                                                                                                                                                                                                        • Storage: Select a PVC. Only the EVS type is available.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                      4. Click Create.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Creating a Snapshot Using kubectl
                                                                                                                                                                                                      1. Use kubectl to access the cluster.
                                                                                                                                                                                                      2. Create snapshot.yaml for a snapshot. The file name is customizable.
                                                                                                                                                                                                        vim snapshot.yaml
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        The file content is as follows:
                                                                                                                                                                                                        kind: VolumeSnapshot
 apiVersion: snapshot.storage.k8s.io/v1beta1
 metadata:
-  name: cce-disksnap-test   # Snapshot name
+  name: cce-disksnap-test   # The snapshot name, which is customizable
   namespace: default
 spec:
   source:
-    persistentVolumeClaimName: pvc-evs-test     # PVC name. Only an EVS PVC can be selected.
+    persistentVolumeClaimName: pvc-evs-test     # The PVC name. Only EVS PVCs can be selected.
   volumeSnapshotClassName: csi-disk-snapclass
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        Using a Snapshot to Create a PVC
                                                                                                                                                                                                        The disk type, encryption setting, and disk mode of the created EVS PVC are consistent with those of the snapshot's source EVS disk.
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        Using the CCE console
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        1. Log in to the CCE console.
                                                                                                                                                                                                        2. Click the cluster name to go to the cluster console. Choose Storage in the navigation pane. In the right pane, click the Snapshots and Backups tab.
                                                                                                                                                                                                        3. Locate the snapshot that you want to use for creating a PVC, click Create PVC, and configure PVC parameters in the displayed dialog box.
                                                                                                                                                                                                          • PVC Name: Enter a PVC name.
                                                                                                                                                                                                          • Storage Volume Name Prefix: specifies the prefix for the name of the underlying storage that is automatically created. The actual underlying storage name is in the format of "PV name prefix + PVC UID". This parameter is optional. If left blank, the default prefix pvc will be used. For example, if the storage volume name prefix is set to test, the actual underlying storage name is test-{UID}.
                                                                                                                                                                                                            This parameter is available only when the cluster version is v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later, and Everest of v2.4.15 or later is installed in the cluster.
                                                                                                                                                                                                            
-
                                                                                                                                                                                                          • Resource Tag: You can add resource tags to classify resources, which is supported only when the Everest version in the cluster is 2.1.39 or later.
                                                                                                                                                                                                            You can create predefined tags on the TMS console. These tags are available to all resources that support tags. You can use these tags to improve the tag creation and resource migration efficiency. 
                                                                                                                                                                                                            
-
                                                                                                                                                                                                            CCE automatically creates system tags CCE-Cluster-ID={Cluster ID}, CCE-Cluster-Name={Cluster name}, and CCE-Namespace={Namespace name}. These tags cannot be modified.
                                                                                                                                                                                                            
-
                                                                                                                                                                                                          
-
                                                                                                                                                                                                        4. Click Create.
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        Using YAML
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        apiVersion: v1
+
                                                                                                                                                                                                      3. Create the snapshot. Parameter -n indicates the namespace. You can replace default with the target namespace.
                                                                                                                                                                                                        kubectl apply -f snapshot.yaml -n default
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        Information similar to the following is displayed:
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        volumesnapshot.snapshot.storage.k8s.io/cce-disksnap-test created
                                                                                                                                                                                                        
+
                                                                                                                                                                                                      4. Check whether the snapshot has been created.
                                                                                                                                                                                                        kubectl get volumesnapshot -n default    
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        If the value of READYTOUSE is true, the snapshot has been created.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        NAME                 READYTOUSE    SOURCEPVC       SOURCESNAPSHOTCONTENT     RESTORESIZE   SNAPSHOTCLASS         ...  
+cce-disksnap-test    true          pvc-evs-test    <none>                    10Gi          csi-disk-snapclass    ...     
                                                                                                                                                                                                        
+
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Creating a PVC Through the Console
                                                                                                                                                                                                      After creating a snapshot, you can use it to create an EVS PVC. The operations described in this section are performed through the console. Ensure the disk type, encryption setting, and disk mode are consistent with those of the snapshot's source EVS disk.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                      2. In the navigation pane, choose Storage. Then, click the Snapshots and Backups tab on the right.
                                                                                                                                                                                                      3. Locate the snapshot that you want to use for creating a PVC, click Create PVC, and configure PVC parameters in the displayed dialog box.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                        Table 1 PVC parameters
                                                                                                                                                                                                        Parameter
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        Example Value
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        Description
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        PVC Name
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        pvc-test
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        The PVC name.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        Enter 1 to 63 characters, including the prefix. Use only lowercase letters, digits, and hyphens (-). Do not start or end with a hyphen.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        (Optional) Storage Volume Name Prefix
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        N/A
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        The name prefix for the underlying storage that is automatically created. The actual underlying storage name will be in the format of "Storage volume name prefix + PVC UID". If this parameter is left blank, the default prefix pvc will be used. For example, if the storage volume name prefix is set to test, the actual underlying storage name will be test-{UID}.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        This parameter is available only when the cluster version is v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later, and Everest of v2.4.15 or later is installed in the cluster.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        Resource Tag
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        N/A
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        You can add resource tags to classify resources. This function is available only when the Everest version in the cluster is 2.1.39 or later.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        You can create predefined tags on the TMS console. These tags are available to all resources that support tags. You can use these tags to improve the tag creation and resource migration efficiency. 
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        CCE automatically creates system tags CCE-Cluster-ID=<cluster-ID>, CCE-Cluster-Name=<cluster-name>, and CCE-Namespace=<namespace-name>. These tags cannot be modified.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        
+
                                                                                                                                                                                                      4. Click Create.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Creating a PVC Using kubectl
                                                                                                                                                                                                      After creating a snapshot, you can use it to create an EVS PVC. The operations described in this section are performed using kubectl. Ensure the disk type, encryption setting, and disk mode are consistent with those of the snapshot's source EVS disk.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      1. Use kubectl to access the cluster.
                                                                                                                                                                                                      2. Create pvc-test.yaml and use a snapshot to create a PVC. The file name is customizable.
                                                                                                                                                                                                        vim pvc-test.yaml
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        The file content is as follows (For details about PVCs, see Dynamically Creating an EVS Disk Using kubectl):
                                                                                                                                                                                                        apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
-  name: pvc-test
+  name: pvc-test
   namespace: default
   annotations:
-    everest.io/disk-volume-type: SSD     # EVS disk type, which must be the same as that of the snapshot's source EVS disk.
-    everest.io/disk-volume-tags: '{"key1":"value1","key2":"value2"}' # (Optional) Custom resource tags
+    everest.io/disk-volume-type: SSD     # EVS disk type, which must be the same as that of the snapshot's source EVS disk.
+    everest.io/disk-volume-tags: '{"key1":"value1","key2":"value2"}' # (Optional) Custom resource tags
     csi.storage.k8s.io/fstype: xfs    # (Optional) Configure this field when the snapshot file system is of the xfs type.
   labels:
-    failure-domain.beta.kubernetes.io/region: <your_region>   # Replace the region with the one where the EVS disk is located.
-    failure-domain.beta.kubernetes.io/zone: <your_zone>       # Replace the AZ with the one where the EVS disk is located.
+    failure-domain.beta.kubernetes.io/region: <your_region>   # Region where the EVS disk is located
+    failure-domain.beta.kubernetes.io/zone: <your_zone>       # AZ where the EVS disk is located
 spec:
   accessModes:
   - ReadWriteOnce
@@ -55,15 +98,24 @@ spec:
     requests:
       storage: 10Gi
   storageClassName: csi-disk
-  dataSource:
-    name: cce-disksnap-test             # Snapshot name
-    kind: VolumeSnapshot
-    apiGroup: snapshot.storage.k8s.io
                                                                                                                                                                                                        
+  dataSource:
+    name: cce-disksnap-test             # The snapshot name
+    kind: VolumeSnapshot
+    apiGroup: snapshot.storage.k8s.io
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      
+
                                                                                                                                                                                                    6. Create the PVC. Parameter -n indicates the namespace. You can replace default with the target namespace.
                                                                                                                                                                                                      kubectl apply -f pvc-test.yaml -n default
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Information similar to the following is displayed:
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      persistentvolumeclaim/pvc-test created
                                                                                                                                                                                                      
+
                                                                                                                                                                                                    7. Check whether the PVC has been created.
                                                                                                                                                                                                      kubectl get pvc pvc-test
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      If STATUS is Bound, the PVC has been created.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      NAME      STATUS   VOLUME                     CAPACITY   ACCESS MODES   STORAGECLASS   AGE
+pvc-test   Bound    pvc-7b9f4c8d-1a2b-3c4d-5e6f-7g8h9i0jkl   10Gi     RWO         csi-disk     1m    
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      8. 
 
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      Parent topic: Elastic Volume Service
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Parent topic: EVS
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      
 
diff --git a/docs/cce/umn/cce_10_0382.html b/docs/cce/umn/cce_10_0382.html
index d528bee70..bee222caf 100644
--- a/docs/cce/umn/cce_10_0382.html
+++ b/docs/cce/umn/cce_10_0382.html
@@ -4,73 +4,85 @@
 
                                                                                                                                                                                                      Scenario
                                                                                                                                                                                                      Bandwidth preemption occurs between different containers deployed on the same node, which may cause service jitter. You can configure bandwidth limitation for the pod to solve this problem.
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      Specifications
                                                                                                                                                                                                      The following table lists the bandwidth limitation specifications of pods.
-
                                                                                                                                                                                                      Specifications
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
+
-
-
-
+
                                                                                                                                                                                                      Specifications
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      Tunnel
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Tunnel Network
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      VPC
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      VPC Network
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      Cloud Native Network 2.0
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Cloud Native Network 2.0
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      Cloud Native Network 2.0 + DataPlane V2
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      VPC + DataPlane V2
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Cloud Native Network 2.0 + DataPlane V2
                                                                                                                                                                                                      
                                                                                                                                                                                                       		
 
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      Supported cluster versions
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Supported cluster versions
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      All versions
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      All versions
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      Clusters of v1.19.10 and later
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Clusters of v1.19.10 and later
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      Clusters of v1.19.10 and later
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Clusters of v1.19.10 and later
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      v1.27.16-r10, v1.28.15-r0, v1.29.10-r0, v1.30.6-r0, or later
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Cluster version: v1.27.16-r30, v1.28.15-r20, v1.29.13-r0, v1.30.10-r0, v1.31.6-r0, or later
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Cluster version: v1.27.16-r10, v1.28.15-r0, v1.29.10-r0, v1.30.6-r0, or later
                                                                                                                                                                                                      
                                                                                                                                                                                                       		
 
                                                                                                                                                                                                      Egress bandwidth limitation
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Egress bandwidth limitation
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      Supported
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Supported
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      Supported
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Supported
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      Supported
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Supported
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      Supported
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Supported
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Supported
                                                                                                                                                                                                      
                                                                                                                                                                                                       		
 
                                                                                                                                                                                                      Ingress bandwidth limitation
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Ingress bandwidth limitation
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      Supported
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Supported
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      Supported
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Supported
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      Supported
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Supported
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      Not supported
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Not supported
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Not supported
                                                                                                                                                                                                      
                                                                                                                                                                                                       		
 
                                                                                                                                                                                                      Scenarios where bandwidth limitation is not supported
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Scenarios where bandwidth limitation is not supported
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      None
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      None
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      None
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      None
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      • Pod access to cloud service CIDR blocks such as 100.125.0.0/16
                                                                                                                                                                                                      • Pod health check
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      • Pod access to cloud service CIDR blocks such as 100.125.0.0/16
                                                                                                                                                                                                      • Pod health check
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      • Pod access to cloud service CIDR blocks such as 100.125.0.0/16
                                                                                                                                                                                                      • Pod health check
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Mutual access between pods on the host node
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      • Pod access to cloud service CIDR blocks such as 100.125.0.0/16
                                                                                                                                                                                                      • Pod health check
                                                                                                                                                                                                      
                                                                                                                                                                                                       		
 
                                                                                                                                                                                                      Bandwidth limitation range
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Bandwidth limitation range
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      Only the rate limit in the unit of Mbit/s or Gbit/s is supported, for example, 100 Mbit/s and 1 Gbit/s. The minimum value is 1 Mbit/s and the maximum value is 4.29 Gbit/s.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Only the rate limit in the unit of Mbit/s or Gbit/s is supported, for example, 100 Mbit/s or 1 Gbit/s. The minimum value is 1 Mbit/s and the maximum value is 4.29 Gbit/s.
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      The minimum value is 1 Kbit/s, and the maximum value is 1 Pbit/s.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The minimum value is 1 kbit/s, and the maximum value is 1 Pbit/s.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      The minimum value is 1 kbit/s, and the maximum value is 1 Pbit/s.
                                                                                                                                                                                                      
                                                                                                                                                                                                       		
 
                                                                                                                                                                                                      
                                                                                                                                                                                                       
 
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      • CCE DataPlane V2 is released with restrictions. To use this feature, submit a service ticket to CCE.
                                                                                                                                                                                                      • After DataPlane V2 network acceleration is enabled, pods on the nodes running HCE OS 2.0 use EDT to limit the egress bandwidth. The ingress bandwidth limitation is not supported. In other network modes, a Token Bucket Filter (TBF) qdisc is used to limit the bandwidth.
                                                                                                                                                                                                      • Pod bandwidth limitation applies to regular containers (runC as the container runtime), not secure containers (Kata Containers as the container runtime).
                                                                                                                                                                                                      • Pod bandwidth limitation does not apply to hostNetwork pods.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      • CCE DataPlane V2 is released with restrictions. To use this feature, submit a service ticket to CCE.
                                                                                                                                                                                                      • After DataPlane V2 network acceleration is enabled, pods on the nodes running HCE OS 2.0 use EDT to limit the egress bandwidth. The ingress bandwidth limitation is not supported. In other network modes, a Token Bucket Filter (TBF) qdisc is used to limit the bandwidth.
                                                                                                                                                                                                      • Pod bandwidth limitation applies to regular containers (runC as the container runtime), not secure containers (Kata Containers as the container runtime).
                                                                                                                                                                                                      • Pod bandwidth limitation does not apply to hostNetwork pods.
                                                                                                                                                                                                      
 
 
 
                                                                                                                                                                                                      Using the CCE Console
                                                                                                                                                                                                      When creating a workload on the console, you can set pod ingress and egress bandwidth limits by clicking Network Configuration in the Advanced Settings area.
                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_10_0384.html b/docs/cce/umn/cce_10_0384.html
index 74923d722..468570909 100644
--- a/docs/cce/umn/cce_10_0384.html
+++ b/docs/cce/umn/cce_10_0384.html
@@ -2,9 +2,9 @@
 
 
                                                                                                                                                                                                      Dynamic Resource Oversubscription
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      Many services see surges in traffic. To ensure performance and stability, resources are often requested at the maximum needed. However, the surges may ebb very shortly and resources, if not released, are wasted in non-peak hours. Especially for online jobs that request a large quantity of resources to ensure SLA, resource utilization can be as low as it gets.
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      Resource oversubscription is the process of making use of idle requested resources. Oversubscribed resources are suitable for deploying offline jobs, which focus on throughput but have low SLA requirements and can tolerate certain failures.
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Resource oversubscription is the process of using idle requested resources. Oversubscribed resources are suitable for deploying offline jobs, which focus on throughput but have low SLA requirements and can tolerate certain failures.
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      Hybrid deployment of online and offline jobs in a cluster can better utilize cluster resources.
                                                                                                                                                                                                      
-
                                                                                                                                                                                                      Figure 1 Resource oversubscription
                                                                                                                                                                                                      
+
                                                                                                                                                                                                      Figure 1 Resource oversubscription
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      Features
                                                                                                                                                                                                       
                                                                                                                                                                                                      After dynamic resource oversubscription and elastic scaling are enabled in a node pool, oversubscribed resources change rapidly because the resource usage of high-priority applications changes in real time. To prevent frequent node scale-ins and scale-outs, do not consider oversubscribed resources when evaluating node scale-ins.
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      
 
                                                                                                                                                                                                      Hybrid deployment is supported, and CPU and memory resources can be oversubscribed. The key features are as follows:
                                                                                                                                                                                                      
@@ -15,8 +15,8 @@
 
                                                                                                                                                                                                      • In the same scheduling period, online jobs take precedence over offline jobs.
                                                                                                                                                                                                        If both online and offline jobs exist, online jobs are scheduled first. When the node resource usage exceeds the upper limit and the node requests exceed 100%, offline jobs will be evicted.
                                                                                                                                                                                                        
 
                                                                                                                                                                                                      • CPU/Memory resources can be isolation by kernel.
                                                                                                                                                                                                        CPU isolation: Online jobs can quickly preempt CPU resources of offline jobs and suppress the CPU usage of the offline jobs.
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        Memory isolation: When system memory resources are used up and OOM Kill is triggered, the kernel evicts offline jobs first.
                                                                                                                                                                                                        
-
                                                                                                                                                                                                      • kubelet offline jobs obey the following admission rules:
                                                                                                                                                                                                        After the pod is scheduled to a node, kubelet starts the pod only when the node resources can meet the pod request (predicateAdmitHandler.Admit). kubelet starts the pod when both of the following conditions are met:
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        • The total request of pods to be started and online running jobs < allocatable nodes
                                                                                                                                                                                                        • The total request of pods to be started and online/offline running job < allocatable nodes+oversubscribed nodes
                                                                                                                                                                                                        
+
                                                                                                                                                                                                      • kubelet offline jobs obey the following admission rules:
                                                                                                                                                                                                        After a pod is scheduled to a node, kubelet starts the pod only when the node resources can meet the pod request (predicateAdmitHandler.Admit). kubelet starts the pod when both of the following conditions are met:
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        • The sum of resources requested by the pod to be started and by online running jobs is less than the node's allocatable resources.
                                                                                                                                                                                                        • The sum of resources requested by the pod to be started and by online/offline running jobs is less than the sum of the node's allocatable resources and oversubscribed resources.
                                                                                                                                                                                                        
 
                                                                                                                                                                                                      • Resource oversubscription and hybrid deployment can be configured separately.
                                                                                                                                                                                                        Enabling hybrid deployment of a node pool also enables oversubscription by default. Nodes are then labeled with both volcano.sh/colocation="true" and volcano.sh/oversubscription="true". To use hybrid deployment for both online and offline jobs without oversubscription, simply disable oversubscription in hybrid deployment settings. This will remove the volcano.sh/oversubscription="true" label.
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        The following table lists the features that can be used after hybrid deployment or oversubscription is enabled.
 
                                                                                                                                                                                                        Hybrid Deployment
                                                                                                                                                                                                        
@@ -70,17 +70,18 @@
 
 
 
+
                                                                                                                                                                                                        Scenario constraints: Hybrid task deployment and resource oversubscription enable clusters to use compute resources more efficiently and balance resource allocation during peak and off-peak hours. This improves overall resource utilization and reduces O&M costs. With intelligent resource scheduling, CCE can handle burst resource surges, such as online service surges. For example, with a CPU QoS policy, CCE prioritizes compute resources for online tasks to ensure the stable running of key services. When memory usage temporarily increases, the underlying OS automatically reclaims memory, prioritizing the memory used by inactive data such as page cache of offline services. This may cause slight node performance fluctuations. CCE dynamically adjusts task running statuses based on resource pressure, quickly restoring overall services to a stable state. This achieves a balance between service continuity and resource efficiency.
                                                                                                                                                                                                        
 
 
                                                                                                                                                                                                        Compatible kubelet Oversubscription
                                                                                                                                                                                                         
                                                                                                                                                                                                        Specifications
                                                                                                                                                                                                        • Cluster version
                                                                                                                                                                                                          • v1.19: v1.19.16-r4 or later
                                                                                                                                                                                                          • v1.21: v1.21.7-r0 or later
                                                                                                                                                                                                          • v1.23: v1.23.5-r0 or later
                                                                                                                                                                                                          • v1.25 or later
                                                                                                                                                                                                          
 
                                                                                                                                                                                                        • Cluster type: CCE standard or Turbo
                                                                                                                                                                                                        • Node OS: EulerOS 2.9 (kernel-4.18.0-147.5.1.6.h729.6.eulerosv2r9.x86_64) or HCE OS 2.0
                                                                                                                                                                                                        • Node type: ECS
                                                                                                                                                                                                        • Volcano version: 1.7.0 or later
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        Constraints
                                                                                                                                                                                                        • Before enabling oversubscription, ensure that the overcommit add-on is not enabled on Volcano.
                                                                                                                                                                                                        • Modifying the label of an oversubscribed node does not affect the running pods.
                                                                                                                                                                                                        • Running pods cannot be converted between online and offline services. To convert services, rebuild pods.
                                                                                                                                                                                                        • If the label volcano.sh/oversubscription=true is configured for a node in the cluster, the oversubscription configuration must be added to the Volcano add-on. Otherwise, the scheduling of oversold nodes will be abnormal. Ensure that you have correctly configure labels because the scheduler does not check the add-on and node configurations. For details, see Table 1.
                                                                                                                                                                                                        • To disable oversubscription, perform the following operations:
                                                                                                                                                                                                          • Remove the volcano.sh/oversubscription label from the oversubscribed node.
                                                                                                                                                                                                          • Modify the configmap of Volcano Scheduler named volcano-scheduler-configmap and remove the oversubscription add-on.
                                                                                                                                                                                                          
-
                                                                                                                                                                                                        • If you have set cpu-manager-policy to statically bind CPU cores on a node, do not assign the QoS class of Guaranteed to offline pods. This is because offline pods may occupy the CPUs of online pods, leading to an online pod startup failure and offline pods failing to start even though they have been successfully scheduled. To prevent this, switch the pods to online pods if CPU core binding is required.
                                                                                                                                                                                                        • If cpu-manager-policy is set to static CPU core binding on a node, do not bind CPU cores to all online pods. This is because doing so can cause online pods to occupy all available CPU or memory resources, leaving only a small number of oversubscribed resources.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        Constraints
                                                                                                                                                                                                        • Before enabling oversubscription, ensure that the overcommit add-on is not enabled on Volcano.
                                                                                                                                                                                                        • Modifying the label of an oversubscribed node does not affect the running pods.
                                                                                                                                                                                                        • Running pods cannot be converted between online and offline services. To convert services, rebuild pods.
                                                                                                                                                                                                        • If the label volcano.sh/oversubscription=true is configured for a node in the cluster, the oversubscription configuration must be added to the Volcano add-on. Otherwise, the scheduling of oversold nodes will be abnormal. Ensure that you have correctly configured labels, as the scheduler does not check the add-on and node configurations. For details, see Table 1.
                                                                                                                                                                                                        • To disable oversubscription, perform the following operations:
                                                                                                                                                                                                          • Remove the volcano.sh/oversubscription label from the oversubscribed node.
                                                                                                                                                                                                          • Modify the configmap of Volcano Scheduler named volcano-scheduler-configmap and remove the oversubscription add-on.
                                                                                                                                                                                                          
+
                                                                                                                                                                                                        • If you have configured the cpu-manager-policy to statically pin CPU cores on a node, do not assign the QoS class Guaranteed to offline pods. This is because offline pods may occupy CPU cores intended for online pods, potentially causing online pod startup failures and preventing offline pods from starting even after successful scheduling. To prevent this, switch the offline pods to online pods if CPU pinning is required.
                                                                                                                                                                                                        • If cpu-manager-policy is set to static CPU pinning on a node, do not pin CPU cores to all online pods. This is because doing so can cause online pods to occupy all available CPU or memory resources, leaving only a small number of oversubscribed resources.
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        If the label volcano.sh/oversubscription=true is configured for a node in the cluster, the oversubscription configuration must be added to the Volcano add-on. Otherwise, the scheduling of oversold nodes will be abnormal. For details about the related configuration, see Table 1.
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        Ensure that you have correctly configure labels because the scheduler does not check the add-on and node configurations.
+
                                                                                                                                                                                                        Ensure that you have correctly configured labels, as the scheduler does not check the add-on and node configurations.
 
                                                                                                                                                                                                        Table 1 Configuring oversubscription labels for scheduling
                                                                                                                                                                                                        Oversubscription in Add-on
                                                                                                                                                                                                        
                                                                                                                                                                                                         		
 
                                                                                                                                                                                                        Oversubscription Label on Node
                                                                                                                                                                                                        
@@ -217,7 +218,7 @@ preemptionPolicy: PreemptLowerPriority
 value: -90000
  
 EOF
-
                                                                                                                                                                                                      • Deploy online and offline jobs and configure PriorityClasses for these jobs.
                                                                                                                                                                                                        The volcano.sh/qos-level annotation needs to be added to distinguish offline jobs. The value is an integer ranging from -7 to 7. If the value is less than 0, the job is an offline job. If the value is greater than or equal to 0, the job is an online job. You do not need to set this annotation for online jobs. For both online and offline jobs, set schedulerName to volcano to enable Volcano.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                      • Deploy online and offline jobs and configure PriorityClasses for these jobs.
                                                                                                                                                                                                        The volcano.sh/qos-level annotation needs to be added to distinguish offline jobs. The value is an integer ranging from -7 to 7. If the value is less than 0, the job is an offline job. If the value is greater than or equal to 0, the job is an online job. You do not need to set this annotation for online jobs. For both online and offline jobs, set schedulerName to volcano to enable Volcano.
                                                                                                                                                                                                        
 
                                                                                                                                                                                                         
                                                                                                                                                                                                        The priorities between online jobs and between offline jobs are not differentiated, and the value validity is not verified. If the value of volcano.sh/qos-level of an offline job is not a negative integer ranging from -7 to 0, the job is processed as an online job.
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        For an offline job:
                                                                                                                                                                                                        
@@ -265,14 +266,14 @@ Allocated resources:
   --------           --------      ------
   cpu                 4950m (126%)  4950m (126%)
   memory             1712Mi (27%)  1712Mi (27%)
-
                                                                                                                                                                                                        In the preceding command, CPU and memory are in the unit of m CPU cores and MiB, respectively.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        In the preceding command, CPU and memory are in the unit of m CPU cores and bytes, respectively.
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        • 
 
                                                                                                                                                                                                        Deployment Example
                                                                                                                                                                                                        The following uses an example to describe how to deploy online and offline jobs in hybrid mode.
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        1. Configure a cluster with two nodes, one oversubscribed and the other non-oversubscribed.
                                                                                                                                                                                                          # kubectl get node
 NAME           STATUS   ROLES    AGE    VERSION
 192.168.0.173   Ready    <none>   4h58m   v1.19.16-r2-CCE22.5.1
 192.168.0.3     Ready    <none>   148m    v1.19.16-r2-CCE22.5.1
                                                                                                                                                                                                          
-
                                                                                                                                                                                                          • 192.168.0.173 is an oversubscribed node (with the volcano.sh/oversubscription=true label).
                                                                                                                                                                                                          • 192.168.0.3 is a non-oversubscribed node (without the volcano.sh/oversubscription=true label).
                                                                                                                                                                                                          
+
                                                                                                                                                                                                          • 192.168.0.173 is an oversubscribed node (with the volcano.sh/oversubscription=true label).
                                                                                                                                                                                                          • 192.168.0.3 is a non-oversubscribed node (without the volcano.sh/oversubscription=true label).
                                                                                                                                                                                                          
 
                                                                                                                                                                                                          # kubectl describe node 192.168.0.173
 Name:               192.168.0.173
 Roles:              <none>
@@ -400,7 +401,7 @@ offline-69cdd49bf4-z8kxh  1/1     Running     0      13m   192.168.10.131   192.
 online-6f44bb68bd-b8z9p  1/1     Running     0     3m4s   192.168.10.18   192.168.0.173 
 online-6f44bb68bd-g6xk8  1/1     Running     0     3m12s   192.168.10.69   192.168.0.173
                                                                                                                                                                                                          
 
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        Check the oversubscribed node with IP address 192.168.0.173. It is found that resources are oversubscribed, where there are 2343m CPU cores and 3073653200 MiB of memory. Additionally, the CPU allocation rate exceeded 100%.
                                                                                                                                                                                                        # kubectl describe node 192.168.0.173
+
                                                                                                                                                                                                        Check the oversubscribed node with IP address 192.168.0.173. It is found that resources are oversubscribed, where there are 2343m CPU cores and 3073653200 bytes of memory. Additionally, the CPU allocation rate exceeded 100%.
                                                                                                                                                                                                        # kubectl describe node 192.168.0.173
 Name:              192.168.0.173
 Roles:              <none>
 Labels:              …
diff --git a/docs/cce/umn/cce_10_0385.html b/docs/cce/umn/cce_10_0385.html
index 7905d98be..2ee01285e 100644
--- a/docs/cce/umn/cce_10_0385.html
+++ b/docs/cce/umn/cce_10_0385.html
@@ -1,8 +1,33 @@
 
 
-
                                                                                                                                                                                                        Configuring LoadBalancer Services Using Annotations
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        You can add annotations to a YAML file to use some CCE advanced functions. This section describes the available annotations when a LoadBalancer service is created.
                                                                                                                                                                                                        
-
+
                                                                                                                                                                                                        Configuring Advanced Load Balancing Functions Using Annotations
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        You can add annotations to a YAML file to use some advanced CCE functions. This section describes the available annotations when a LoadBalancer Service is created.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        Indexes
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                        Category
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        ELB Annotation
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        Load balancer configuration
                                                                                                                                                                                                        
+                                                                                                                                                                                                        		
+
                                                                                                                                                                                                        Port or protocol configuration
                                                                                                                                                                                                        
+                                                                                                                                                                                                        		
+
                                                                                                                                                                                                        Advanced features of ELB listeners
                                                                                                                                                                                                        
+                                                                                                                                                                                                        		
+
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        Interconnection with ELB
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        
@@ -33,7 +58,7 @@
 
@@ -273,7 +301,7 @@ metadata:
   name: nginx
   annotations:
     kubernetes.io/elb.id: <your_elb_id>                         # Load balancer ID. Replace it with the actual value.
-    kubernetes.io/elb.class: union                   # Load balancer type
+    kubernetes.io/elb.class: union                   # Load balancer type
     kubernetes.io/elb.health-check-flag: 'on'                   # Enable ELB health check.
     kubernetes.io/elb.health-check-option: '{      "protocol":"TCP",
@@ -319,7 +347,7 @@ spec:
 
@@ -345,7 +373,7 @@ spec:
 
@@ -387,7 +415,7 @@ metadata:
   name: nginx
   annotations:
     kubernetes.io/elb.id: <your_elb_id>                         # Load balancer ID. Replace it with the actual value.
-    kubernetes.io/elb.class: union                   # Load balancer type
+    kubernetes.io/elb.class: union                   # Load balancer type
     kubernetes.io/elb.adaptive-weight: 'true'                   # Enable dynamic adjustment of the weight of the backend ECS.
 spec:
   selector: 
@@ -443,7 +471,7 @@ spec:
 
                                                                                                                                                                                                        Table 1 Annotations for interconnecting with ELB
                                                                                                                                                                                                        Parameter
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        Mandatory when an existing load balancer is associated.
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        ID of a load balancer.
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        How to obtain:
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        On the management console, click Service List, and choose Networking > Elastic Load Balance. Click the name of the target load balancer. On the Summary tab page, find and copy the ID.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        Log in to the ELB console and click the load balancer name. On the Summary tab of the load balancer details page, find the ID field and copy it.
                                                                                                                                                                                                        
 
                                                                                                                                                                                                         NOTE: 
                                                                                                                                                                                                        The system preferentially connects to the load balancer based on the kubernetes.io/elb.id field. If this field is not specified, the spec.loadBalancerIP field is used (optional and available only in 1.23 and earlier versions).
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        Do not use the spec.loadBalancerIP field to connect to the load balancer. This field will be discarded by Kubernetes. For details, see Deprecation.
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        
@@ -46,7 +71,10 @@
 
                                                                                                                                                                                                        Table 15
                                                                                                                                                                                                        
                                                                                                                                                                                                         		
 
                                                                                                                                                                                                        Mandatory when load balancers are automatically created.
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        Example
                                                                                                                                                                                                        
+
                                                                                                                                                                                                         CAUTION: 
                                                                                                                                                                                                        kubernetes.io/elb.id and kubernetes.io/elb.autocreate cannot be specified concurrently.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        If both annotations are specified in a Service, CCE will use an existing load balancer instead of automatically creating one. If this Service is deleted, the existing load balancer is considered as an automatically created one. If no other resources are associated with the load balancer, the load balancer will also be deleted.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        Example:
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        • Automatically created dedicated load balancer with an EIP bound:
                                                                                                                                                                                                          '{"type":"public","bandwidth_name":"cce-bandwidth-1741230802502","bandwidth_chargemode":"traffic","bandwidth_size":5,"bandwidth_sharetype":"PER","eip_type":"5_bgp","available_zone":["*****"],"elb_virsubnet_ids":["*****"],"l7_flavor_name":"","l4_flavor_name":"L4_flavor.elb.pro.max","vip_subnet_cidr_id":"*****"}'
                                                                                                                                                                                                          
 
                                                                                                                                                                                                        • Automatically created dedicated load balancer with no EIP bound:
                                                                                                                                                                                                          '{"type":"inner","available_zone":["*****"],"elb_virsubnet_ids":["*****"],"l7_flavor_name":"","l4_flavor_name":"L4_flavor.elb.pro.max","vip_subnet_cidr_id":"*****"}'
                                                                                                                                                                                                          
 
                                                                                                                                                                                                        • Automatically created shared load balancer with an EIP bound:
                                                                                                                                                                                                          '{"type":"public","bandwidth_name":"cce-bandwidth-1551163379627","bandwidth_chargemode":"traffic,"bandwidth_size":5,"bandwidth_sharetype":"PER","eip_type":"5_bgp","name":"james"}'
                                                                                                                                                                                                          
@@ -205,7 +233,7 @@ metadata:
   name: nginx
   annotations:
     kubernetes.io/elb.id: <your_elb_id>                         # Load balancer ID. Replace it with the actual value.
-    kubernetes.io/elb.class: union                   # Load balancer type
+    kubernetes.io/elb.class: union                   # Load balancer type
     kubernetes.io/elb.session-affinity-mode: SOURCE_IP          # The sticky session type is source IP address.
     kubernetes.io/elb.session-affinity-option: '{"persistence_timeout": "30"}'     # Stickiness duration, which is measured in minutes
 spec:
@@ -236,7 +264,7 @@ spec:
 
                                                                                                                                                                                                        		
 
                                                                                                                                                                                                        Whether to enable the ELB health check.
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        • Enabling health check: Leave this parameter blank or set it to on.
                                                                                                                                                                                                        • Disabling health check: Set this parameter to off.
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        If this parameter is enabled, the kubernetes.io/elb.health-check-option field must also be specified.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        If this parameter is set to on, you must specify kubernetes.io/elb.health-check-option or kubernetes.io/elb.health-check-options.
                                                                                                                                                                                                        
                                                                                                                                                                                                         		
 
                                                                                                                                                                                                        v1.9 or later
                                                                                                                                                                                                        
                                                                                                                                                                                                         		
 
                                                                                                                                                                                                        String
                                                                                                                                                                                                        
                                                                                                                                                                                                         		
 
                                                                                                                                                                                                        ID of an ELB certificate, which is used as the HTTPS server certificate.
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        To obtain the certificate, log in to the CCE console, choose Service List > Networking > Elastic Load Balance, and click Certificates in the navigation pane. In the load balancer list, copy the ID under the target certificate name.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        How to obtain: Log in to the ELB console and choose Certificates. In the load balancer list, copy the ID under the target certificate name.
                                                                                                                                                                                                        
                                                                                                                                                                                                         		
 
                                                                                                                                                                                                        v1.19.16 or later
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        String
                                                                                                                                                                                                        
                                                                                                                                                                                                         		
 
                                                                                                                                                                                                        In ELB, the IDs of SNI certificates that must contain a domain name are separated by commas (,).
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        To obtain the certificate, log in to the CCE console, choose Service List > Networking > Elastic Load Balance, and click Certificates in the navigation pane. In the load balancer list, copy the ID under the target certificate name.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        How to obtain: Log in to the ELB console and choose Certificates. In the load balancer list, copy the ID under the target certificate name.
                                                                                                                                                                                                        
                                                                                                                                                                                                         		
 
                                                                                                                                                                                                        v1.23.13-r0, v1.25.8-r0, v1.27.5-r0, v1.28.3-r0, or later
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        • If this parameter is not specified, CCE does not modify access control on the ELB.
                                                                                                                                                                                                        • If this parameter is left empty, all IP addresses are allowed to access the load balancer.
                                                                                                                                                                                                        • If this parameter is set to the IP address group ID of the load balancer, access control is enabled and you need to configure an IP address blocklist or trustlist for the load balancer. Additionally, you need to configure both kubernetes.io/elb.acl-status and kubernetes.io/elb.acl-type.
                                                                                                                                                                                                           NOTE: 
                                                                                                                                                                                                          For clusters of v1.25.16-r10, v1.27.16-r10, v1.28.15-r0, v1.29.10-r0, v1.30.6-r0, v1.31.1-r0, or later, when using a dedicated load balancer, you can select a maximum of five IP address groups at a time, separated by commas (,).
                                                                                                                                                                                                          
 
                                                                                                                                                                                                          
 
                                                                                                                                                                                                          How to obtain:
                                                                                                                                                                                                          
-
                                                                                                                                                                                                          Log in to the console. In the Service List, choose Networking > Elastic Load Balance. On the Network Console, choose Elastic Load Balance > IP Address Groups and copy the ID of the target IP address group. 
                                                                                                                                                                                                          
+
                                                                                                                                                                                                          Log in to the ELB console, choose Elastic Load Balance > IP Address Groups, and copy the ID of the target IP address group. 
                                                                                                                                                                                                          
 
                                                                                                                                                                                                        
                                                                                                                                                                                                         		
 
                                                                                                                                                                                                        v1.23.12-r0, v1.25.7-r0, v1.27.4-r0, v1.28.2-r0, or later
                                                                                                                                                                                                        
@@ -495,7 +523,7 @@ spec:
 
                                                                                                                                                                                                        For details about application scenarios and use cases, see Configuring a Blocklist/Trustlist Access Policy for a LoadBalancer Service.
                                                                                                                                                                                                        
 
 
                                                                                                                                                                                                        Host Network
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        Table 9 Annotations for host network
                                                                                                                                                                                                        Parameter
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        
@@ -509,9 +537,9 @@ spec:
 
-
@@ -525,7 +553,7 @@ metadata:
   name: nginx
   annotations:
     kubernetes.io/elb.id: <your_elb_id>                         # Load balancer ID. Replace it with the actual value.
-    kubernetes.io/elb.class: union                   # Load balancer type
+    kubernetes.io/elb.class: union                   # Load balancer type
     kubernetes.io/hws-hostNetwork: 'true'                     # The load balancer forwards the request to the host network.
 spec:
   selector: 
@@ -682,7 +710,7 @@ spec:
 
-
-
-
@@ -859,7 +886,7 @@ spec:
 
-
diff --git a/docs/cce/umn/cce_10_0386.html b/docs/cce/umn/cce_10_0386.html
index 157ed459c..cad38b9a4 100644
--- a/docs/cce/umn/cce_10_0386.html
+++ b/docs/cce/umn/cce_10_0386.html
@@ -1,91 +1,19 @@
 
                                                                                                                                                                                                        Configuring Labels and Annotations
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        Pod Annotations
                                                                                                                                                                                                        CCE allows you to add annotations to a YAML file to realize some advanced pod functions. The following table describes the annotations you can add.
                                                                                                                                                                                                        
-
-
                                                                                                                                                                                                        Table 9 Annotation for host network
                                                                                                                                                                                                        Parameter
                                                                                                                                                                                                        
                                                                                                                                                                                                         		
 
                                                                                                                                                                                                        Type
                                                                                                                                                                                                        
                                                                                                                                                                                                         		
 
                                                                                                                                                                                                        String
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        If the pod uses hostNetwork, the ELB forwards the request to the host network after this annotation is used.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        This annotation can be used by the Service only if the pod uses the host network. After this annotation is used, ELB forwards requests to the host network.
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        Options:
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        • true: enabled
                                                                                                                                                                                                        • false (default): disabled
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        • true: enabled
                                                                                                                                                                                                        • false (default): disabled
                                                                                                                                                                                                        
                                                                                                                                                                                                         		
 
                                                                                                                                                                                                        v1.9 or later
                                                                                                                                                                                                        
                                                                                                                                                                                                         		
 
                                                                                                                                                                                                        String
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        ID of the custom EIP, which can be seen on the EIP console
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        ID of the custom EIP, which can be seen on the EIP console.
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        The EIP must be bindable.
                                                                                                                                                                                                        
                                                                                                                                                                                                         		
 
                                                                                                                                                                                                        v1.23.18-r0, v1.25.13-r0, v1.27.10-r0, v1.28.8-r0, v1.29.4-r0, v1.30.1-r0, or later
                                                                                                                                                                                                        
@@ -738,13 +766,12 @@ spec:
 
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        bandwidth_chargemode
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        No
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        Yes for public network load balancers
                                                                                                                                                                                                        
                                                                                                                                                                                                         		
 
                                                                                                                                                                                                        String
                                                                                                                                                                                                        
                                                                                                                                                                                                         		
 
                                                                                                                                                                                                        Bandwidth mode.
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        • traffic: billed by traffic
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        Default: traffic
                                                                                                                                                                                                        
                                                                                                                                                                                                         		
 
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        bandwidth_size
                                                                                                                                                                                                        
@@ -776,7 +803,7 @@ spec:
                                                                                                                                                                                                         		
 
                                                                                                                                                                                                        EIP type.
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        • 5_bgp: dynamic BGP
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        The specific type varies with regions. For details, see the EIP console.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        The types vary by region. For details, see the EIP console.
                                                                                                                                                                                                        
                                                                                                                                                                                                         		
 
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        vip_subnet_cidr_id
                                                                                                                                                                                                        
@@ -788,8 +815,8 @@ spec:
 
                                                                                                                                                                                                        The ID of the IPv4 subnet where the load balancer resides. This subnet is used to allocate IP addresses for the load balancer to provide external services. The IPv4 subnet must belong to the cluster's VPC.
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        If this parameter is not specified, the load balancer and the cluster will be in the same subnet by default.
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        This field can be specified only for clusters of v1.21 or later.
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        How to Obtain
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        Log in to the VPC console. In the navigation pane, choose Subnets. Filter the target subnet by the cluster's VPC name, click the subnet name, and copy the IPv4 Subnet ID on the Summary tab page.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        How to obtain:
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        Log in to the VPC console. In the navigation pane, choose Subnets. Filter the target subnet by the cluster's VPC name, click the subnet name, and copy the IPv4 Subnet ID on the Summary tab.
                                                                                                                                                                                                        
                                                                                                                                                                                                         		
 
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        ipv6_vip_virsubnet_id
                                                                                                                                                                                                        
@@ -800,8 +827,8 @@ spec:
                                                                                                                                                                                                         		
 
                                                                                                                                                                                                        The ID of the IPv6 subnet where the load balancer is deployed. IPv6 must be enabled for the subnet.
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        This parameter is available only for dedicated load balancers.
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        How to Obtain
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        Log in to the VPC console. In the navigation pane, choose Subnets. Filter the target subnet by the cluster's VPC name, click the subnet name, and copy the Network ID on the Summary tab page.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        How to obtain:
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        Log in to the VPC console. In the navigation pane, choose Subnets. Filter the target subnet by the cluster's VPC name, click the subnet name, and copy the Network ID on the Summary tab.
                                                                                                                                                                                                        
                                                                                                                                                                                                         		
 
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        elb_virsubnet_ids
                                                                                                                                                                                                        
@@ -816,8 +843,8 @@ spec:
 
                                                                                                                                                                                                        "elb_virsubnet_ids": [
    "14567f27-8ae4-42b8-ae47-9f847a4690dd"
  ]
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        How to Obtain
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        Log in to the VPC console. In the navigation pane, choose Subnets. Filter the target subnet by the cluster's VPC name, click the subnet name, and copy the Network ID on the Summary tab page.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        How to obtain:
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        Log in to the VPC console. In the navigation pane, choose Subnets. Filter the target subnet by the cluster's VPC name, click the subnet name, and copy the Network ID on the Summary tab.
                                                                                                                                                                                                        
                                                                                                                                                                                                         		
 
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        vip_address
                                                                                                                                                                                                        
@@ -848,7 +875,7 @@ spec:
                                                                                                                                                                                                         		
 
                                                                                                                                                                                                        String
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        Flavor name of the layer-4 load balancer. This parameter is mandatory when TCP or UDP is used.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        Flavor name of the Layer 4 load balancer. This parameter is mandatory when TCP or UDP is used.
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        You can obtain all supported types by getting the flavor list.
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        This parameter is available only for dedicated load balancers.
                                                                                                                                                                                                        
                                                                                                                                                                                                         		
 
                                                                                                                                                                                                        String
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        Flavor name of the layer-7 load balancer. This parameter is mandatory when HTTP is used.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        Flavor name of the Layer 7 load balancer. This parameter is mandatory when HTTP is used.
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        You can obtain all supported types by getting the flavor list.
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        This parameter is available only for dedicated load balancers. Its value must match that of l4_flavor_name, meaning both must be either elastic specifications or fixed specifications.
                                                                                                                                                                                                        
                                                                                                                                                                                                         		
 
 
                                                                                                                                                                                                        
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                                                                                                                                                                        Table 1 Pod annotations
                                                                                                                                                                                                        Annotation
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        Description
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        Default Value
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        kubernetes.AOM.log.stdout
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        Standard output parameter. If not specified, the standard log output of all containers is reported to AOM. You can collect stdout logs from certain containers or ignore them at all.
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        Example:
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        • Collecting none of the stdout logs:
                                                                                                                                                                                                          kubernetes.AOM.log.stdout: '[]'
                                                                                                                                                                                                          
-
                                                                                                                                                                                                        • Collecting stdout logs of container-1 and container-2:
                                                                                                                                                                                                          kubernetes.AOM.log.stdout: '["container-1","container-2"]'
                                                                                                                                                                                                          
-
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        None
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        metrics.alpha.kubernetes.io/custom-endpoints
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        Parameter for reporting AOM monitoring metrics that you specify.
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        For details, see Monitoring Custom Metrics on AOM.
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        None
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        prometheus.io/scrape
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        Parameter for reporting Prometheus metrics. If the value is true, the current workload reports the monitoring metrics.
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        For details, see Monitoring Custom Metrics Using Cloud Native Cluster Monitoring.
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        None
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        prometheus.io/path
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        URL for Prometheus to collect data.
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        For details, see Monitoring Custom Metrics Using Cloud Native Cluster Monitoring.
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        /metrics
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        prometheus.io/port
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        Endpoint port number for Prometheus to collect data.
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        For details, see Monitoring Custom Metrics Using Cloud Native Cluster Monitoring.
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        None
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        prometheus.io/scheme
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        Protocol used by Prometheus to collect data. The value can be http or https.
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        For details, see Monitoring Custom Metrics Using Cloud Native Cluster Monitoring.
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        None
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        kubernetes.io/ingress-bandwidth
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        Ingress bandwidth of a pod.
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        For details, see Configuring QoS for a Pod.
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        None
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        kubernetes.io/egress-bandwidth
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        Egress bandwidth of a pod.
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        For details, see Configuring QoS for a Pod.
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        None
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        To support multi-dimensional metadata management, Kubernetes offers labels and annotations. They both attach metadata to resources in the format of key-value pairs, but their purposes and use cases differ significantly.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        • Labels are used for identifying and classifying Kubernetes objects. They follow a structured key-value format (for example, app=frontend) and can be used to efficiently select resources using selectors. They directly influence resource scheduling and management. The key and value of a label must comply with naming rules and typically represent persistent attributes of a resource, such as version.
                                                                                                                                                                                                        • Annotations serve to extend functionality and store additional metadata. They support flexible data formats (such as JSON or multi-line text). They are not used to select resources and do not influence scheduling.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        Both labels and annotations apply to various Kubernetes resource types. This section will specifically examine their use in pods.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        Pod Labels
                                                                                                                                                                                                        Pod labels enable intelligent resource association. Once labels are added to pods, other Kubernetes resources can accurately identify and be associated with these pods using label selectors. Label keys and values must follow specific naming rules. For details, see Syntax and character set. For example, you can add the following label to two workloads (App 1 and App 2), respectively:
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        • App 1: release=alpha
                                                                                                                                                                                                        • App 2: release=beta
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        When App 3 is created with a workload affinity of release=alpha, Kubernetes will attempt to schedule App 3 onto the same node as App 1 or another node that matches this affinity. This enables intelligent collaborative deployment between App 1 and App 3. For details, see Configuring Workload Affinity or Anti-affinity Scheduling (podAffinity or podAntiAffinity).
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        You can add labels to a pod using either the console or YAML.
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        Adding a Pod Label Using the Console
                                                                                                                                                                                                        When creating or upgrading a workload on the CCE console, you can add a pod label by clicking Labels and Annotations in the Advanced Settings area. This label helps identify the pod within the cluster. During the workload creation, CCE will add the label shown in the figure below to the workload pod by default. The value of app is the workload name.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        Pod Labels
                                                                                                                                                                                                        When you create a workload on the console, the following labels are added to the pod by default. The value of app is the workload name.
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        Example YAML:
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        ...
+
                                                                                                                                                                                                        Adding a Pod Label Using YAML
                                                                                                                                                                                                        When creating or upgrading a workload, you can add a pod label in the following area of the YAML file:
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        ...
 spec:
   selector:
     matchLabels:
@@ -93,15 +21,116 @@ spec:
       version: v1
   template:
     metadata:
-      labels:
-        app: nginx
-        version: v1
+      labels:
+        app: nginx
+        version: v1
     spec:
       ...
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        You can also add other labels to the pod for affinity and anti-affinity scheduling. In the following figure, three pod labels (release, env, and role) are defined for workload APP 1, APP 2, and APP 3. The values of these labels vary with workload.
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        • APP 1: [release:alpha;env:development;role:frontend]
                                                                                                                                                                                                        • APP 2: [release:beta;env:testing;role:frontend]
                                                                                                                                                                                                        • APP 3: [release:alpha;env:production;role:backend]
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        Figure 1 Label example
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        For example, if key/value is set to role/backend, APP 3 will be selected for affinity scheduling. For details, see Configuring Workload Affinity or Anti-affinity Scheduling (podAffinity or podAntiAffinity).
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        Pod Annotations
                                                                                                                                                                                                        CCE provides some advanced functions for pods. These functions can be implemented by adding annotations to the YAML files. You can add annotations to a pod using either the console or YAML.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        Adding a Pod Annotation Using the Console
                                                                                                                                                                                                        When creating or upgrading a workload on the CCE console, you can add a pod annotation by clicking Labels and Annotations in the Advanced Settings area to enable advanced functions for the pod.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        For example, to disable the collection of container standard output logs for a pod, set the pod annotation to kubernetes.AOM.log.stdout='[]' and click Confirm.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        Adding a Pod Annotation Using YAML
                                                                                                                                                                                                        When creating or upgrading a workload using YAML, you can use the annotations parameter to enable advanced pod functions.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        For example, you can use annotations to disable the collection of container standard output logs for a pod:
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        ...
+spec:
+  replicas: 1     # Number of pods
+  selector:
+    matchLabels:  # Selector for selecting resources with specific labels
+      app: nginx  
+  template:
+    metadata:
+      labels:     # Labels
+        app: nginx
+      annotations:
+        kubernetes.AOM.log.stdout: '[]'
+...
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        Typical Pod Annotations
                                                                                                                                                                                                        Table 1 provides some typically used annotations. You can add annotations for pods as required.
                                                                                                                                                                                                        
+
+
                                                                                                                                                                                                        
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                        Table 1 Pod annotations
                                                                                                                                                                                                        Annotation
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        Description
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        Default Value
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        kubernetes.AOM.log.stdout
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        The standard output log collection setting for containers. If left unspecified, the standard output logs from all containers will be automatically reported to AOM by default. You can customize this annotation to collect standard output logs only from specified containers or disable standard output log collection for all containers.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        Example:
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        • Disabling standard output log collection for all containers:
                                                                                                                                                                                                          kubernetes.AOM.log.stdout: '[]'
                                                                                                                                                                                                          
+
                                                                                                                                                                                                        • Collecting standard output logs from container-1 and container-2:
                                                                                                                                                                                                          kubernetes.AOM.log.stdout: '["container-1","container-2"]'
                                                                                                                                                                                                          
+
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        N/A
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        metrics.alpha.kubernetes.io/custom-endpoints
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        The AOM metric reporting setting, which allows specified metrics to be sent to AOM.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        For details, see Monitoring Custom Metrics on AOM.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        N/A
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        prometheus.io/scrape
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        The Prometheus metric reporting setting, which allows specified metrics to be sent to Prometheus. If set to true, the metrics of the specified workload will be reported to Prometheus.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        For details, see Monitoring Custom Metrics Using Cloud Native Cluster Monitoring.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        N/A
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        prometheus.io/path
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        URL for Prometheus to collect data.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        For details, see Monitoring Custom Metrics Using Cloud Native Cluster Monitoring.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        /metrics
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        prometheus.io/port
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        Endpoint port number for Prometheus to collect data.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        For details, see Monitoring Custom Metrics Using Cloud Native Cluster Monitoring.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        N/A
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        prometheus.io/scheme
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        Protocol used by Prometheus to collect data. The value can be http or https.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        For details, see Monitoring Custom Metrics Using Cloud Native Cluster Monitoring.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        N/A
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        kubernetes.io/ingress-bandwidth
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        The ingress bandwidth of a pod. It controls the rate at which the pod receives data to ensure that the pod can process external requests.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        For details, see Configuring QoS for a Pod.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        N/A
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        kubernetes.io/egress-bandwidth
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        The egress bandwidth of a pod. It controls the rate at which the pod sends data to external systems. This affects the efficiency of communication between the pod and external services or users.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        For details, see Configuring QoS for a Pod.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        N/A
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        Helpful Links
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_10_0390.html b/docs/cce/umn/cce_10_0390.html
index 6e13077df..f87903b06 100644
--- a/docs/cce/umn/cce_10_0390.html
+++ b/docs/cce/umn/cce_10_0390.html
@@ -4,10 +4,10 @@
 
                                                                                                                                                                                                        In Kubernetes, an ingress is a resource object that controls how Services within a cluster can be accessed from outside the cluster. You can use ingresses to configure different forwarding rules to access pods in a cluster. The following uses an Nginx workload as an example to describe how to create an Nginx ingress on the console.
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        Prerequisites
                                                                                                                                                                                                        • An ingress provides network access for backend workloads. Ensure that a workload is available in a cluster. If no workload is available, deploy a workload by referring to Creating a Deployment, Creating a StatefulSet, or Creating a DaemonSet.
                                                                                                                                                                                                        • A ClusterIP or NodePort Service has been configured for the workload. For details about how to configure the Service, see ClusterIP or NodePort.
                                                                                                                                                                                                        • To add Nginx Ingress, ensure that the NGINX Ingress Controller add-on has been installed in the cluster. For details, see Installing the Add-on.
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        Notes and Constraints
                                                                                                                                                                                                        • It is not recommended modifying any configuration of a load balancer on the ELB console. Otherwise, the Service will be abnormal. If you have modified the configuration, uninstall the nginx-ingress add-on and reinstall it.
                                                                                                                                                                                                        • The URL registered in an ingress forwarding policy must be the same as the URL used to access the backend Service. Otherwise, a 404 error will be returned.
                                                                                                                                                                                                        • The selected or created load balancer must be in the same VPC as the current cluster, and it must match the load balancer type (private or public network).
                                                                                                                                                                                                        • The load balancer has at least two listeners, and ports 80 and 443 are not occupied by listeners.
                                                                                                                                                                                                        
+
                                                                                                                                                                                                        Notes and Constraints
                                                                                                                                                                                                        • It is not recommended modifying any configuration of a load balancer on the ELB console. Otherwise, the Service will be abnormal. If you have modified the configuration, uninstall the nginx-ingress add-on and reinstall it.
                                                                                                                                                                                                        • The URL registered in an ingress forwarding policy must be the same as the URL used to access the backend Service. Otherwise, a 404 error will be returned.
                                                                                                                                                                                                        • The selected or created load balancer must be in the same VPC as the current cluster, and it must match the load balancer type (private or public network).
                                                                                                                                                                                                        • The load balancer has at least two listeners, and ports 80 and 443 are not occupied by listeners.
                                                                                                                                                                                                        • When NGINX Ingress Controller accesses a dedicated load balancer and the service affinity is set to the node level, the load balancer's IP address may fail to be accessed within the cluster. For details, see Why a Service Fail to Be Accessed from Within the Cluster.
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        
 
                                                                                                                                                                                                        Creating an Nginx Ingress
                                                                                                                                                                                                        This section uses an Nginx workload as an example to describe how to create an Nginx ingress.
                                                                                                                                                                                                        
-
                                                                                                                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                        2. Choose Services & Ingresses in the navigation pane, click the Ingresses tab, and click Create Ingress in the upper right corner.
                                                                                                                                                                                                        3. Configure ingress parameters.
                                                                                                                                                                                                          • Name: Customize the name of an ingress, for example, nginx-ingress-demo.
                                                                                                                                                                                                          • Namespace: Select the namespace to which the ingress is to be added.
                                                                                                                                                                                                          • nginx-ingress: This option is displayed only after the NGINX Ingress Controller add-on is installed in the cluster.
                                                                                                                                                                                                            • Ingress Class: Select the name of the Nginx Ingress controller installed in the cluster. You can install multiple Nginx Ingress controllers and customize controller names as needed.
                                                                                                                                                                                                            • External Protocol: The options are HTTP and HTTPS. The default number of the listening port reserved when NGINX Ingress Controller is installed is 80 for HTTP and 443 for HTTPS. To use HTTPS, configure a certificate.
                                                                                                                                                                                                            • Certificate Source: source of a certificate for encrypting and authenticating HTTPS data transmission.
                                                                                                                                                                                                              • If you select a TLS key, you must create a key certificate of the IngressTLS or kubernetes.io/tls type beforehand. For details, see Creating a Secret.
                                                                                                                                                                                                              • If you select the default certificate, NGINX Ingress Controller will use its default certificate for encryption and authentication. You can configure the default certificate during NGINX Ingress Controller installation. If the default certificate is not configured, the certificate provided by NGINX Ingress Controller will be used.
                                                                                                                                                                                                              
+
                                                                                                                                                                                                              1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                              2. Choose Services & Ingresses in the navigation pane, click the Ingresses tab, and click Create Ingress in the upper right corner.
                                                                                                                                                                                                              3. Configure ingress parameters.
                                                                                                                                                                                                                • Name: Customize the name of an ingress, for example, nginx-ingress-demo.
                                                                                                                                                                                                                • Namespace: Select the namespace to which the ingress is to be added.
                                                                                                                                                                                                                • nginx-ingress: This option is displayed only after the NGINX Ingress Controller add-on is installed in the cluster.
                                                                                                                                                                                                                  • Ingress Class: Select the name of the Nginx Ingress controller installed in the cluster. You can install multiple Nginx Ingress controllers and customize controller names as needed.
                                                                                                                                                                                                                  • External Protocol: The options are HTTP and HTTPS. The default number of the listening port reserved when NGINX Ingress Controller is installed is 80 for HTTP and 443 for HTTPS. To use HTTPS, configure a certificate.
                                                                                                                                                                                                                  • Certificate Source: source of a certificate for encrypting and authenticating HTTPS data transmission.
                                                                                                                                                                                                                    • If you select a TLS key, you must create a key certificate of the IngressTLS or kubernetes.io/tls type beforehand. For details, see Creating a Secret.
                                                                                                                                                                                                                    • If you select the default certificate, NGINX Ingress Controller will use its default certificate for encryption and authentication. You can configure the default certificate during NGINX Ingress Controller installation. If the default certificate is not configured, the certificate provided by NGINX Ingress Controller will be used.
                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                  • SNI: stands for Server Name Indication (SNI), which is an extended protocol of TLS. SNI allows multiple TLS-compliant domain names for external access using the same IP address and port number, and different domain names can use different security certificates. After SNI is enabled, the client is allowed to submit the requested domain name when initiating a TLS handshake request. After receiving the TLS request, the load balancer searches for the certificate based on the domain name in the request. If the certificate corresponding to the domain name is found, the load balancer returns the certificate for authorization. Otherwise, the default certificate (server certificate) is returned for authorization.
                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                • Forwarding Policy: When the access address of a request matches the forwarding policy (a forwarding policy consists of a domain name and URL), the request is forwarded to the corresponding target Service for processing. Click Add Forwarding Policies to add multiple forwarding policies.
                                                                                                                                                                                                                  • Domain Name: actual domain name. Ensure that the entered domain name has been registered and archived. After the ingress is created, bind the domain name to the IP address of the automatically created load balancer (IP address of the ingress access address). If a domain name rule is configured, the domain name must always be used for access.
                                                                                                                                                                                                                  • Path Matching Rule:
                                                                                                                                                                                                                    • Default: Prefix match is used by default.
                                                                                                                                                                                                                    • Prefix match: If the URL is set to /healthz, the URL that meets the prefix can be accessed, for example, /healthz/v1 and /healthz/v2.
                                                                                                                                                                                                                    • Exact match: The URL can be accessed only when it is fully matched. For example, if the URL is set to /healthz, only /healthz can be accessed.
                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                  • Path: access path, for example, /healthz
                                                                                                                                                                                                                     
                                                                                                                                                                                                                    • The access path matching rule of Nginx Ingress is based on the path prefix separated by the slash (/) and is case-sensitive. If the subpath separated by a slash (/) matches the prefix, the access is normal. However, if the prefix is only a part of the character string in the subpath, the access is not matched. For example, if the URL is set to /healthz, /healthz/v1 is matched, but /healthzv1 is not matched.
                                                                                                                                                                                                                    • The access path added here must exist in the backend application. Otherwise, the forwarding fails.
                                                                                                                                                                                                                      For example, the default access URL of the Nginx application is /usr/share/nginx/html. When adding /test to the ingress forwarding policy, ensure the access URL of your Nginx application contains /usr/share/nginx/html/test. Otherwise, error 404 will be returned.
                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_10_0391.html b/docs/cce/umn/cce_10_0391.html
index 3c2a921f0..3a4ba1d51 100644
--- a/docs/cce/umn/cce_10_0391.html
+++ b/docs/cce/umn/cce_10_0391.html
@@ -5,7 +5,7 @@
 
                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                    • Overview
                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                    • Local PV Overview
                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                      • 
 
                                                                                                                                                                                                                    • Importing a PV to a Storage Pool
                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                      • 
diff --git a/docs/cce/umn/cce_10_0397.html b/docs/cce/umn/cce_10_0397.html
index 24dce12da..383e04dc4 100644
--- a/docs/cce/umn/cce_10_0397.html
+++ b/docs/cce/umn/cce_10_0397.html
@@ -1,93 +1,201 @@
 
 
-
                                                                                                                                                                                                                      Configuring Workload Upgrade Policies
                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                      In actual applications, upgrade is a common operation. A Deployment, StatefulSet, or DaemonSet can easily support application upgrade.
                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                      You can set different upgrade policies:
                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                      • Rolling upgrade: New pods are created gradually and then old pods are deleted. This is the default policy.
                                                                                                                                                                                                                      • Replace upgrade: The current pods are deleted and then new pods are created.
                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                      Upgrade Parameters
                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                      Parameter
                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                      Upgrading and Rolling Back a Workload
                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                      After a workload is created, you can upgrade it and roll it back. The flexible upgrade and rollback mechanism enables smooth version transitions without interrupting services. If an issue arises during an upgrade, you can quickly restore to the previous stable state. The upgrade and rollback mechanism applies to multiple workloads:
                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                      • Upgrade: applies to Deployments, StatefulSets, and DaemonSets.
                                                                                                                                                                                                                      • Rollback: applies to Deployments.
                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                      Using the Console
                                                                                                                                                                                                                      1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                      2. In the navigation pane, choose Workloads. In the upper right corner of the displayed page, click Create Workload.
                                                                                                                                                                                                                      3. In the Upgrade area under Advanced Settings, select an upgrade mode. For details, see Table 1. The common parameters for rolling upgrades and replacement upgrades serve similar purposes, though their implementations differ.
                                                                                                                                                                                                                        
+
+
                                                                                                                                                                                                                        
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                                                                                                                                                                                        Table 1 Workload upgrade modes
                                                                                                                                                                                                                        Parameter
                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                        Description
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        Description
                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                        Constraint
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        Constraint
                                                                                                                                                                                                                        
                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                        Max. Surge (maxSurge)
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        Max. Unavailable Pods (maxUnavailable)
                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                        Specifies the maximum number of pods that can exist compared with spec.replicas. The default value is 25%.
                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                        For example, if spec.replicas is set to 4, a maximum of five pods can exist during the upgrade. That is, the upgrade is performed at a step of 1. During the actual upgrade, the value is converted into a number and rounded up. The value can also be set to an absolute number.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        The maximum number or percentage of pods that can be unavailable during a rolling upgrade. This also sets the limit for how many running pods can be below the expected number. The default value is 25%. During an upgrade, the percentage is converted into an absolute number and rounded down.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        For example, if spec.replicas is set to 2, no pods (2 x 0.25 = 0.5, rounded down to 0) can be unavailable. Therefore, during an upgrade, there will always be at least two pods running (2 desired - 0 unavailable). Each old pod is deleted only after a new one is created, ensuring that at least two pods are always running until all pods are updated.
                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                        This parameter is supported only by Deployments and DaemonSets.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        This parameter is only available for Deployments and DaemonSets.
                                                                                                                                                                                                                        
                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                        Max. Unavailable Pods (maxUnavailable)
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        Max. Surge (maxSurge)
                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                        Specifies the maximum number of pods that can be unavailable compared with spec.replicas. The default value is 25%.
                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                        For example, if spec.replicas is set to 4, at least three pods exist during the upgrade. That is, the deletion is performed at a step of 1. The value can also be set to an absolute number.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        The maximum number or percentage of pods that can exist above the desired number of pods during a rolling upgrade. This parameter determines the maximum number of new pods that can be created at a time to replace old pods. The default value is 25%. During an upgrade, the percentage is converted into an absolute number and rounded up.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        For example, if spec.replicas is set to 2, a maximum of one pod (2 x 0.25 = 0.5, rounded up to 1) can be created at a time by default. Therefore, during an upgrade, up to 3 pods can exist (2 desired + 1 surge).
                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                        This parameter is supported only by Deployments and DaemonSets.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        This parameter is only available for Deployments and DaemonSets.
                                                                                                                                                                                                                        
                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                        Min. Ready Seconds (minReadySeconds)
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        Min. Ready Seconds (minReadySeconds)
                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                        A pod is considered available only when the minimum readiness time is exceeded without any of its containers crashing. The default value is 0 (the pod is considered available immediately after it is ready).
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        The minimum duration a new pod must remain in the ready state before it is marked as available.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        This ensures a stable observation period, preventing unstable pods from joining the service too early and thereby improving the stability and reliability of the deployment.
                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                        None
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        None
                                                                                                                                                                                                                        
                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                        Revision History Limit (revisionHistoryLimit)
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        Revision History Limit (revisionHistoryLimit)
                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                        Specifies the number of old ReplicaSets to retain to allow rollback. These old ReplicaSets consume resources in etcd and crowd the output of kubectl get rs. The configuration of each Deployment revision is stored in its ReplicaSets. Therefore, once the old ReplicaSet is deleted, you lose the ability to roll back to that revision of Deployment. By default, 10 old ReplicaSets will be kept, but the ideal value depends on the frequency and stability of the new Deployments.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        The maximum number of old ReplicaSets retained for rollback. These consume etcd resources and appear in kubectl get rs output.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        Each Deployment's historical configurations are stored in its corresponding ReplicaSet. Deleting an old ReplicaSet makes it impossible to roll back the Deployment to that version. By default, CCE retains the latest 10 old ReplicaSets.
                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                        None
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        None
                                                                                                                                                                                                                        
                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                        Max. Upgrade Duration (progressDeadlineSeconds)
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        Max. Upgrade Duration (progressDeadlineSeconds)
                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                        Specifies the number of seconds that the system waits for a Deployment to make progress before reporting a Deployment progress failure. It is surfaced as a condition with Type=Progressing, Status=False, and Reason=ProgressDeadlineExceeded in the status of the resource. The Deployment controller will keep retrying the Deployment. In the future, once automatic rollback will be implemented, the Deployment controller will roll back a Deployment as soon as it observes such a condition.
                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                        If this parameter is specified, the value of this parameter must be greater than that of .spec.minReadySeconds.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        The maximum time, in seconds, that a Deployment can take to make progress before it is considered to be failing. If specifying this parameter, ensure its value is greater than minReadySeconds.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        During a rolling upgrade, if a Deployment does not make progress within the time specified by progressDeadlineSeconds, it is marked with the following conditions: Type=Progressing, Status=False, and Reason=ProgressDeadlineExceeded. The above information indicates that the Deployment upgrade has failed. CCE records the failure event but does not automatically roll back the Deployment to a previous version. The rollback must be manually performed or triggered through an external mechanism.
                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                        None
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        This parameter is only available for Deployments.
                                                                                                                                                                                                                        
                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                        Scale-In Time Window (terminationGracePeriodSeconds)
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        Scale-In Time Window (terminationGracePeriodSeconds)
                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                        Graceful deletion time. The default value is 30 seconds. When a pod is deleted, a SIGTERM signal is sent and the system waits for the applications in the container to terminate. If the application is not terminated within the time specified by terminationGracePeriodSeconds, a SIGKILL signal is sent to forcibly terminate the pod.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        The maximum time kubelet waits for containers in a pod to exit gracefully when the pod is deleted. The default is 30 seconds. Containers should exit within this period. Otherwise, they will be forcibly terminated with SIGKILL.
                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                        None
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        None
                                                                                                                                                                                                                        
                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                        
                                                                                                                                                                                                                         
 
                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                      4. Configure other parameters and click Create Workload. The workload status will change to Running later.
                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                      Using kubectl
                                                                                                                                                                                                                      The following uses a Deployment as an example to describe how to configure a workload upgrade policy using kubectl.
                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                      1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                      2. Create a file named nginx-deployment.yaml. The name is only an example. You can rename it as needed.
                                                                                                                                                                                                                        vi nginx-deployment.yaml
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        Below is an example of the file. For details about the Deployment configuration, see the Kubernetes official documentation.
                                                                                                                                                                                                                        apiVersion: apps/v1
+kind: Deployment  
+metadata:
+  name: nginx   
+  namespace: default  
+spec:
+  replicas: 2   
+  selector:
+    matchLabels:   
+      app: nginx
+  template:  
+    metadata:
+      labels:  
+        app: nginx
+    spec:
+      containers:
+      - image: nginx:latest    
+        imagePullPolicy: Always  
+        name: nginx  
+        resources:  
+          requests:  
+            cpu: 250m
+            memory: 512Mi
+          limits:  
+            cpu: 250m
+            memory: 512Mi
+      imagePullSecrets:  
+      - name: default-secret  
+      terminationGracePeriodSeconds: 30
+  strategy:
+    type: RollingUpdate # A rolling upgrade. Recreate indicates a replacement upgrade.
+    rollingUpdate: # Configure rolling upgrade parameters.
+      maxUnavailable: 25%
+      maxSurge: 25%
+  minReadySeconds: 0
+  revisionHistoryLimit: 10
+  progressDeadlineSeconds: 600
                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                        Upgrade Example
                                                                                                                                                                                                                        The Deployment can be upgraded in a declarative mode. That is, you only need to modify the YAML definition of the Deployment. For example, you can run the kubectl edit command to change the Deployment image to nginx:alpine. After the modification, query the ReplicaSet and pod. The query result shows that a new ReplicaSet is created and the pod is re-created.
                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                        $ kubectl edit deploy nginx
 
-$ kubectl get rs
-NAME               DESIRED   CURRENT   READY     AGE
-nginx-6f9f58dffd   2         2         2         1m
-nginx-7f98958cdf   0         0         0         48m
-
-$ kubectl get pods
-NAME                     READY     STATUS    RESTARTS   AGE
+
                                                                                                                                                                                                                        
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                        Table 2 Workload upgrade modes
                                                                                                                                                                                                                        Parameter
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        Description
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        Constraint
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        maxUnavailable
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        The maximum number or percentage of pods that can be unavailable during a rolling upgrade. This also sets the limit for how many running pods can be below the expected number. The default value is 25%. During an upgrade, the percentage is converted into an absolute number and rounded down.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        For example, if spec.replicas is set to 2, no pods (2 x 0.25 = 0.5, rounded down to 0) can be unavailable. Therefore, during an upgrade, there will always be at least two pods running (2 desired - 0 unavailable). Each old pod is deleted only after a new one is created, ensuring that at least two pods are always running until all pods are updated.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        This parameter is only available for rolling upgrades.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        maxSurge
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        The maximum number or percentage of pods that can exist above the desired number of pods during a rolling upgrade. This parameter determines the maximum number of new pods that can be created at a time to replace old pods. The default value is 25%. During an upgrade, the percentage is converted into an absolute number and rounded up.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        For example, if spec.replicas is set to 2, a maximum of one pod (2 x 0.25 = 0.5, rounded up to 1) can be created at a time by default. Therefore, during an upgrade, up to 3 pods can exist (2 desired + 1 surge).
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        This parameter is only available for rolling upgrades.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        minReadySeconds
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        The minimum duration a new pod must remain in the ready state before it is marked as available.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        This ensures a stable observation period, preventing unstable pods from joining the service too early and thereby improving the stability and reliability of the deployment.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        None
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        revisionHistoryLimit
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        The maximum number of old ReplicaSets retained for rollback. These consume etcd resources and appear in kubectl get rs output.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        Each Deployment's historical configurations are stored in its corresponding ReplicaSet. Deleting an old ReplicaSet makes it impossible to roll back the Deployment to that version. By default, CCE retains the latest 10 old ReplicaSets.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        None
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        progressDeadlineSeconds
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        The maximum time, in seconds, that a Deployment can take to make progress before it is considered to be failing. If specifying this parameter, ensure its value is greater than minReadySeconds.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        During a rolling upgrade, if a Deployment does not make progress within the time specified by progressDeadlineSeconds, it is marked with the following conditions: Type=Progressing, Status=False, and Reason=ProgressDeadlineExceeded. The above information indicates that the Deployment upgrade has failed. CCE records the failure event but does not automatically roll back the Deployment to a previous version. The rollback must be manually performed or triggered through an external mechanism.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        None
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        terminationGracePeriodSeconds
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        The maximum time kubelet waits for containers in a pod to exit gracefully when the pod is deleted. The default is 30 seconds. Containers should exit within this period. Otherwise, they will be forcibly terminated with SIGKILL.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        None
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                      3. Create the Deployment.
                                                                                                                                                                                                                        kubectl create -f nginx-deployment.yaml
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        If information similar to the following is displayed, the Deployment is being created:
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        deployment.apps/nginx created
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                      4. Check the Deployment status.
                                                                                                                                                                                                                        kubectl get deployment
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        If information similar to the following is displayed, the Deployment has been created:
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        NAME           READY     UP-TO-DATE   AVAILABLE   AGE 
+nginx          2/2       2            2           4m5s
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                      5. Change the image used by the Deployment to nginx:alpine.
                                                                                                                                                                                                                        kubectl edit deploy nginx
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        Modify the image in spec.containers.image, save the modification, and exit.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                      6. Check the ReplicaSets of the Deployment.
                                                                                                                                                                                                                        kubectl get rs
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        Information similar to the following is displayed:
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        NAME               DESIRED   CURRENT   READY     AGE 
+nginx-6f9f58dffd   2         2         2         1m    # New-version ReplicaSet (activated)
+nginx-7f98958cdf   0         0         0         48m   # Old-version ReplicaSet (deactivated)
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        During the upgrade, with spec.replicas set to 2 and both maxSurge and maxUnavailable set to 25%, the number of pods changes as follows:
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        • maxSurge = 1 (2 x 25% = 0.5, rounded up) -> One extra pod can be added at most.
                                                                                                                                                                                                                        • maxUnavailable = 0 (2 x 25% = 0.5, rounded down) -> No unavailable pod is allowed.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        During the upgrade, up to three pods can exist in total, with two always available for services. CCE creates new pods, checks their readiness, and deletes old pods one by one until all are upgraded.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                      7. After the upgrade is complete, check the pod statuses:
                                                                                                                                                                                                                        kubectl get pods
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        In the command output, if all the pods are Running, the Deployment has been upgraded.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        NAME                     READY     STATUS    RESTARTS   AGE
 nginx-6f9f58dffd-tdmqk   1/1       Running   0          1m
 nginx-6f9f58dffd-tesqr   1/1       Running   0          1m
                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                        The Deployment can use the maxSurge and maxUnavailable parameters to control the proportion of pods to be re-created during the upgrade, which is useful in many scenarios. The configuration is as follows:
                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                        spec:
-  strategy:
-    rollingUpdate:
-      maxSurge: 1
-      maxUnavailable: 0
-    type: RollingUpdate
                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                        In the preceding example, the value of spec.replicas is 2. If both maxSurge and maxUnavailable are the default value 25%, maxSurge allows a maximum of three pods to exist (2 x 1.25 = 2.5, rounded up to 3), and maxUnavailable does not allow a maximum of two pods to be unavailable (2 x 0.75 = 1.5, rounded up to 2). That is, during the upgrade process, there will always be two pods running. Each time a new pod is created, an old pod is deleted, until all pods are new.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                      Rollback
                                                                                                                                                                                                                      Rollback is to roll an application back to an earlier version when a fault occurs during an upgrade. A Deployment can be easily rolled back to the earlier version.
                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                      For example, if the upgraded image is faulty, you can run the kubectl rollout undo command to roll back the Deployment.
                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                      $ kubectl rollout undo deployment nginx
-deployment.apps/nginx rolled back
                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                      A Deployment can be easily rolled back because it uses a ReplicaSet to control a pod. After the upgrade, the previous ReplicaSet still exists. The Deployment is rolled back by using the previous ReplicaSet to re-create the pod. The number of ReplicaSets stored in a Deployment can be restricted by the revisionHistoryLimit parameter. The default value is 10.
                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                      Rolling Back a Workload
                                                                                                                                                                                                                      If an error occurs during an upgrade, you can roll back the Deployment to its previous version. This is possible because old-version ReplicaSets are retained after each upgrade. A rollback essentially replaces the upgraded ReplicaSet with an old one. You can use revisionHistoryLimit to control the maximum number of retained historical versions (default: 10).
                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                      • Using the console
                                                                                                                                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                        2. In the navigation pane, choose Workloads. In the Operation column of the target workload, choose More > Roll Back.
                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                      • Using kubectl
                                                                                                                                                                                                                        Run the following command to roll back the target Deployment:
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        kubectl rollout undo deployment nginx
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        If information similar to the following is displayed, the rollback is successful:
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        deployment.apps/nginx rolled back
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_10_0398.html b/docs/cce/umn/cce_10_0398.html
index bc88e165b..50f798c39 100644
--- a/docs/cce/umn/cce_10_0398.html
+++ b/docs/cce/umn/cce_10_0398.html
@@ -1,53 +1,78 @@
 
 
-
                                                                                                                                                                                                                      Headless Services
                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                      Services allow internal and external pod access, but not the following scenarios:
                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                      • Accessing all pods at the same time
                                                                                                                                                                                                                      • Pods in a Service accessing each other
                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                      This is where headless Service come into service. A headless Service does not create a cluster IP address, and the DNS records of all pods are returned during query. In this way, the IP addresses of all pods can be queried. StatefulSets use headless Services to support mutual access between pods.
                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                      Headless Service
                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                      Headless Services are a special type of Kubernetes Service. They do not provide a cluster IP address or load balancing through a Service IP address. Instead, when a client uses the DNS name of a headless Service for query, Kubernetes directly returns the individual IP addresses of the pods selected by the Service. This design allows clients to connect directly to the pods themselves. Headless Services are ideal for certain applications such as database clusters and cache clusters.
                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                      Headless Services are typically used in:
                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                      • StatefulSets: In StatefulSets such as MySQL, Kafka, and Elasticsearch, each pod has unique responsibilities and does not require load balancing. A headless Service gives each pod its own access entry.
                                                                                                                                                                                                                      • Applications that need custom load balancing: Some applications need to manage their own load balancing policies rather than relying on Kubernetes' default load balancing policy.
                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                      Creating a Headless Service
                                                                                                                                                                                                                      1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                      2. Create a StatefulSet and an associated headless Service.
                                                                                                                                                                                                                        vi headless.yaml
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        File content:
                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                        apiVersion: v1
-kind: Service       # Object type (Service)
+kind: Service       # Set the resource object type to Service.
 metadata:
   name: nginx-headless
   labels:
     app: nginx
 spec:
   ports:
-    - name: nginx      #     - name: nginx     # Name of the port for communication between pods
-      port: 80        # Port number for communication between pods
+    - name: web       # Name of the port for communications between pods
+      port: 80        # Port number for communications between pods
   selector:
-    app: nginx        # Select the pod whose label is app:nginx.
-  clusterIP: None     # Set this parameter to None, indicating that a headless Service is to be created.
                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                        Run the following command to create a headless Service:
                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                        # kubectl create -f headless.yaml 
-service/nginx-headless created
                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                        After the Service is created, you can query the Service.
                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                        # kubectl get svc
-NAME             TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)   AGE
-nginx-headless   ClusterIP   None         <none>        80/TCP    5s
                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                        Create a pod to query the DNS. You can view the records of all pods. In this way, all pods can be accessed.
                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                        $ kubectl run -i --tty --image tutum/dnsutils dnsutils --restart=Never --rm /bin/sh
-If you do not see a command prompt, try pressing Enter.
-/ # nslookup nginx-0.nginx
-Server:         10.247.3.10
-Address:        10.247.3.10#53
-Name:   nginx-0.nginx.default.svc.cluster.local
-Address: 172.16.0.31
+    app: nginx        # Select the pod labeled with app:nginx.
+  clusterIP: None     # Set this parameter to None, indicating that a headless Service will be created.
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: web
+spec:
+  serviceName: nginx-headless   # Name of the headless Service associated with the StatefulSet
+  replicas: 3
+  selector:
+    matchLabels:
+      app: nginx
+  template:
+    metadata:
+      labels:
+        app: nginx
+    spec:
+      containers:
+      - name: nginx
+        image: nginx:alpine
+        ports:
+        - containerPort: 80
+          name: web
+      imagePullSecrets:
+        - name: default-secret
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                      3. Create the StatefulSet and headless Service.
                                                                                                                                                                                                                        kubectl create -f headless.yaml
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                      4. Check whether the pods have been created.
                                                                                                                                                                                                                        kubectl get pods -l app=nginx -o wide
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        Information similar to the following is displayed:
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        NAME     READY   STATUS    RESTARTS   AGE     IP          NODE            NOMINATED NODE   READINESS GATES
+web-0    1/1     Running   0          41s     10.0.0.22   192.168.0.194   <none>           <none>
+web-1    1/1     Running   0          38s     10.0.0.23   192.168.0.194   <none>           <none>
+web-2    1/1     Running   0          37s     10.0.0.39   192.168.0.21    <none>           <none>
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                      5. Check whether the headless Service has been created.
                                                                                                                                                                                                                        kubectl get svc nginx-headless
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        Information similar to the following is displayed:
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        NAME             TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)   AGE
+nginx-headless   ClusterIP   None         <none>        80/TCP    2m20s
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                      6. Create a temporary pod to obtain DNS.
                                                                                                                                                                                                                        kubectl run -it --rm --image=busybox:1.28 test-pod -- sh
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        The command for obtaining DNS is as follows:
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        nslookup nginx-headless
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        Information similar to the following is displayed:
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        Server:    10.247.3.10
+Address 1: 10.247.3.10 coredns.kube-system.svc.cluster.local
 
-/ # nslookup nginx-1.nginx
-Server:         10.247.3.10
-Address:        10.247.3.10#53
-Name:   nginx-1.nginx.default.svc.cluster.local
-Address: 172.16.0.18
-
-/ # nslookup nginx-2.nginx
-Server:         10.247.3.10
-Address:        10.247.3.10#53
-Name:   nginx-2.nginx.default.svc.cluster.local
-Address: 172.16.0.19
                                                                                                                                                                                                                        
+Name:      nginx-headless
+Address 1: 10.0.0.22 web-0.nginx-headless.default.svc.cluster.local
+Address 2: 10.0.0.23 web-1.nginx-headless.default.svc.cluster.local
+Address 3: 10.0.0.39 web-2.nginx-headless.default.svc.cluster.local
+
                                                                                                                                                                                                                        This indicates that each StatefulSet pod has an independent DNS record.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                      7. Check whether these pods can be accessed.
                                                                                                                                                                                                                        wget -qO- web-0.nginx-headless
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                      Parent topic: Service
                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                      Parent topic: Services
                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                      
 
diff --git a/docs/cce/umn/cce_10_0399.html b/docs/cce/umn/cce_10_0399.html
index 0bfd23a81..0e990bf47 100644
--- a/docs/cce/umn/cce_10_0399.html
+++ b/docs/cce/umn/cce_10_0399.html
@@ -5,11 +5,11 @@
 
                                                                                                                                                                                                                      Intra-VPC Access
                                                                                                                                                                                                                      The performance of accessing an intranet from a container varies depending on the container network models of a cluster.
                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                      • Container tunnel network
                                                                                                                                                                                                                        The container tunnel network encapsulates network data packets through tunnels based on the node network. A container can access other resources in the same VPC as long as the node can access the resources. If the access fails, check whether the security group of peer resources allows the access from the node where the container is located.
                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                      • Cloud Native Network 2.0
                                                                                                                                                                                                                        In the Cloud Native Network 2.0 model, a container is assigned an IP address from the CIDR block of a VPC. The container CIDR block is the subnet of the VPC where the node is located. The container can naturally communicate with other addresses in the VPC. If the access fails, check whether the security group of peer resources allows the access from the container CIDR block.
                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                      • VPC network
                                                                                                                                                                                                                        The VPC network model uses VPC routes to forward container traffic. The container CIDR block and the node VPC are not in the same CIDR block. When a container accesses other resources in the same VPC, the security group of the peer resource must allow access of the container CIDR block.
                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                        For example, the CIDR block where the cluster node resides is 192.168.10.0/24, and the container CIDR block is 172.16.0.0/16.
                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                        There is an ECS whose IP address is 192.168.10.52 in the VPC (outside the cluster). The security group of the ECS allows access of only the CIDR block of the cluster node.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                      • VPC network
                                                                                                                                                                                                                        The VPC network model uses VPC routes to forward container traffic. The container CIDR block and the node VPC are not in the same CIDR block. When a container accesses other resources in the same VPC, the security groups of these resources must allow traffic from the container CIDR block.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        Suppose the cluster CIDR block is 192.168.10.0/24, and the container CIDR block is 172.16.0.0/16.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        There is an ECS whose IP address is 192.168.10.25 in the VPC (outside the cluster). The security group rules of the ECS only allow access from the cluster CIDR block.
                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                        In this case, 192.168.10.52 cannot be pinged from the container.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        In this case, 192.168.10.25 cannot be pinged from the container.
                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                        kubectl exec test01-6cbbf97b78-krj6h  -it -- /bin/sh
 / # ping 192.168.10.25
 PING 192.168.10.25 (192.168.10.25): 56 data bytes
@@ -18,7 +18,7 @@ PING 192.168.10.25 (192.168.10.25): 56 data bytes
 104 packets transmitted, 0 packets received, 100% packet loss
                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                        Configure the security group to allow access from the container CIDR block 172.16.0.0/16.
                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                        In this case, 192.168.10.52 can be pinged from the container.
                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                        In this case, 192.168.10.25 can be pinged from the container.
                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                        $ kubectl exec test01-6cbbf97b78-krj6h  -it -- /bin/sh
 / # ping 192.168.10.25
 PING 192.168.10.25 (192.168.10.25): 56 data bytes
@@ -38,7 +38,7 @@ PING 192.168.10.25 (192.168.10.25): 56 data bytes
 
                                                                                                                                                                                                                        After this configuration, you can access the container CIDR block 10.0.0.0/16 in vpc-demo2. During the access, pay attention to the security group configuration and enable the port configuration.
                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                      Accessing Other Cloud Services
                                                                                                                                                                                                                      Common services that communicate with CCE through an intranet include RDS, DCS, Kafka, and RabbitMQ.
                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                      Accessing Other Cloud Services
                                                                                                                                                                                                                      The cloud services that communicate with CCE through an intranet include RDS, DCS, Kafka, and RabbitMQ.
                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                      In addition to the network configurations described in Intra-VPC Access and Cross-VPC Access, you also need to check whether these cloud services allow external access. For example, the DCS Redis instance can be accessed only by the IP addresses in its trustlist. Generally, these cloud services can be accessed by IP addresses in the same VPC. However, the container CIDR block in the VPC network model is different from the CIDR block of the VPC. Therefore, you must add the container CIDR block to the trustlist.
                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                      What If a Container Fails to Access an Intranet?
                                                                                                                                                                                                                      If an intranet cannot be accessed from a container, perform the following operations:
                                                                                                                                                                                                                      
@@ -48,7 +48,7 @@ PING 192.168.10.25 (192.168.10.25): 56 data bytes
 
                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                      Parent topic: Network
                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                      Parent topic: Networking
                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                      
 
diff --git a/docs/cce/umn/cce_10_0400.html b/docs/cce/umn/cce_10_0400.html
index a17b0bfe3..52dd327a7 100644
--- a/docs/cce/umn/cce_10_0400.html
+++ b/docs/cce/umn/cce_10_0400.html
@@ -2,17 +2,17 @@
 
 
                                                                                                                                                                                                                      Accessing the Internet from a Container
                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                      Containers can access the Internet in either of the following ways:
                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                      • Bind an EIP to the node where the container is located if the network model is VPC or tunnel.
                                                                                                                                                                                                                      • Bind an EIP to the pod. (This function applies only to Cloud Native 2.0 clusters. To do so, manually bind an EIP to the ENI or sub-ENI of the pod on the VPC console. This method is not recommended because the IP address of a pod changes after the pod is rescheduled. As a result, the new pod cannot access the Internet.)
                                                                                                                                                                                                                      • Configure SNAT rules through NAT Gateway.
                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                      You can use NAT Gateway to enable container pods in a VPC to access the Internet. NAT Gateway provides source network address translation (SNAT), which translates private IP addresses to a public IP address by binding an elastic IP address (EIP) to the gateway, providing secure and efficient access to the Internet. Figure 1 shows the SNAT architecture. The SNAT function allows the container pods in a VPC to access the Internet without being bound to an EIP. SNAT supports a large number of concurrent connections, which makes it suitable for applications involving a large number of requests and connections.
                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                      Figure 1 SNAT
                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                      • Bind an EIP to the node where the container is located if the network model is VPC or tunnel.
                                                                                                                                                                                                                      • Bind an EIP to the target pod if the cluster uses a Cloud Native 2.0 network. For details, see Configuring an EIP for a Pod.
                                                                                                                                                                                                                      • Configure SNAT rules through NAT Gateway.
                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                      You can use NAT Gateway to enable pods in a VPC to access the Internet. NAT Gateway provides source network address translation (SNAT), which translates private IP addresses to a public IP address using the assigned EIP. Pods in the VPC can share this EIP to access the Internet. Figure 1 shows the SNAT architecture. SNAT allows the pods in a VPC to access the Internet without being bound to EIPs. SNAT supports a large number of concurrent connections, which makes it suitable for applications involving a large number of requests and connections.
                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                      Figure 1 SNAT
                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                      To enable a container to access the Internet, perform the following steps:
                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                      1. Obtain an EIP. 
                                                                                                                                                                                                                        1. Log in to the management console.
                                                                                                                                                                                                                        2. Click  in the upper left corner of the management console and select a region and a project.
                                                                                                                                                                                                                        3. Click  in the upper left corner and choose Networking > Elastic IP in the expanded list.
                                                                                                                                                                                                                        4. On the EIPs page, click Assign EIP.
                                                                                                                                                                                                                        5. Configure parameters as required.
                                                                                                                                                                                                                           
                                                                                                                                                                                                                          Set Region to the region where container pods are located.
                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                          1. Obtain an EIP.
                                                                                                                                                                                                                            1. Log in to the EIP console.
                                                                                                                                                                                                                            2. On the EIPs page, click Assign EIP.
                                                                                                                                                                                                                            3. Configure parameters as required.
                                                                                                                                                                                                                               
                                                                                                                                                                                                                              Set Region to the region where container pods are located.
                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                          2. Create a NAT gateway. 
                                                                                                                                                                                                                            1. Click  in the upper left corner and choose Networking > NAT Gateway in the expanded list.
                                                                                                                                                                                                                            2. On the Public Network Gateways page, click Create Public NAT Gateway in the upper right corner.
                                                                                                                                                                                                                            3. Configure parameters as required.
                                                                                                                                                                                                                               
                                                                                                                                                                                                                              Select the same VPC.
                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                            4. Create a NAT gateway. 
                                                                                                                                                                                                                              1. Click  in the upper left corner and choose Networking > NAT Gateway in the expanded list.
                                                                                                                                                                                                                              2. On the Public Network Gateways page, click Create Public NAT Gateway in the upper right corner.
                                                                                                                                                                                                                              3. Configure parameters as required.
                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                Select the same VPC.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                            5. Configure an SNAT rule and bind the EIP to the subnet. 
                                                                                                                                                                                                                              1. On the page displayed, click the name of the NAT gateway for which you want to add the SNAT rule.
                                                                                                                                                                                                                              2. On the SNAT Rules tab page, click Add SNAT Rule.
                                                                                                                                                                                                                              3. Configure parameters as required.
                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                            6. Configure an SNAT rule and bind the EIP to the subnet.
                                                                                                                                                                                                                              1. On the page displayed, click the name of the NAT gateway for which you want to add the SNAT rule.
                                                                                                                                                                                                                              2. On the SNAT Rules tab page, click Add SNAT Rule.
                                                                                                                                                                                                                              3. Configure parameters as required.
                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                               
                                                                                                                                                                                                                              SNAT rules take effect by CIDR block. As different container network models use different communication modes, the subnet needs to be selected according to the following rules:
                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                              • Tunnel network and VPC network: Select the subnet where the node is located, that is, the subnet selected during node creation.
                                                                                                                                                                                                                              • Cloud Native Network 2.0: Select the subnet where the container is located, that is, the container subnet selected during cluster creation.
                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                              If there are multiple CIDR blocks, you can create multiple SNAT rules or customize a CIDR block as long as the CIDR block contains the container subnet (Cloud Native Network 2.0) or the node subnet.
                                                                                                                                                                                                                              
@@ -22,7 +22,7 @@
 
                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                              Parent topic: Network
                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                              Parent topic: Networking
                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                              
 
diff --git a/docs/cce/umn/cce_10_0402.html b/docs/cce/umn/cce_10_0402.html
index 53651e1f5..3bfee466a 100644
--- a/docs/cce/umn/cce_10_0402.html
+++ b/docs/cce/umn/cce_10_0402.html
@@ -1,10 +1,10 @@
 
 
 
                                                                                                                                                                                                                              Configuring hostNetwork for Pods
                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                              Scenario
                                                                                                                                                                                                                              Kubernetes allows pods to directly use the host/node network. When a pod is configured with hostNetwork: true, applications running in the pod can directly view the network interface of the host where the pod is located.
                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                              Configuration
                                                                                                                                                                                                                              Add hostNetwork: true to the pod definition.
                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                              apiVersion: apps/v1
+
                                                                                                                                                                                                                              Generally, containers in a pod use the network set up using Kubernetes network plugins. These plugins ensure network communications between pods. However, you may need to use the host (node) network of a pod. In this case, you can add hostNetwork: true to the pod definition.
                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                              Using the host network can reduce network forwarding overhead and improve network performance. However, there may be conflicts if the pod directly uses the host port. For details, see Precautions.
                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                              Configuration
                                                                                                                                                                                                                              Add hostNetwork: true to the pod definition.
                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                              1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                              2. Create the host-network.yaml file. The following shows an example:
                                                                                                                                                                                                                                apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: nginx
@@ -24,25 +24,31 @@ spec:
         name: nginx
       imagePullSecrets:
       - name: default-secret
                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                The configuration succeeds if the pod IP is the same as the node IP.
                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                $ kubectl get pod -owide
-NAME                    READY   STATUS    RESTARTS   AGE     IP          NODE        NOMINATED NODE   READINESS GATES
+
                                                                                                                                                                                                                              3. Create a pod that uses the host network.
                                                                                                                                                                                                                                kubectl apply -f host-network.yaml
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                              4. View the pod IP address. If the pod IP address is the same as the node IP address, the configuration succeeds.
                                                                                                                                                                                                                                kubectl get pod -owide
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Information similar to the following is displayed:
                                                                                                                                                                                                                                NAME                    READY   STATUS    RESTARTS   AGE     IP          NODE        NOMINATED NODE   READINESS GATES
 nginx-6fdf99c8b-6wwft   1/1     Running   0          3m41s   10.1.0.55   10.1.0.55   <none>           <none>
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                Precautions
                                                                                                                                                                                                                                When a pod uses a host network, it uses a host port and its IP address is the same as the host's IP address. Before using a host network, verify that the pod port does not conflict with any service port on the host. Use a host network only if a workload pod must access a specific host port.
                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                When using the host network, you access a pod on a node through a node port. Therefore, allow access from the security group port of the node. Otherwise, the access fails.
                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                In addition, using the host network requires you to reserve host ports for the pods. When using a Deployment to deploy hostNetwork pods, ensure that the number of pods does not exceed the number of nodes. Otherwise, multiple pods will be scheduled onto the node, and they will fail to start due to port conflicts. For example, in the preceding example nginx YAML, if two pods (setting replicas to 2) are deployed in a cluster with only one node, one pod cannot be created. The pod logs will show that the Nginx cannot be started because the port is occupied.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                              Precautions
                                                                                                                                                                                                                              When a pod uses a host network, it uses a host port, and its IP address is the same as the host IP address. Before using a host network, verify that the pod port does not conflict with any service port on the host. Use a host network only if a workload pod must access a specific host port.
                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                              When using the host network, you access a pod on a node through a node port. To ensure successful access, you need to configure the security group to allow traffic from and to the node port.
                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                              In addition, using the host network requires you to reserve host ports for the pods. When using a Deployment to deploy hostNetwork pods, ensure that the number of pods does not exceed the number of nodes. Otherwise, multiple pods will be scheduled onto the node, and they will fail to start due to port conflicts. For example, in the preceding example nginx YAML, if two pods (setting replicas to 2) are deployed in a cluster with only one node, one pod cannot be created. The pod logs will show that the Nginx cannot be started because the port is occupied.
                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                               
                                                                                                                                                                                                                              Do not schedule multiple pods that use the host network on the same node. Otherwise, when a ClusterIP Service is created to access a pod, the cluster IP address cannot be accessed.
                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                              $ kubectl get deploy
-NAME    READY   UP-TO-DATE   AVAILABLE   AGE
-nginx   1/2     2            1           67m
-$ kubectl get pod
-NAME                    READY   STATUS             RESTARTS   AGE
+
                                                                                                                                                                                                                              To locate the fault, take the following steps:
                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                              1. Check the workload status.
                                                                                                                                                                                                                                kubectl get deploy
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                If the following information is displayed, one pod cannot be started.
                                                                                                                                                                                                                                NAME    READY   UP-TO-DATE   AVAILABLE   AGE
+nginx   1/2     2            1           67m
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                              2. Check the pod status.
                                                                                                                                                                                                                                kubectl get pod
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                In the command output, the pod is in the CrashLoopBackOff state.
                                                                                                                                                                                                                                NAME                    READY   STATUS             RESTARTS   AGE
 nginx-6fdf99c8b-6wwft   1/1     Running            0          67m
-nginx-6fdf99c8b-rglm7   0/1     CrashLoopBackOff   13         44m
-$ kubectl logs nginx-6fdf99c8b-rglm7
-/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
+nginx-6fdf99c8b-rglm7   0/1     CrashLoopBackOff   13         44m
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                              3. View the pod log.
                                                                                                                                                                                                                                kubectl logs nginx-6fdf99c8b-rglm7
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                The log contains the information "bind() to 0.0.0.0:80 failed (98: Address in use)", indicating that the port is occupied.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                /docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
 /docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
 /docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
 10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf
@@ -72,6 +78,7 @@ nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address in use)
 nginx: [emerg] bind() to [::]:80 failed (98: Address in use)
 2022/05/11 07:18:11 [emerg] 1#1: still could not bind()
 nginx: [emerg] still could not bind()
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                              
diff --git a/docs/cce/umn/cce_10_0403.html b/docs/cce/umn/cce_10_0403.html
index 744d7563c..f3e103892 100644
--- a/docs/cce/umn/cce_10_0403.html
+++ b/docs/cce/umn/cce_10_0403.html
@@ -3,17 +3,17 @@
 
                                                                                                                                                                                                                              Changing a Cluster Scale
                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                              Scenario
                                                                                                                                                                                                                              A cluster scale specifies the maximum number of nodes a cluster can manage. If the current cluster scale cannot meet your requirements, you can scale it out.
                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                              Notes and Constraints
                                                                                                                                                                                                                              • A cluster that has only one master node supports fewer than 1000 worker nodes.
                                                                                                                                                                                                                              • The number of master nodes cannot be changed when you modify cluster specifications.
                                                                                                                                                                                                                              • A cluster can only be scaled out to a larger specification, but cannot be scaled in.
                                                                                                                                                                                                                              • To ensure proper cluster functionality, perform any specifications changes during off-peak hours. This is because master nodes will need to be powered off and on, which can interrupt normal operations.
                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                              Constraints
                                                                                                                                                                                                                              • A cluster that has only one master node supports fewer than 1,000 worker nodes.
                                                                                                                                                                                                                              • The number of master nodes cannot be changed when you change the cluster scale.
                                                                                                                                                                                                                              • A cluster can only be scaled out, but cannot be scaled in.
                                                                                                                                                                                                                              • During the cluster scale-out, master nodes are updated in rolling mode, and the cluster management function is restricted. To minimize the impact on services, you are advised to scale out the cluster during off-peak hours. Do not perform other operations (such as creating workloads) during this period.
                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                              Procedure
                                                                                                                                                                                                                              1. Log in to the CCE console. In the navigation pane, choose Clusters.
                                                                                                                                                                                                                              2. In the cluster list on the right, locate the target cluster. Click  and choose Modify Specifications from the drop-down list.
                                                                                                                                                                                                                              3. On the page displayed, select a new cluster scale.
                                                                                                                                                                                                                              4. Click Next to confirm the specifications and click OK.
                                                                                                                                                                                                                                You can click Operation Records in the upper right corner to view the cluster change history. The status changes from Executing to Successful, indicating that the cluster specifications are successfully changed.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Procedure
                                                                                                                                                                                                                                1. Log in to the CCE console. In the navigation pane, choose Clusters.
                                                                                                                                                                                                                                2. In the cluster list on the right, locate the target cluster. Click  and choose Modify Specifications from the drop-down list.
                                                                                                                                                                                                                                3. On the page displayed, select a new cluster scale.
                                                                                                                                                                                                                                4. Click Next to confirm the specifications and click OK. Scaling out a cluster is typically completed within 30 minutes. The exact duration varies based on the cluster scale.
                                                                                                                                                                                                                                  You can click Operation Records in the upper right corner to view the cluster change history. The status changes from Executing to Successful, indicating that the cluster scale has been changed.
                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                Documentation
                                                                                                                                                                                                                                When a cluster is scaled to 1000 nodes or more, some parameter values of the cluster are automatically adjusted to ensure optimal performance. For details, see Modifying Cluster Configurations.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Helpful Links
                                                                                                                                                                                                                                When a cluster is scaled to 1,000 nodes or more, some parameter values of the cluster are adjusted accordingly to ensure optimal performance. For details, see Modifying Cluster Configurations.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                Parent topic: Managing a Cluster
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Parent topic: Managing Clusters
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                
 
diff --git a/docs/cce/umn/cce_10_0404.html b/docs/cce/umn/cce_10_0404.html
new file mode 100644
index 000000000..55fcd6221
--- /dev/null
+++ b/docs/cce/umn/cce_10_0404.html
@@ -0,0 +1,145 @@
+
+
+
                                                                                                                                                                                                                                NodeLocal DNSCache
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Introduction
                                                                                                                                                                                                                                The NodeLocal DNSCache add-on (formerly node-local-dns) is developed based on the community NodeLocal DNSCache. This add-on functions as a DaemonSet to run the DNS cache proxy on each cluster node to improve cluster DNS performance.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Open-source community: https://github.com/kubernetes/dns
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                After NodeLocal DNSCache is enabled, a DNS query goes through the path as shown below.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Figure 1 NodeLocal DNSCache query path
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                The resolution lines are described as follows:
                                                                                                                                                                                                                                • 1. By default, the pods with DNSConfig injected use NodeLocal DNSCache to resolve requested domain names.
                                                                                                                                                                                                                                • 2. If NodeLocal DNSCache cannot resolve domain names, it will ask CoreDNS for resolution.
                                                                                                                                                                                                                                • 3. CoreDNS resolves domain names outside the cluster by using the DNS server in the VPC.
                                                                                                                                                                                                                                • 4. If a pod with DNSConfig injected cannot access NodeLocal DNSCache, CoreDNS will resolve the domain name.
                                                                                                                                                                                                                                • 5. By default, CoreDNS resolves domain names for the pods without DNSConfig injected.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Notes and Constraints
                                                                                                                                                                                                                                • This feature is available only to clusters of v1.19 or later.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Installing the Add-on
                                                                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                2. In the navigation pane, choose Add-ons. Locate NodeLocal DNSCache on the right and click Install.
                                                                                                                                                                                                                                3. On the Install Add-on page, configure the specifications as needed.
                                                                                                                                                                                                                                  • If you selected Preset, you can choose between Standalone or HA based on the cluster scale. The system will automatically set the number of add-on pods and resource quotas according to the preset specifications. You can see the configurations on the console.
                                                                                                                                                                                                                                    Standalone means that a DNSConfig admission controller is deployed on a single pod, which helps to reduce resource usage. HA means that DNSConfig admission controllers are deployed on two pods, which enhances the availability of the add-on.
                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                  • If you selected Custom, you can adjust the number of pods and resource quotas as needed. High availability is not possible with a single pod. If an error occurs on the node where the add-on instance runs, the add-on will fail.
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                4. Configure the add-on parameters.
                                                                                                                                                                                                                                  • DNSConfig: After this function is enabled, a DNSConfig admission controller will be created. The controller intercepts pod creation requests in the namespace labeled with node-local-dns-injection=enabled based on admission webhooks and automatically configures DNSConfig for pods. If this function is disabled or the pod belongs to a non-target namespace, you must manually configure DNSConfig for the pod.
                                                                                                                                                                                                                                    After automatic injection is enabled, you can customize the following configuration items for DNSConfig (supported when the add-on version is 1.6.7 or later):
                                                                                                                                                                                                                                     
                                                                                                                                                                                                                                    If DNSConfig has been configured in the pod when automatic injection is enabled, DNSConfig in the pod will be used first.
                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                    • (Optional) IP Address of DNS Server: IP address list of the DNS server obtained when the container resolves the domain name. NodeLocal DNSCache and CoreDNS IP addresses are added by default. You have the option to add an additional IP address, but duplicates will be removed.
                                                                                                                                                                                                                                    • (Optional) Search Domain: a search list for host-name lookup. When a domain name cannot be resolved, DNS queries will be attempted combining the domain name with each domain in the search list in turn until a match is found or all domains in the search list are tried. You can add up to three extra search domains, but any duplicates will be removed.
                                                                                                                                                                                                                                    • (Optional) ndots: specifies that if a domain name has fewer periods (.) than the specified value of ndots, it will be combined with the search domain list for DNS query. If the domain name still cannot be resolved, it will be used for DNS query. The system will perform a DNS query on a domain name if the number of periods (.) in it is greater than or equal to the value of ndots. If the domain name cannot be resolved, the system will sequentially combine it with the search domain list and then perform a DNS query.
                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                  • Target Namespace: This parameter is available after DNSConfig is enabled. Only NodeLocal DNSCache of v1.3.0 or later supports this function.
                                                                                                                                                                                                                                    • Enable All: CCE adds the node-local-dns-injection=enabled label to all created namespaces excluding built-in ones and the ones preset by some add-ons (such as kube-system, kube-public, kube-node-lease, istio-system, and monitoring), identifies namespace creation requests, and automatically adds the label to newly created namespaces.
                                                                                                                                                                                                                                      In add-ons of v1.6.77 or later, the node-local-dns-injection=enabled label cannot be manually deleted. You can set node-local-dns-injection to disabled to disable automatic injection in a namespace.
                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                    • Manual Configure: You must manually add the node-local-dns-injection=enabled label to the namespaces requiring the injection of DNSConfig. For details, see Managing Namespace Labels.
                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                5. Configure deployment policies for the add-on pods.
                                                                                                                                                                                                                                   
                                                                                                                                                                                                                                  • Scheduling policies do not take effect on add-on pods of the DaemonSet type.
                                                                                                                                                                                                                                  • When configuring multi-AZ deployment or node affinity, ensure that there are nodes meeting the scheduling policy and that resources are sufficient in the cluster. Otherwise, the add-on cannot run.
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  
+
+
                                                                                                                                                                                                                                  
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                  Table 1 Configurations for add-on scheduling
                                                                                                                                                                                                                                  Parameter
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  Description
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  Multi-AZ Deployment
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  • Preferred: Deployment pods of the add-on will be preferentially scheduled to nodes in different AZs. If all the nodes in the cluster are deployed in the same AZ, the pods will be scheduled to different nodes in that AZ.
                                                                                                                                                                                                                                  • Equivalent mode: Deployment pods of the add-on are evenly scheduled to the nodes in the cluster in each AZ. If a new AZ is added, you are advised to increase add-on pods for cross-AZ HA deployment. With the Equivalent multi-AZ deployment, the difference between the number of add-on pods in different AZs will be less than or equal to 1. If resources in one of the AZs are insufficient, pods cannot be scheduled to that AZ.
                                                                                                                                                                                                                                  • Forcible: Deployment pods of the add-on are forcibly scheduled to nodes in different AZs. There can be at most one pod in each AZ. If nodes in a cluster are not in different AZs, some add-on pods cannot run properly. If a node is faulty, add-on pods on it may fail to be migrated.
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  Node Affinity
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  • Not configured: Node affinity is disabled for the add-on.
                                                                                                                                                                                                                                  • Specify node: Specify the nodes where the add-on is deployed. If you do not specify the nodes, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                                                                                                                                                                  • Specify node pool: Specify the node pool where the add-on is deployed. If you do not specify the node pools, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                                                                                                                                                                  • Customize affinity: Enter the labels of the nodes where the add-on is to be deployed for more flexible scheduling policies. If you do not specify node labels, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                                                                                                                                                                    If multiple custom affinity policies are configured, ensure that there are nodes that meet all the affinity policies in the cluster. Otherwise, the add-on cannot run.
                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  Toleration
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  Using both taints and tolerations allows (not forcibly) the add-on Deployment to be scheduled to a node with the matching taints, and controls the Deployment eviction policies after the node where the Deployment is located is tainted.
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  The add-on adds the default tolerance policy for the node.kubernetes.io/not-ready and node.kubernetes.io/unreachable taints, respectively. The tolerance time window is 60s.
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  For details, see Configuring Tolerance Policies.
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                6. Click Install.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Components
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                Table 2 Add-on components
                                                                                                                                                                                                                                Component
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Description
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Resource Type
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                node-local-dns-admission-controller
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Automatic DNSConfig injecting
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Deployment
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                node-local-dns-cache
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                DNS cache proxy on nodes to improve the DNS performance of the cluster
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                DaemonSet
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Using NodeLocal DNSCache
                                                                                                                                                                                                                                By default, application requests are sent through the CoreDNS proxy. To use NodeLocal DNSCache as the DNS cache proxy, use any of the following methods: (For details, see Using NodeLocal DNSCache.)
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • Auto injection: Automatically configure the dnsConfig field of the pod when creating the pod. (This function is not available for pods in system namespaces such as kube-system.)
                                                                                                                                                                                                                                • Manual configuration: Manually configure the dnsConfig field of the pod.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Changing the Default Health Check Port of the Add-on
                                                                                                                                                                                                                                NodeLocal DNSCache defaults to using port 8080 on the host node, but this can cause conflicts with other services sharing the same port. This section describes how to change the default NodeLocal DNSCache port.
                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                You can change the default port of the NodeLocal DNSCache add-on of 1.6.66 or later.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                2. Choose Add-ons in the navigation pane, find the NodeLocal DNSCache add-on on the right, and click Install. If this add-on has been installed in the cluster, click Edit.
                                                                                                                                                                                                                                3. On the displayed page, configure parameters and click Installation Using YAML in the upper part of the page. If this add-on has been installed in the cluster, click Edit YAML.
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                   
                                                                                                                                                                                                                                  To simplify configuration, configure other parameters on the console, and then change the port number in the YAML file. For more information about other parameters, see NodeLocal DNSCache.
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                4. Configure both parameters to the specified port number, ensuring they have the same value.
                                                                                                                                                                                                                                  1. Search for the healthPort parameter and change its value to a specified port number, for example, 8081.
                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                  2. Search for the cluster.local parameter and change the value of port in the array to the specified port number, for example, 8081.
                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                5. Click OK.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Uninstalling the Add-on
                                                                                                                                                                                                                                Uninstalling the add-on will affect the pods that have used the node-local-dns address for domain name resolution. Before uninstalling the add-on, delete the node-local-dns-injection=enabled label from the involved namespaces, and delete and recreate the pods with the node-local-dns-webhook.k8s.io/status: injected label.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                1. Check the add-on.
                                                                                                                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                  2. In the navigation pane, choose Add-ons. Locate NodeLocal DNSCache on the right and click Edit.
                                                                                                                                                                                                                                  3. In the Parameters area, check whether DNSConfig is enabled.
                                                                                                                                                                                                                                    If DNSConfig has been enabled:
                                                                                                                                                                                                                                    1. In the navigation pane, choose Namespaces.
                                                                                                                                                                                                                                    2. Locate the rows that contain the namespaces with the node-local-dns-injection=enabled label and delete the label. For details, see Managing Namespace Labels.
                                                                                                                                                                                                                                    3. Delete the pods in these namespaces and recreate pods.
                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                    If DNSConfig has not been enabled:
                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                    1. Use kubectl to access the cluster.
                                                                                                                                                                                                                                    2. Check the pods with DNSConfig manually injected. If multiple namespaces are involved, check all the pods in these namespaces.
                                                                                                                                                                                                                                      For example, to check pods in the default namespace, run the following command:
                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                      kubectl get pod -n default -o yaml
                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                    3. Manually remove DNSConfig and recreate pods.
                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                2. Uninstall the add-on.
                                                                                                                                                                                                                                  1. In the navigation pane, choose Add-ons. Locate NodeLocal DNSCache on the right and click Uninstall.
                                                                                                                                                                                                                                  2. In the displayed dialog box, click Yes.
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Helpful Links
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Release History
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                Table 3 NodeLocal DNSCache add-on
                                                                                                                                                                                                                                Add-on Version
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Supported Cluster Version
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                New Feature
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Community Version
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                1.6.80
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.25
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.27
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.28
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.29
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.30
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.31
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.32
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                CCE clusters v1.32 are supported.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                1.22.20
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Parent topic: Container Network Add-ons
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
+
diff --git a/docs/cce/umn/cce_10_0405.html b/docs/cce/umn/cce_10_0405.html
index 67807fe6b..771076b77 100644
--- a/docs/cce/umn/cce_10_0405.html
+++ b/docs/cce/umn/cce_10_0405.html
@@ -1,40 +1,93 @@
 
 
 
                                                                                                                                                                                                                                Patch Version Release Notes
                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                Version 1.31
                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                Table 1 Release notes for the v1.31 patch
                                                                                                                                                                                                                                CCE Cluster Patch Version
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Version 1.32
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
                                                                                                                                                                                                                                Table 1 Release notes for the v1.32 patch
                                                                                                                                                                                                                                CCE Cluster Patch Version
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Kubernetes Version
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Kubernetes Version
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Feature Updates
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Feature Updates
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Optimization
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Optimization
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Vulnerability Fixing
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Vulnerability Fixing
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.31.4-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.32.5-r0
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.31.4
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.32.5
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • Nodes added during a node pool scale-out can be automatically bound with EIPs.
                                                                                                                                                                                                                                • LoadBalancer ingresses allow you to specify backend server groups for forwarding.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                AK/SK automatic updates are supported for OBS buckets.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.31.1-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.32.1-r0
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.31.1
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.32.1
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                CCE clusters of v1.31 are released for the first time. For more information, see Kubernetes 1.31 Release Notes.
                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                • LoadBalancer ingresses support more advanced forwarding actions and return fixed responses.
                                                                                                                                                                                                                                • DataPlane V2 is available for newly created CCE standard and Turbo clusters that use VPC networks. After DataPlane V2 is enabled, you can configure network policies for these clusters.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                CCE clusters of v1.32 are released for the first time. For more information, see Kubernetes 1.32 Release Notes.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • Service pod scheduling can be deferred until node post-installation scripts complete.
                                                                                                                                                                                                                                • DataPlane V2 is available for newly created CCE clusters that use the VPC networks. After DataPlane V2 is enabled, you can configure network policies for these clusters.
                                                                                                                                                                                                                                • AK/SK credentials for parallel file systems of OBS can be automatically updated.
                                                                                                                                                                                                                                • During the creation of a LoadBalancer Service, you can configure specific IP addresses for the ELB backend.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • AppArmor can be used to restrict container access to resources.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • During a cluster upgrade, you can scale out the nodes in the cluster.
                                                                                                                                                                                                                                • You can choose multiple blocklists or trustlists to manage access to a LoadBalancer ingress.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • Streaming encoding is supported, significantly reducing memory pressure on control plane nodes caused by LIST requests.
                                                                                                                                                                                                                                • The cce-pause container image can be protected against accidental deletion.
                                                                                                                                                                                                                                • The system labels used by the NodeLocal DNSCache add-on can be protected against accidental deletion.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Version 1.31
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
@@ -42,61 +95,72 @@
 
                                                                                                                                                                                                                                Version 1.30
                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                Table 2 Release notes for the v1.31 patch
                                                                                                                                                                                                                                CCE Cluster Patch Version
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Kubernetes Version
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Feature Updates
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Optimization
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Vulnerability Fixing
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.31.6-r10
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.31.6
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                AK/SK automatic updates are supported for OBS buckets.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.31.4-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.31.4
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • Nodes added during a node pool scale-out can be automatically bound with EIPs.
                                                                                                                                                                                                                                • ELB ingresses allow you to specify backend server groups for forwarding.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.31.1-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.31.1
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                CCE clusters of v1.31 are released for the first time. For more information, see Kubernetes 1.31 Release Notes.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • LoadBalancer ingresses support more advanced forwarding actions and return fixed responses.
                                                                                                                                                                                                                                • DataPlane V2 is available for CCE Turbo clusters. After DataPlane V2 is enabled, you can configure network policies for these clusters.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • During a cluster upgrade, you can scale out the nodes in the cluster.
                                                                                                                                                                                                                                • You can choose multiple blocklists or trustlists to manage access to a LoadBalancer ingress.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 
 
 
                                                                                                                                                                                                                                Table 2 Release notes for the v1.30 patch
                                                                                                                                                                                                                                CCE Cluster Patch Version
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
-
-
@@ -104,60 +168,71 @@
 
                                                                                                                                                                                                                                Version 1.29
                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                Table 3 Release notes for the v1.30 patch
                                                                                                                                                                                                                                CCE Cluster Patch Version
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Kubernetes Version
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Kubernetes Version
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Feature Updates
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Feature Updates
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Optimization
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Optimization
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Vulnerability Fixing
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Vulnerability Fixing
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.30.6-r10
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.30.10-r10
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.30.6
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.30.10
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • Nodes added during a node pool scale-out can be automatically bound with EIPs.
                                                                                                                                                                                                                                • LoadBalancer ingresses allow you to specify backend server groups for forwarding.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                AK/SK automatic updates are supported for OBS buckets.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.30.4-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.30.6-r10
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.30.4
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.30.6
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • LoadBalancer ingresses can forward requests based on parameters such as HTTP request methods, HTTP request headers, query strings, CIDR blocks, and cookies.
                                                                                                                                                                                                                                • LoadBalancer ingresses support cross-origin access.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • Nodes added during a node pool scale-out can be automatically bound with EIPs.
                                                                                                                                                                                                                                • ELB ingresses allow you to specify backend server groups for forwarding.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • You can change a node password when updating its node pool.
                                                                                                                                                                                                                                • A node can be attached with no data disks.
                                                                                                                                                                                                                                • When updating a LoadBalancer ingress, you can modify the configuration of redirecting HTTP requests to HTTPS requests.
                                                                                                                                                                                                                                • The default image address can be customized for Docker node pools.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.30.1-r2
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.30.4-r0
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.30.2
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.30.4
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • LoadBalancer ingresses can forward requests based on parameters such as HTTP request methods, HTTP request headers, query strings, CIDR blocks, and cookies.
                                                                                                                                                                                                                                • LoadBalancer ingresses support cross-origin access.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Enhanced system stability.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • You can change a node password when updating its node pool.
                                                                                                                                                                                                                                • A node can be attached with no data disks.
                                                                                                                                                                                                                                • When updating a LoadBalancer ingress, you can modify the configuration of redirecting HTTP requests to HTTPS requests.
                                                                                                                                                                                                                                • The default image address can be customized for Docker node pools.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.30.1-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.30.1-r2
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.30.2
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.30.2
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                CCE clusters of v1.30 are released for the first time. For more information, see Kubernetes 1.30 Release Notes.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Enhanced system stability.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.30.1-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.30.2
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                CCE clusters of v1.30 are released for the first time. For more information, see Kubernetes 1.30 Release Notes.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • When deleting a cluster, CCE enables you to select which log groups to delete.
                                                                                                                                                                                                                                • When a node is created using a private image, the image password can be retained.
                                                                                                                                                                                                                                • CCE supports GPU rendering.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                CCE can handle ELB listeners on all ports.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                CCE can handle ELB listeners on all ports.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 
 
 
                                                                                                                                                                                                                                Table 3 Release notes for the v1.29 patch
                                                                                                                                                                                                                                CCE Cluster Patch Version
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
@@ -165,95 +240,106 @@
 
                                                                                                                                                                                                                                Version 1.28
                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                Table 4 Release notes for the v1.29 patch
                                                                                                                                                                                                                                CCE Cluster Patch Version
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Kubernetes Version
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Kubernetes Version
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Feature Updates
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Feature Updates
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Optimization
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Optimization
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Vulnerability Fixing
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Vulnerability Fixing
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.29.10-r10
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.29.13-r10
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.29.10
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.29.13
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • Nodes added during a node pool scale-out can be automatically bound with EIPs.
                                                                                                                                                                                                                                • LoadBalancer ingresses allow you to specify backend server groups for forwarding.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                AK/SK automatic updates are supported for OBS buckets.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.29.8-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.29.10-r10
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.29.8
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.29.10
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • LoadBalancer ingresses can forward requests based on parameters such as HTTP request methods, HTTP request headers, query strings, CIDR blocks, and cookies.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • Nodes added during a node pool scale-out can be automatically bound with EIPs.
                                                                                                                                                                                                                                • ELB ingresses allow you to specify backend server groups for forwarding.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • You can change a node password when updating its node pool.
                                                                                                                                                                                                                                • A node can be attached with no data disks.
                                                                                                                                                                                                                                • When updating a LoadBalancer ingress, you can modify the configuration of redirecting HTTP requests to HTTPS requests.
                                                                                                                                                                                                                                • The default image address can be customized for Docker node pools.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.29.2-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.29.8-r0
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.29.3
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.29.8
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • CCE ingresses support traffic distribution based on custom HTTP headers.
                                                                                                                                                                                                                                • Scaling priority policies can be configured for third-party workloads.
                                                                                                                                                                                                                                • You can configure a security group for a pod using annotations. This feature is only available for CCE Turbo clusters.
                                                                                                                                                                                                                                • You can bind an existing EIP to a pod. This feature is only available for CCE Turbo clusters.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • LoadBalancer ingresses can forward requests based on parameters such as HTTP request methods, HTTP request headers, query strings, CIDR blocks, and cookies.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • An in-progress node drainage can be canceled.
                                                                                                                                                                                                                                • When updating a node pool, you can change its agency name, prefix, and suffix.
                                                                                                                                                                                                                                • Kubernetes labels and taints of a node are retained after the node is reset.
                                                                                                                                                                                                                                • Both the Kubernetes service account token volume projection and the load scaling controller can be configured.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • You can change a node password when updating its node pool.
                                                                                                                                                                                                                                • A node can be attached with no data disks.
                                                                                                                                                                                                                                • When updating a LoadBalancer ingress, you can modify the configuration of redirecting HTTP requests to HTTPS requests.
                                                                                                                                                                                                                                • The default image address can be customized for Docker node pools.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.29.1-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.29.2-r0
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.29.1
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.29.3
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                CCE clusters of v1.29 are released for the first time. For more information, see Kubernetes 1.29 Release Notes.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • CCE ingresses support traffic distribution based on custom HTTP headers.
                                                                                                                                                                                                                                • Scaling priority policies can be configured for third-party workloads.
                                                                                                                                                                                                                                • You can configure a security group for a pod using annotations. This feature is only available for CCE Turbo clusters.
                                                                                                                                                                                                                                • You can bind an existing EIP to a pod. This feature is only available for CCE Turbo clusters.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • An in-progress node drainage can be canceled.
                                                                                                                                                                                                                                • When updating a node pool, you can change its agency name, prefix, and suffix.
                                                                                                                                                                                                                                • Kubernetes labels and taints of a node are retained after the node is reset.
                                                                                                                                                                                                                                • Both the Kubernetes service account token volume projection and the load scaling controller can be configured.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.29.1-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.29.1
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                CCE clusters of v1.29 are released for the first time. For more information, see Kubernetes 1.29 Release Notes.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 
 
 
                                                                                                                                                                                                                                Table 4 Release notes for the v1.28 patch
                                                                                                                                                                                                                                CCE Cluster Patch Version
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@@ -261,106 +347,117 @@
 
                                                                                                                                                                                                                                Version 1.27
                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                Table 5 Release notes for the v1.28 patch
                                                                                                                                                                                                                                CCE Cluster Patch Version
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Kubernetes Version
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Kubernetes Version
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Feature Updates
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Feature Updates
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Optimization
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Optimization
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Vulnerability Fixing
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Vulnerability Fixing
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.28.15-r10
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.28.15-r30
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.28.15
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.28.15
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • Nodes added during a node pool scale-out can be automatically bound with EIPs.
                                                                                                                                                                                                                                • LoadBalancer ingresses allow you to specify backend server groups for forwarding.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                AK/SK automatic updates are supported for OBS buckets.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.28.13-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.28.15-r10
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.28.13
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.28.15
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • LoadBalancer ingresses can forward requests based on parameters such as HTTP request methods, HTTP request headers, query strings, CIDR blocks, and cookies.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • Nodes added during a node pool scale-out can be automatically bound with EIPs.
                                                                                                                                                                                                                                • ELB ingresses allow you to specify backend server groups for forwarding.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • You can change a node password when updating its node pool.
                                                                                                                                                                                                                                • A node can be attached with no data disks.
                                                                                                                                                                                                                                • When updating a LoadBalancer ingress, you can modify the configuration of redirecting HTTP requests to HTTPS requests.
                                                                                                                                                                                                                                • The default image address can be customized for Docker node pools.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.28.6-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.28.13-r0
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.28.8
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.28.13
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • CCE ingresses support traffic distribution based on custom HTTP headers.
                                                                                                                                                                                                                                • Scaling priority policies can be configured for third-party workloads.
                                                                                                                                                                                                                                • You can configure a security group for a pod using annotations. This feature is only available for CCE Turbo clusters.
                                                                                                                                                                                                                                • You can bind an existing EIP to a pod. This feature is only available for CCE Turbo clusters.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • LoadBalancer ingresses can forward requests based on parameters such as HTTP request methods, HTTP request headers, query strings, CIDR blocks, and cookies.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • An in-progress node drainage can be canceled.
                                                                                                                                                                                                                                • When updating a node pool, you can change its agency name, prefix, and suffix.
                                                                                                                                                                                                                                • Kubernetes labels and taints of a node are retained after the node is reset.
                                                                                                                                                                                                                                • Both the Kubernetes service account token volume projection and the load scaling controller can be configured.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • You can change a node password when updating its node pool.
                                                                                                                                                                                                                                • A node can be attached with no data disks.
                                                                                                                                                                                                                                • When updating a LoadBalancer ingress, you can modify the configuration of redirecting HTTP requests to HTTPS requests.
                                                                                                                                                                                                                                • The default image address can be customized for Docker node pools.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.28.3-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.28.6-r0
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.28.3
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.28.8
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                LoadBalancer Services and ingresses allow you to:
                                                                                                                                                                                                                                • Configure SNI.
                                                                                                                                                                                                                                • Enable HTTP/2.
                                                                                                                                                                                                                                • Configure idle timeout, request timeout, and response timeout.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • CCE ingresses support traffic distribution based on custom HTTP headers.
                                                                                                                                                                                                                                • Scaling priority policies can be configured for third-party workloads.
                                                                                                                                                                                                                                • You can configure a security group for a pod using annotations. This feature is only available for CCE Turbo clusters.
                                                                                                                                                                                                                                • You can bind an existing EIP to a pod. This feature is only available for CCE Turbo clusters.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • An in-progress node drainage can be canceled.
                                                                                                                                                                                                                                • When updating a node pool, you can change its agency name, prefix, and suffix.
                                                                                                                                                                                                                                • Kubernetes labels and taints of a node are retained after the node is reset.
                                                                                                                                                                                                                                • Both the Kubernetes service account token volume projection and the load scaling controller can be configured.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.28.3-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.28.3
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                LoadBalancer Services and ingresses allow you to:
                                                                                                                                                                                                                                • Configure SNI.
                                                                                                                                                                                                                                • Enable HTTP/2.
                                                                                                                                                                                                                                • Configure idle timeout, request timeout, and response timeout.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.28.2-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.28.2-r0
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.28.3
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.28.3
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • You can configure an ELB blocklist/trustlist for access control when creating a Service or ingress.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • You can configure an ELB blocklist/trustlist for access control when creating a Service or ingress.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.28.1-r4
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.28.1-r4
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.28.3
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.28.3
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed CVE-2024-21626 issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed CVE-2024-21626 issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.28.1-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.28.1-r0
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.28.3
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.28.3
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                CCE clusters of v1.28 are released for the first time. For more information, see Kubernetes 1.28 Release Notes.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                CCE clusters of v1.28 are released for the first time. For more information, see Kubernetes 1.28 Release Notes.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • The prefix and suffix of a node name can be customized in node pools.
                                                                                                                                                                                                                                • In CCE Turbo clusters, you can create container networks for workloads and specify pod subnets.
                                                                                                                                                                                                                                • LoadBalancer ingresses support gRPC.
                                                                                                                                                                                                                                • LoadBalancer Services allow you to specify a private IP address for a load balancer during Service creation using YAML.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • Accelerated the startup speed for creating a large number of secure containers in a CCE Turbo cluster.
                                                                                                                                                                                                                                • Improved the stability when secure containers are repeatedly created or deleted in a CCE Turbo cluster.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • Accelerated the startup speed for creating a large number of secure containers in a CCE Turbo cluster.
                                                                                                                                                                                                                                • Improved the stability when secure containers are repeatedly created or deleted in a CCE Turbo cluster.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 
 
 
                                                                                                                                                                                                                                Table 5 Release notes for the v1.27 patch
                                                                                                                                                                                                                                CCE Cluster Patch Version
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@@ -370,138 +467,149 @@
 
                                                                                                                                                                                                                                Version 1.25
                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                In CCE clusters of v1.25, containerd is the default runtime for nodes, except for nodes running EulerOS 2.5. In addition, clusters of v1.25 or later no longer support EulerOS 2.5.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                
 
-
                                                                                                                                                                                                                                Table 6 Release notes for the v1.27 patch
                                                                                                                                                                                                                                CCE Cluster Patch Version
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Kubernetes Version
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Kubernetes Version
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Feature Updates
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Feature Updates
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Optimization
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Optimization
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Vulnerability Fixing
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Vulnerability Fixing
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.27.16-r20
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.27.16-r40
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.27.16
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.27.16
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • Nodes added during a node pool scale-out can be automatically bound with EIPs.
                                                                                                                                                                                                                                • LoadBalancer ingresses allow you to specify backend server groups for forwarding.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                AK/SK automatic updates are supported for OBS buckets.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.27.16-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.27.16-r20
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.27.16
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.27.16
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • LoadBalancer ingresses can forward requests based on parameters such as HTTP request methods, HTTP request headers, query strings, CIDR blocks, and cookies.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • Nodes added during a node pool scale-out can be automatically bound with EIPs.
                                                                                                                                                                                                                                • ELB ingresses allow you to specify backend server groups for forwarding.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • You can change a node password when updating its node pool.
                                                                                                                                                                                                                                • A node can be attached with no data disks.
                                                                                                                                                                                                                                • When updating a LoadBalancer ingress, you can modify the configuration of redirecting HTTP requests to HTTPS requests.
                                                                                                                                                                                                                                • The default image address can be customized for Docker node pools.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.27.8-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.27.16-r0
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.27.12
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.27.16
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • CCE ingresses support traffic distribution based on custom HTTP headers.
                                                                                                                                                                                                                                • Scaling priority policies can be configured for third-party workloads.
                                                                                                                                                                                                                                • You can configure a security group for a pod using annotations. This feature is only available for CCE Turbo clusters.
                                                                                                                                                                                                                                • You can bind an existing EIP to a pod. This feature is only available for CCE Turbo clusters.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • LoadBalancer ingresses can forward requests based on parameters such as HTTP request methods, HTTP request headers, query strings, CIDR blocks, and cookies.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • An in-progress node drainage can be canceled.
                                                                                                                                                                                                                                • When updating a node pool, you can change its agency name, prefix, and suffix.
                                                                                                                                                                                                                                • Kubernetes labels and taints of a node are retained after the node is reset.
                                                                                                                                                                                                                                • Both the Kubernetes service account token volume projection and the load scaling controller can be configured.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • You can change a node password when updating its node pool.
                                                                                                                                                                                                                                • A node can be attached with no data disks.
                                                                                                                                                                                                                                • When updating a LoadBalancer ingress, you can modify the configuration of redirecting HTTP requests to HTTPS requests.
                                                                                                                                                                                                                                • The default image address can be customized for Docker node pools.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.27.5-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.27.8-r0
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.27.4
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.27.12
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                LoadBalancer Services and ingresses allow you to:
                                                                                                                                                                                                                                • Configure SNI.
                                                                                                                                                                                                                                • Enable HTTP/2.
                                                                                                                                                                                                                                • Configure idle timeout, request timeout, and response timeout.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • CCE ingresses support traffic distribution based on custom HTTP headers.
                                                                                                                                                                                                                                • Scaling priority policies can be configured for third-party workloads.
                                                                                                                                                                                                                                • You can configure a security group for a pod using annotations. This feature is only available for CCE Turbo clusters.
                                                                                                                                                                                                                                • You can bind an existing EIP to a pod. This feature is only available for CCE Turbo clusters.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • An in-progress node drainage can be canceled.
                                                                                                                                                                                                                                • When updating a node pool, you can change its agency name, prefix, and suffix.
                                                                                                                                                                                                                                • Kubernetes labels and taints of a node are retained after the node is reset.
                                                                                                                                                                                                                                • Both the Kubernetes service account token volume projection and the load scaling controller can be configured.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.27.5-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.27.4
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                LoadBalancer Services and ingresses allow you to:
                                                                                                                                                                                                                                • Configure SNI.
                                                                                                                                                                                                                                • Enable HTTP/2.
                                                                                                                                                                                                                                • Configure idle timeout, request timeout, and response timeout.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.27.3-r4
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.27.3-r4
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.27.4
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.27.4
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed CVE-2024-21626 issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed CVE-2024-21626 issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.27.2-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.27.2-r0
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.27.2
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.27.2
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • Volcano supports node pool affinity scheduling. 
                                                                                                                                                                                                                                • Volcano supports workload rescheduling. 
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • Volcano supports node pool affinity scheduling. 
                                                                                                                                                                                                                                • Volcano supports workload rescheduling. 
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.27.1-r10
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.27.1-r10
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.27.2
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.27.2
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Optimized the events generated during node pool scaling.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Optimized the events generated during node pool scaling.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.27.1-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.27.1-r0
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.27.2
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.27.2
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                CCE clusters of v1.27 are released for the first time. For more information, see Kubernetes 1.27 Release Notes.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                CCE clusters of v1.27 are released for the first time. For more information, see Kubernetes 1.27 Release Notes.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • Both soft eviction and hard eviction are supported in node pool configurations.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Table 6 Release notes for the v1.25 patch
                                                                                                                                                                                                                                CCE Cluster Patch Version
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@@ -509,150 +617,150 @@
 
                                                                                                                                                                                                                                Version 1.23
                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                Table 7 Release notes for the v1.25 patch
                                                                                                                                                                                                                                CCE Cluster Patch Version
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Kubernetes Version
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Kubernetes Version
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Feature Updates
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Feature Updates
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Optimization
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Optimization
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Vulnerability Fixing
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Vulnerability Fixing
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.25.16-r20
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.25.16-r40
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.25.16
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.25.16
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • Nodes added during a node pool scale-out can be automatically bound with EIPs.
                                                                                                                                                                                                                                • LoadBalancer ingresses allow you to specify backend server groups for forwarding.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                AK/SK automatic updates are supported for OBS buckets.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.25.16-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.25.16-r20
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.25.16
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.25.16
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • LoadBalancer ingresses can forward requests based on parameters such as HTTP request methods, HTTP request headers, query strings, CIDR blocks, and cookies.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • Nodes added during a node pool scale-out can be automatically bound with EIPs.
                                                                                                                                                                                                                                • ELB ingresses allow you to specify backend server groups for forwarding.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • You can change a node password when updating its node pool.
                                                                                                                                                                                                                                • A node can be attached with no data disks.
                                                                                                                                                                                                                                • When updating a LoadBalancer ingress, you can modify the configuration of redirecting HTTP requests to HTTPS requests.
                                                                                                                                                                                                                                • The default image address can be customized for Docker node pools.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.25.11-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.25.16-r0
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.25.16
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.25.16
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • CCE ingresses support traffic distribution based on custom HTTP headers.
                                                                                                                                                                                                                                • Scaling priority policies can be configured for third-party workloads.
                                                                                                                                                                                                                                • You can configure a security group for a pod using annotations. This feature is only available for CCE Turbo clusters.
                                                                                                                                                                                                                                • You can bind an existing EIP to a pod. This feature is only available for CCE Turbo clusters.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • LoadBalancer ingresses can forward requests based on parameters such as HTTP request methods, HTTP request headers, query strings, CIDR blocks, and cookies.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • An in-progress node drainage can be canceled.
                                                                                                                                                                                                                                • When updating a node pool, you can change its agency name, prefix, and suffix.
                                                                                                                                                                                                                                • Kubernetes labels and taints of a node are retained after the node is reset.
                                                                                                                                                                                                                                • Both the Kubernetes service account token volume projection and the load scaling controller can be configured.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • You can change a node password when updating its node pool.
                                                                                                                                                                                                                                • A node can be attached with no data disks.
                                                                                                                                                                                                                                • When updating a LoadBalancer ingress, you can modify the configuration of redirecting HTTP requests to HTTPS requests.
                                                                                                                                                                                                                                • The default image address can be customized for Docker node pools.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.25.8-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.25.11-r0
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.25.10
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.25.16
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                LoadBalancer Services and ingresses allow you to:
                                                                                                                                                                                                                                • Configure SNI.
                                                                                                                                                                                                                                • Enable HTTP/2.
                                                                                                                                                                                                                                • Configure idle timeout, request timeout, and response timeout.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • CCE ingresses support traffic distribution based on custom HTTP headers.
                                                                                                                                                                                                                                • Scaling priority policies can be configured for third-party workloads.
                                                                                                                                                                                                                                • You can configure a security group for a pod using annotations. This feature is only available for CCE Turbo clusters.
                                                                                                                                                                                                                                • You can bind an existing EIP to a pod. This feature is only available for CCE Turbo clusters.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • An in-progress node drainage can be canceled.
                                                                                                                                                                                                                                • When updating a node pool, you can change its agency name, prefix, and suffix.
                                                                                                                                                                                                                                • Kubernetes labels and taints of a node are retained after the node is reset.
                                                                                                                                                                                                                                • Both the Kubernetes service account token volume projection and the load scaling controller can be configured.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.25.8-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.25.10
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                LoadBalancer Services and ingresses allow you to:
                                                                                                                                                                                                                                • Configure SNI.
                                                                                                                                                                                                                                • Enable HTTP/2.
                                                                                                                                                                                                                                • Configure idle timeout, request timeout, and response timeout.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.25.6-r4
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.25.6-r4
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.25.10
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.25.10
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed CVE-2024-21626 issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed CVE-2024-21626 issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.25.5-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.25.5-r0
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.25.5
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.25.5
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • Volcano supports node pool affinity scheduling. 
                                                                                                                                                                                                                                • Volcano supports workload rescheduling. 
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • Volcano supports node pool affinity scheduling. 
                                                                                                                                                                                                                                • Volcano supports workload rescheduling. 
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.25.4-r10
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.25.4-r10
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.25.5
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.25.5
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Optimized the events generated during node pool scaling.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Optimized the events generated during node pool scaling.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.25.4-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.25.4-r0
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.25.5
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.25.5
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • Both soft eviction and hard eviction are supported in node pool configurations.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • Both soft eviction and hard eviction are supported in node pool configurations.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.25.3-r10
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.25.3-r10
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.25.5
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.25.5
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                The timeout interval can be configured for a load balancer. 
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                The timeout interval can be configured for a load balancer. 
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                High-frequency parameters of kube-apiserver are configurable.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                High-frequency parameters of kube-apiserver are configurable.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.25.3-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.25.3-r0
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.25.5
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.25.5
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Enhanced network stability of CCE Turbo clusters when their specifications are modified.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Enhanced network stability of CCE Turbo clusters when their specifications are modified.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.25.1-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.25.1-r0
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.25.5
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.25.5
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                CCE clusters of v1.25 are released for the first time. For more information, see Kubernetes 1.25 Release Notes.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                CCE clusters of v1.25 are released for the first time. For more information, see Kubernetes 1.25 Release Notes.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 
 
 
                                                                                                                                                                                                                                Table 7 Release notes for the v1.23 patch
                                                                                                                                                                                                                                CCE Cluster Patch Version
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@@ -660,116 +768,116 @@
 
                                                                                                                                                                                                                                Version 1.21
                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                Table 8 Release notes for the v1.23 patch
                                                                                                                                                                                                                                CCE Cluster Patch Version
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Kubernetes Version
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Kubernetes Version
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Feature Updates
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Feature Updates
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Optimization
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Optimization
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Vulnerability Fixing
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Vulnerability Fixing
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.23.18-r16
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.23.18-r16
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.23.18
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.23.18
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.23.18-r10
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.23.18-r10
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.23.18
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.23.18
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • LoadBalancer ingresses can forward requests based on parameters such as HTTP request methods, HTTP request headers, query strings, CIDR blocks, and cookies.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • LoadBalancer ingresses can forward requests based on parameters such as HTTP request methods, HTTP request headers, query strings, CIDR blocks, and cookies.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • You can change a node password when updating its node pool.
                                                                                                                                                                                                                                • A node can be attached with no data disks.
                                                                                                                                                                                                                                • When updating a LoadBalancer ingress, you can modify the configuration of redirecting HTTP requests to HTTPS requests.
                                                                                                                                                                                                                                • The default image address can be customized for Docker node pools.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • You can change a node password when updating its node pool.
                                                                                                                                                                                                                                • A node can be attached with no data disks.
                                                                                                                                                                                                                                • When updating a LoadBalancer ingress, you can modify the configuration of redirecting HTTP requests to HTTPS requests.
                                                                                                                                                                                                                                • The default image address can be customized for Docker node pools.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.23.16-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.23.16-r0
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.23.17
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.23.17
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • CCE ingresses support traffic distribution based on custom HTTP headers.
                                                                                                                                                                                                                                • Scaling priority policies can be configured for third-party workloads.
                                                                                                                                                                                                                                • You can configure a security group for a pod using annotations. This feature is only available for CCE Turbo clusters.
                                                                                                                                                                                                                                • You can bind an existing EIP to a pod. This feature is only available for CCE Turbo clusters.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • CCE ingresses support traffic distribution based on custom HTTP headers.
                                                                                                                                                                                                                                • Scaling priority policies can be configured for third-party workloads.
                                                                                                                                                                                                                                • You can configure a security group for a pod using annotations. This feature is only available for CCE Turbo clusters.
                                                                                                                                                                                                                                • You can bind an existing EIP to a pod. This feature is only available for CCE Turbo clusters.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • An in-progress node drainage can be canceled.
                                                                                                                                                                                                                                • When updating a node pool, you can change its agency name, prefix, and suffix.
                                                                                                                                                                                                                                • Kubernetes labels and taints of a node are retained after the node is reset.
                                                                                                                                                                                                                                • Both the Kubernetes service account token volume projection and the load scaling controller can be configured.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • An in-progress node drainage can be canceled.
                                                                                                                                                                                                                                • When updating a node pool, you can change its agency name, prefix, and suffix.
                                                                                                                                                                                                                                • Kubernetes labels and taints of a node are retained after the node is reset.
                                                                                                                                                                                                                                • Both the Kubernetes service account token volume projection and the load scaling controller can be configured.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.23.13-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.23.13-r0
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.23.17
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.23.17
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                LoadBalancer Services and ingresses allow you to:
                                                                                                                                                                                                                                • Configure SNI.
                                                                                                                                                                                                                                • Enable HTTP/2.
                                                                                                                                                                                                                                • Configure idle timeout, request timeout, and response timeout.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                LoadBalancer Services and ingresses allow you to:
                                                                                                                                                                                                                                • Configure SNI.
                                                                                                                                                                                                                                • Enable HTTP/2.
                                                                                                                                                                                                                                • Configure idle timeout, request timeout, and response timeout.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.23.11-r4
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.23.11-r4
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.23.17
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.23.17
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed CVE-2024-21626 issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed CVE-2024-21626 issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.23.10-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.23.10-r0
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.23.11
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.23.11
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • Volcano supports node pool affinity scheduling. 
                                                                                                                                                                                                                                • Volcano supports workload rescheduling. 
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • Volcano supports node pool affinity scheduling. 
                                                                                                                                                                                                                                • Volcano supports workload rescheduling. 
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.23.9-r10
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.23.9-r10
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.23.11
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.23.11
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Optimized the events generated during node pool scaling.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Optimized the events generated during node pool scaling.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.23.9-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.23.9-r0
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.23.11
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.23.11
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • Both soft eviction and hard eviction are supported in node pool configurations.
                                                                                                                                                                                                                                • TMS tags can be added to automatically created EVS disks to facilitate cost management.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • Both soft eviction and hard eviction are supported in node pool configurations.
                                                                                                                                                                                                                                • TMS tags can be added to automatically created EVS disks to facilitate cost management.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.23.8-r10
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.23.8-r10
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.23.11
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.23.11
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                The timeout interval can be configured for a load balancer. 
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                The timeout interval can be configured for a load balancer. 
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                High-frequency parameters of kube-apiserver are configurable.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                High-frequency parameters of kube-apiserver are configurable.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.23.8-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.23.8-r0
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.23.11
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.23.11
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • Enhanced Docker reliability during upgrades.
                                                                                                                                                                                                                                • Optimized node time synchronization.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • Enhanced Docker reliability during upgrades.
                                                                                                                                                                                                                                • Optimized node time synchronization.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.23.5-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.23.5-r0
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.23.11
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.23.11
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • Fault detection and isolation are supported on GPU nodes.
                                                                                                                                                                                                                                • Security groups can be customized by cluster.
                                                                                                                                                                                                                                • CCE Turbo clusters support ENIs pre-binding by node.
                                                                                                                                                                                                                                • containerd is supported.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • Fault detection and isolation are supported on GPU nodes.
                                                                                                                                                                                                                                • Security groups can be customized by cluster.
                                                                                                                                                                                                                                • CCE Turbo clusters support network interface pre-binding by node.
                                                                                                                                                                                                                                • containerd is supported.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • Upgraded the etcd version of the master node to the Kubernetes version 3.5.6.
                                                                                                                                                                                                                                • Optimized scheduling so that pods are evenly distributed across AZs after pods are scaled in.
                                                                                                                                                                                                                                • Optimized the memory usage of kube-apiserver when CRDs are frequently updated.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • Upgraded the etcd version of the master node to the Kubernetes version 3.5.6.
                                                                                                                                                                                                                                • Optimized scheduling so that pods are evenly distributed across AZs after pods are scaled in.
                                                                                                                                                                                                                                • Optimized the memory usage of kube-apiserver when CRDs are frequently updated.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues and the following CVE vulnerabilities:
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues and the following CVE vulnerabilities:
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.23.1-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.23.1-r0
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.23.4
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.23.4
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                CCE clusters of v1.23 are released for the first time. For more information, see Kubernetes 1.23 Release Notes.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                CCE clusters of v1.23 are released for the first time. For more information, see Kubernetes 1.23 Release Notes.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 
 
 
                                                                                                                                                                                                                                Table 8 Release notes for the v1.21 patch
                                                                                                                                                                                                                                CCE Cluster Patch Version
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@@ -777,117 +885,117 @@
 
                                                                                                                                                                                                                                Version 1.19
                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                Table 9 Release notes for the v1.21 patch
                                                                                                                                                                                                                                CCE Cluster Patch Version
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Kubernetes Version
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Kubernetes Version
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Feature Updates
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Feature Updates
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Optimization
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Optimization
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Vulnerability Fixing
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Vulnerability Fixing
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.21.14-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.21.14-r0
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.21.14
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.21.14
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                A PVC can be used to dynamically create and mount an SFS Turbo subdirectory.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                A PVC can be used to dynamically create and mount an SFS Turbo subdirectory.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.21.12-r4
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.21.12-r4
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.21.14
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.21.14
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed CVE-2024-21626 issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed CVE-2024-21626 issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.21.11-r20
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.21.11-r20
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.21.14
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.21.14
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • Volcano supports node pool affinity scheduling. 
                                                                                                                                                                                                                                • Volcano supports workload rescheduling. 
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • Volcano supports node pool affinity scheduling. 
                                                                                                                                                                                                                                • Volcano supports workload rescheduling. 
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.21.11-r10
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.21.11-r10
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.21.14
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.21.14
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Optimized the events generated during node pool scaling.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Optimized the events generated during node pool scaling.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.21.11-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.21.11-r0
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.21.14
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.21.14
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • Both soft eviction and hard eviction are supported in node pool configurations.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • Both soft eviction and hard eviction are supported in node pool configurations.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.21.10-r10
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.21.10-r10
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.21.14
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.21.14
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                The timeout interval can be configured for a load balancer. 
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                The timeout interval can be configured for a load balancer. 
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                High-frequency parameters of kube-apiserver are configurable.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                High-frequency parameters of kube-apiserver are configurable.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.21.10-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.21.10-r0
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.21.14
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.21.14
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • Enhanced Docker reliability during upgrades.
                                                                                                                                                                                                                                • Optimized node time synchronization.
                                                                                                                                                                                                                                • Enhanced the stability of the Docker runtime for pulling images after nodes are restarted.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • Enhanced Docker reliability during upgrades.
                                                                                                                                                                                                                                • Optimized node time synchronization.
                                                                                                                                                                                                                                • Enhanced the stability of the Docker runtime for pulling images after nodes are restarted.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.21.7-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.21.7-r0
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.21.14
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.21.14
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • Fault detection and isolation are supported on GPU nodes.
                                                                                                                                                                                                                                • Security groups can be customized by cluster.
                                                                                                                                                                                                                                • CCE Turbo clusters support ENIs pre-binding by node.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • Fault detection and isolation are supported on GPU nodes.
                                                                                                                                                                                                                                • Security groups can be customized by cluster.
                                                                                                                                                                                                                                • CCE Turbo clusters support network interface pre-binding by node.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Improved the stability of LoadBalancer Services/ingresses with a large number of connections.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Improved the stability of LoadBalancer Services/ingresses with a large number of connections.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues and the following CVE vulnerabilities:
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues and the following CVE vulnerabilities:
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.21.1-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.21.1-r0
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.21.7
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.21.7
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                CCE clusters of v1.21 are released for the first time. For more information, see Kubernetes 1.21 Release Notes.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                CCE clusters of v1.21 are released for the first time. For more information, see Kubernetes 1.21 Release Notes.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 
 
 
                                                                                                                                                                                                                                Table 9 Release notes for the v1.19 patch
                                                                                                                                                                                                                                CCE Cluster Patch Version
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/docs/cce/umn/cce_10_0406.html b/docs/cce/umn/cce_10_0406.html
index bf676d4ea..d752166c8 100644
--- a/docs/cce/umn/cce_10_0406.html
+++ b/docs/cce/umn/cce_10_0406.html
@@ -15,20 +15,20 @@
 
                                                                                                                                                                                                                                The following permission is required for running node-exporter:
                                                                                                                                                                                                                                • cap_dac_override: reads the Docker info data.
                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                Installing the Add-on
                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                The Cloud Native Cluster Monitoring add-on automatically selects a deployment mode based on Data Storage Configuration. This is supported by Cloud Native Cluster Monitoring 3.7.1 or later.
                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                • Original agent mode: Disable Local data storage and enable at least one of Report Monitoring Data to AOM and Report Monitoring Data to a Third-Party Platform.
                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                • Original server mode: Enable Local data storage and Report Monitoring Data to AOM or Report Monitoring Data to a Third-Party Platform.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Installing the Add-on
                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                The Cloud Native Cluster Monitoring add-on automatically selects a deployment mode based on Data Storage Configuration. This is supported by Cloud Native Cluster Monitoring 3.7.1 or later.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • Original agent mode: Disable Local Data Storage and enable at least one of Report Monitoring Data to AOM and Report Monitoring Data to a Third-Party Platform.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • Original server mode: Enable Local data storage and Report Monitoring Data to AOM or Report Monitoring Data to a Third-Party Platform.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Add-ons, locate Cloud Native Cluster Monitoring on the right, and click Install.
                                                                                                                                                                                                                                2. On the Install Add-on page, enable at least one item in the Data Storage Configuration area.
                                                                                                                                                                                                                                  • Reporting Monitoring Data to AOM: Report Prometheus data to AOM. After this function is enabled, you can select the corresponding AOM instance. The collected basic metrics are free of charge. Custom metrics are charged by AOM. To interconnect with AOM, you must have certain permissions. Only users in the admin user group can perform this operation.
                                                                                                                                                                                                                                  • Reporting Monitoring Data to a Third-Party Monitoring Platform: To report Prometheus data to a third-party monitoring system, you need to enter the address and token of the third-party monitoring system and determine whether to skip certificate authentication.
                                                                                                                                                                                                                                  • Local data storage: Select the type and size of a disk for storing monitoring data to store Prometheus data in PVCs in the cluster. Storage volumes are not deleted along with the add-on. If local data storage is enabled, all components will be deployed. For details, see Components.
                                                                                                                                                                                                                                     
                                                                                                                                                                                                                                    An available PVC named pvc-prometheus-server-0 exists in namespace monitoring and will be used as the storage source.
                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                    2. In the navigation pane, choose Add-ons. Locate Cloud Native Cluster Monitoring on the right and click Install.
                                                                                                                                                                                                                                    3. On the Install Add-on page, enable at least one item in the Data Storage Configuration area.
                                                                                                                                                                                                                                      • Report Monitoring Data to AOM: Report Prometheus data to AOM. After this function is enabled, you can select the corresponding AOM instance. The collected basic metrics are free of charge. Custom metrics are charged by AOM. To interconnect with AOM, you must have certain permissions. Only users in the admin user group can perform this operation.
                                                                                                                                                                                                                                      • Reporting Monitoring Data to a Third-Party Monitoring Platform: To report Prometheus data to a third-party monitoring system, you need to enter the address and token of the third-party monitoring system and determine whether to skip certificate authentication.
                                                                                                                                                                                                                                      • Local Data Storage: Select the type and size of a disk for storing monitoring data to store Prometheus data in PVCs in the cluster. Storage volumes are not deleted along with the add-on. If Local Data Storage is enabled, all components will be deployed. For details, see Components.
                                                                                                                                                                                                                                         
                                                                                                                                                                                                                                        An available PVC named pvc-prometheus-server-0 exists in namespace monitoring and will be used as the storage source.
                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                    4. Configure the add-on specifications as needed.
                                                                                                                                                                                                                                      • Add-on Specifications:
                                                                                                                                                                                                                                        • If you selected Preset, the system will configure the number of pods and resource quotas for the add-on based on the preset specifications. You can see the configurations on the console.
                                                                                                                                                                                                                                        • If you selected Custom, you can adjust the number of pods and resource quotas as needed. High availability is not possible with a single pod. If an error occurs on the node where the add-on instance runs, the add-on will fail.
                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                      • Prometheus HA: The Prometheus-server, Prometheus-operator, thanos-query, custom-metrics-apiserver, alertmanager, and kube-state-metrics components are deployed in multi-instance mode in the cluster.
                                                                                                                                                                                                                                      • Number of collected shards (available after Local data storage is disabled): When there is a lot of Prometheus data, you can configure this parameter to spread the data across a specific number of Prometheus instances. This will help with storage and querying. Increasing the number of shards reduces the data volume carried by each shard. This can increase the upper limit of the metric collection throughput and cause more resources to be consumed. By default, CCE automatically determines the number of shards based on the cluster scale. It is advised to allocate one shard for every 50 nodes. If you want to enhance collection performance by increasing the number of shards, carefully assess resource utilization and optimize based on your monitoring needs. To ensure system stability, keep the master node's memory usage below 50%.
                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                    5. Configure the add-on parameters.
                                                                                                                                                                                                                                      • Custom Metric Collection: Application metrics are automatically collected in the form of service discovery. After this function is enabled, you need to add related configurations to the target application. For details, see Monitoring Custom Metrics Using Cloud Native Cluster Monitoring.
                                                                                                                                                                                                                                      • Collection Interval: Configure the collection interval.
                                                                                                                                                                                                                                      • Data Retention (available only after Local data storage is enabled): Configure how long the monitoring data can be kept.
                                                                                                                                                                                                                                      • node-exporter Listening Port: This port uses the host network to listen to and expose metrics on the node for Prometheus collection. The default port number is 9100, but it can be modified if there is a conflict with an existing port.
                                                                                                                                                                                                                                      • Scheduling Policies: Support node affinity, taint, and tolerations. Multiple scheduling policies can be configured. If no affinity node label key or toleration node taint key is configured, this function is disabled by default.
                                                                                                                                                                                                                                        • Range: You can select the add-on pods for which the scheduling policy takes effect. By default, the scheduling policy takes effect for all pods. If a pod is specified, the scheduling policies configured for all pods are overwritten.
                                                                                                                                                                                                                                        • Affinity Node Label Key: Enter a node label key to set node affinity for the add-on pods.
                                                                                                                                                                                                                                        • Affinity Node Label Value: Enter a node label value to set node affinity for the add-on pods.
                                                                                                                                                                                                                                        • Toleration Node Taint Key: A component can be scheduled to a node that has the taint key you specified.
                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                      • Prometheus HA: The Prometheus-server, Prometheus-operator, thanos-query, custom-metrics-apiserver, alertmanager, and kube-state-metrics components are deployed in multi-instance mode in the cluster.
                                                                                                                                                                                                                                      • Number of collected shards (available after Local Data Storage is disabled): When there is a lot of Prometheus data, you can configure this parameter to spread the data across a specific number of Prometheus instances. This will help with storage and querying. Increasing the number of shards reduces the data volume carried by each shard. This can increase the upper limit of the metric collection throughput and cause more resources to be consumed. By default, CCE automatically determines the number of shards based on the cluster scale. It is advised to allocate one shard for every 50 nodes. If you want to enhance collection performance by increasing the number of shards, carefully assess resource utilization and optimize based on your monitoring needs. To ensure system stability, keep the master node's memory usage below 50%.
                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                    6. Configure the add-on parameters.
                                                                                                                                                                                                                                      • Custom Metric Collection: Application metrics are automatically collected in the form of service discovery. After this function is enabled, you need to add related configurations to the target application. For details, see Monitoring Custom Metrics Using Cloud Native Cluster Monitoring.
                                                                                                                                                                                                                                      • Collection Interval: Configure the collection interval.
                                                                                                                                                                                                                                      • Data Retention (available only after Local Data Storage is enabled): Configure how long the monitoring data can be kept.
                                                                                                                                                                                                                                      • node-exporter Listening Port: This port uses the host network to listen to and expose metrics on the node for Prometheus collection. The default port number is 9100, but it can be modified if there is a conflict with an existing port.
                                                                                                                                                                                                                                      • Scheduling Policies: Support node affinity, taint, and tolerations. Multiple scheduling policies can be configured. If no affinity node label key or toleration node taint key is configured, this function is disabled by default.
                                                                                                                                                                                                                                        • Range: You can select the add-on pods for which the scheduling policy takes effect. By default, the scheduling policy takes effect for all pods. If a pod is specified, the scheduling policies configured for all pods are overwritten.
                                                                                                                                                                                                                                        • Affinity Node Label Key: Enter a node label key to set node affinity for the add-on pods.
                                                                                                                                                                                                                                        • Affinity Node Label Value: Enter a node label value to set node affinity for the add-on pods.
                                                                                                                                                                                                                                        • Toleration Node Taint Key: A component can be scheduled to a node that has the taint key you specified.
                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                    7. Click Install.
                                                                                                                                                                                                                                      After the add-on is installed, you may need to perform the following operations:
                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                      • To use custom metrics to create an auto scaling policy, ensure that local data storage is enabled for the add-on and then take the following steps:
                                                                                                                                                                                                                                        1. Collect custom metrics reported by applications to Prometheus. For details, see Monitoring Custom Metrics Using Cloud Native Cluster Monitoring.
                                                                                                                                                                                                                                        2. Aggregate these custom metrics collected by Prometheus to the API server for the HPA policy to use. For details, see Creating an HPA Policy Using Custom Metrics.
                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                      • To provide system resource metrics (such as CPU and memory usage) for workload auto scaling using this add-on, ensure that local data storage is enabled for the add-on and then enable the Metrics API. For details, see Providing Basic Resource Metrics Through the Metrics API. After the configuration, you can use Prometheus to collect system resource metrics. (This operation is not recommended because it may conflict with the Kubernetes Metric Server add-on.)
                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                      • To use custom metrics to create an auto scaling policy, ensure that Local Data Storage is enabled for the add-on and then take the following steps:
                                                                                                                                                                                                                                        1. Collect custom metrics reported by applications to Prometheus. For details, see Monitoring Custom Metrics Using Cloud Native Cluster Monitoring.
                                                                                                                                                                                                                                        2. Aggregate these custom metrics collected by Prometheus to the API server for the HPA policy to use. For details, see Creating an HPA Policy Using Custom Metrics.
                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                      • To provide system resource metrics (such as CPU and memory usage) for workload auto scaling using this add-on, ensure that Local Data Storage is enabled for the add-on and then enable the Metrics API. For details, see Providing Basic Resource Metrics Through the Metrics API. After the configuration, you can use Prometheus to collect system resource metrics. (This operation is not recommended because it may conflict with the Kubernetes Metric Server add-on.)
                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                    Components
                                                                                                                                                                                                                                    All Kubernetes resources created during Cloud Native Cluster Monitoring add-on installation are created in the namespace named monitoring.
                                                                                                                                                                                                                                    
@@ -123,21 +123,11 @@
 
                                                                                                                                                                                                                                
-
-
-
-
-
                                                                                                                                                                                                                                Table 10 Release notes for the v1.19 patch
                                                                                                                                                                                                                                CCE Cluster Patch Version
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Kubernetes Version
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Kubernetes Version
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Feature Updates
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Feature Updates
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Optimization
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Optimization
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Vulnerability Fixing
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Vulnerability Fixing
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                1.19.16-r84
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                1.19.16-r84
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.19.16
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.19.16
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed CVE-2024-21626 issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed CVE-2024-21626 issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.19.16-r60
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.19.16-r60
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.19.16
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.19.16
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • Volcano supports node pool affinity scheduling. 
                                                                                                                                                                                                                                • Volcano supports workload rescheduling. 
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • Volcano supports node pool affinity scheduling. 
                                                                                                                                                                                                                                • Volcano supports workload rescheduling. 
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.19.16-r50
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.19.16-r50
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.19.16
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.19.16
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Optimized the events generated during node pool scaling.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Optimized the events generated during node pool scaling.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.19.16-r40
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.19.16-r40
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.19.16
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.19.16
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • Both soft eviction and hard eviction are supported in node pool configurations.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • Both soft eviction and hard eviction are supported in node pool configurations.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.19.16-r30
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.19.16-r30
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.19.16
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.19.16
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                The timeout interval can be configured for a load balancer. 
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                The timeout interval can be configured for a load balancer. 
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                High-frequency parameters of kube-apiserver are configurable.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                High-frequency parameters of kube-apiserver are configurable.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.19.16-r20
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.19.16-r20
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.19.16
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.19.16
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • Cloud Native Network 2.0 allows you to specify subnets for a namespace.
                                                                                                                                                                                                                                • Enhanced the stability of the Docker runtime for pulling images after nodes are restarted.
                                                                                                                                                                                                                                • Optimized the performance of CCE Turbo clusters in allocating ENIs if not all ENIs are pre-bound.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • Cloud Native Network 2.0 allows you to specify subnets for a namespace.
                                                                                                                                                                                                                                • Enhanced the stability of the Docker runtime for pulling images after nodes are restarted.
                                                                                                                                                                                                                                • Optimized the performance of CCE Turbo clusters in allocating network interfaces if not all network interfaces are pre-bound.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues.
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.19.16-r4
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.19.16-r4
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.19.16
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.19.16
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • Fault detection and isolation are supported on GPU nodes.
                                                                                                                                                                                                                                • Security groups can be customized by cluster.
                                                                                                                                                                                                                                • CCE Turbo clusters support ENIs pre-binding by node.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • Fault detection and isolation are supported on GPU nodes.
                                                                                                                                                                                                                                • Security groups can be customized by cluster.
                                                                                                                                                                                                                                • CCE Turbo clusters support network interface pre-binding by node.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                • Scheduling is optimized on taint nodes.
                                                                                                                                                                                                                                • Enhanced the long-term running stability of containerd when cores are bound.
                                                                                                                                                                                                                                • Improved the stability of LoadBalancer Services/ingresses with a large number of connections.
                                                                                                                                                                                                                                • Optimized the memory usage of kube-apiserver when CRDs are frequently updated.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                • Scheduling is optimized on taint nodes.
                                                                                                                                                                                                                                • Enhanced the long-term running stability of containerd when cores are bound.
                                                                                                                                                                                                                                • Improved the stability of LoadBalancer Services/ingresses with a large number of connections.
                                                                                                                                                                                                                                • Optimized the memory usage of kube-apiserver when CRDs are frequently updated.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues and the following CVE vulnerabilities:
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues and the following CVE vulnerabilities:
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.19.16-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.19.16-r0
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.19.16
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.19.16
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Enhanced the stability in updating LoadBalancer Services when workloads are upgraded and nodes are scaled in or out.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Enhanced the stability in updating LoadBalancer Services when workloads are upgraded and nodes are scaled in or out.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Fixed some security issues and the following CVE vulnerabilities:
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Fixed some security issues and the following CVE vulnerabilities:
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                v1.19.10-r0
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.19.10-r0
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                v1.19.10
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                v1.19.10
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                CCE clusters of v1.19 are released for the first time. For more information, see Kubernetes 1.19 Release Notes.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                CCE clusters of v1.19 are released for the first time. For more information, see Kubernetes 1.19 Release Notes.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 
 
 
                                                                                                                                                                                                                                DaemonSet
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                clusterProblemDetector
                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                (workload name: cluster-problem-detector)
                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                Monitors cluster exceptions.
                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                Local data storage enabled
                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                Deployment
                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                
                                                                                                                                                                                                                                 
 
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                
 
-
                                                                                                                                                                                                                                Providing Basic Resource Metrics Through the Metrics API
                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                If local data storage is enabled for the Cloud Native Cluster Monitoring add-on, basic resource metrics can only be provided through Metrics API.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Providing Basic Resource Metrics Through the Metrics API
                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                If Local Data Storage is enabled for the Cloud Native Cluster Monitoring add-on, basic resource metrics can only be provided through Metrics API.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                Resource metrics of containers and nodes, such as CPU and memory usage, can be obtained through the Kubernetes Metrics API. Resource metrics can be directly accessed, for example, by using the kubectl top command, or used by HPA or CustomedHPA policies for auto scaling.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                The add-on can provide the Kubernetes Metrics API that is disabled by default. To enable the Metrics API, create the following APIService object:
                                                                                                                                                                                                                                
@@ -169,11 +159,11 @@ custom-metrics-apiserver-d4f556ff9-l2j2m                  38m          44Mi
 
                                                                                                                                                                                                                                kubectl delete APIService v1beta1.metrics.k8s.io
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                Creating an HPA Policy Using Custom Metrics
                                                                                                                                                                                                                                HPA policies can only be used when Cloud Native Cluster Monitoring is deployed with local data storage enabled. You can configure custom metrics required by HPA policies in the user-adapter-config ConfigMap.
                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                Creating an HPA Policy Using Custom Metrics
                                                                                                                                                                                                                                HPA policies can only be used when Cloud Native Cluster Monitoring is deployed with Local Data Storage enabled. You can configure custom metrics required by HPA policies in the user-adapter-config ConfigMap.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                To use Prometheus to monitor custom metrics, the application needs to provide a metric monitoring API. For details, see Prometheus Monitoring Data Collection.
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                In this section, the nginx metric (nginx_connections_accepted) in Monitoring Custom Metrics Using Cloud Native Cluster Monitoring is used as an example.
                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose ConfigMaps and Secrets.
                                                                                                                                                                                                                                2. Click the ConfigMaps tab, select the monitoring namespace, locate the row containing user-adapter-config (or adapter-config), and click Update.
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                  2. In the navigation pane, choose ConfigMaps and Secrets. Switch to the monitoring namespace, click the ConfigMaps tab, locate the row containing user-adapter-config (or adapter-config), and click Update.
                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                  3. In Data, click Edit for the config.yaml file to add a custom metric collection rule under the rules field. Click OK.
                                                                                                                                                                                                                                    You can add multiple collection rules by adding multiple configurations under the rules field. For details, see Metrics Discovery and Presentation Configuration.
                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                    Example custom metric rule:
                                                                                                                                                                                                                                    rules:
 # Match the metric whose name is nginx_connections_accepted. The metric name must be confirmed. Otherwise, the HPA controller cannot get the metric.
@@ -196,7 +186,7 @@ custom-metrics-apiserver-d4f556ff9-l2j2m                  38m          44Mi
 
                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                  4. Redeploy the custom-metrics-apiserver workload in the monitoring namespace.
                                                                                                                                                                                                                                  5. In the navigation pane, choose Workloads. Locate the workload for which you want to create an HPA policy and choose More > Auto Scaling. In the Custom Policy area, you can select the preceding parameters to create an auto scaling policy.
                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                Collecting All Labels and Annotations of a Pod
                                                                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Workloads.
                                                                                                                                                                                                                                2. Switch to the monitoring namespace, click the Deployments tab, and click the name of the kube-state-metrics workload. On the page displayed, click the Containers tab and click Edit on the right.
                                                                                                                                                                                                                                3. In the Lifecycle area of the container settings, edit the startup command.
                                                                                                                                                                                                                                  To collect labels, add the following information to the end of the original kube-state-metrics startup parameter:
                                                                                                                                                                                                                                  --metric-labels-allowlist=pods=[*],nodes=[node,failure-domain.beta.kubernetes.io/zone,topology.kubernetes.io/zone]
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  Collecting All Labels and Annotations of a Pod
                                                                                                                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                  2. In the navigation pane, choose Workloads. Switch to the monitoring namespace, click the Deployments tab, and click the name of the kube-state-metrics workload. On the page displayed, click the Containers tab and click Edit on the right.
                                                                                                                                                                                                                                  3. In the Lifecycle area of the container settings, edit the startup command.
                                                                                                                                                                                                                                    To collect labels, add the following information to the end of the original kube-state-metrics startup parameter:
                                                                                                                                                                                                                                    --metric-labels-allowlist=pods=[*],nodes=[node,failure-domain.beta.kubernetes.io/zone,topology.kubernetes.io/zone]
                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                    To collect annotations, add parameters in the startup parameters in the same way.
                                                                                                                                                                                                                                    --metric-annotations-allowlist=pods=[*],nodes=[node,failure-domain.beta.kubernetes.io/zone,topology.kubernetes.io/zone]
                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                    
@@ -206,8 +196,8 @@ custom-metrics-apiserver-d4f556ff9-l2j2m                  38m          44Mi
 
                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                  For more kube-state-metrics startup parameters, see kube-state-metrics/cli-arguments.
                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                  Change History
                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                  Table 2 Release history
                                                                                                                                                                                                                                  Add-on Version
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  Release History
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  
@@ -217,7 +207,24 @@ custom-metrics-apiserver-d4f556ff9-l2j2m                  38m          44Mi
 
-
+
+
+
+
+
-
diff --git a/docs/cce/umn/cce_10_0415.html b/docs/cce/umn/cce_10_0415.html
index 21a69eead..a0d8c76eb 100644
--- a/docs/cce/umn/cce_10_0415.html
+++ b/docs/cce/umn/cce_10_0415.html
@@ -2,17 +2,17 @@
 
 
                                                                                                                                                                                                                                  Creating a Scheduled CronHPA Policy
                                                                                                                                                                                                                                  There are predictable and unpredictable traffic peaks for some services. For such services, CCE CronHPA allows you to scale resources in fixed periods. It can work with HPA policies to periodically adjust the HPA scaling scope, implementing workload scaling.
                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                  CronHPA can periodically adjust the maximum and minimum numbers of pods in the HPA policy or directly adjust the number of pods of a Deployment.
                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                  Prerequisites
                                                                                                                                                                                                                                  CCE Advanced HPA of v1.2.13 or later has been installed in the cluster.
                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                  Using CronHPA to Adjust the HPA Scaling Scope
                                                                                                                                                                                                                                  CronHPA can periodically scale out/in pods in HPA policies to satisfy complex services.
                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                  HPA and CronHPA associate scaling objects using the scaleTargetRef field. If a Deployment is the scaling object for both CronHPA and HPA, the two scaling policies are independent of each other. The operation performed later overwrites the operation performed earlier. As a result, the scaling effect does not meet the expectation.
                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                  When CronHPA and HPA are used together, CronHPA rules take effect based on the HPA policy. CronHPA uses HPA to perform operations on the Deployment. Understanding the following parameters can better understand the working rules of the CronHPA.
                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                  • targetReplicas: number of pods set for CronHPA. When CronHPA takes effect, this parameter adjusts the maximum or minimum number of pods in HPA policies to adjust the number of Deployment pods.
                                                                                                                                                                                                                                  • minReplicas: minimum number of Deployment pods.
                                                                                                                                                                                                                                  • maxReplicas: maximum number of Deployment pods.
                                                                                                                                                                                                                                  • replicas: number of pods in a Deployment before the CronHPA policy takes effect.
                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                  When a CronHPA rule is triggered, the maximum or minimum number of pods is adjusted by comparing the targetReplicas value with the actual pod count, while also considering the HPA policy's minimum or maximum pod limits.
                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                  Figure 1 CronHPA scaling scenarios
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  Figure 1 CronHPA scaling scenarios
                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                  Figure 1 shows possible scaling scenarios. The following examples detail how CronHPA modifies the number of pods in HPAs.
                                                                                                                                                                                                                                  
 
 
                                                                                                                                                                                                                                  Table 2 Cloud Native Cluster Monitoring add-on
                                                                                                                                                                                                                                  Add-on Version
                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                  Supported Cluster Version
                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                  3.12.0
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  3.12.1
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  v1.21
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  v1.23
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  v1.25
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  v1.27
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  v1.28
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  v1.29
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  v1.30
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  v1.31
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  v1.32
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  CCE clusters v1.32 are supported.
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  2.53.2
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  3.12.0
                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                  v1.21
                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                  v1.23
                                                                                                                                                                                                                                  
@@ -257,7 +264,7 @@ custom-metrics-apiserver-d4f556ff9-l2j2m                  38m          44Mi
 
                                                                                                                                                                                                                                  v1.28
                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                  v1.29
                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                  The NodeExporter component is upgraded to 1.8.0.
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  Upgraded NodeExporter to 1.8.0.
                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                  2.37.8
                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                  
-
@@ -212,7 +210,7 @@
 
                                                                                                                                                                                                                                  Table 1 CronHPA scaling parameters
                                                                                                                                                                                                                                  Scenario
                                                                                                                                                                                                                                  
@@ -190,12 +190,10 @@
 
                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                  System Policy
                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                  • Metric: You can select CPU usage or Memory usage.
                                                                                                                                                                                                                                     NOTE: 
                                                                                                                                                                                                                                    Usage = Average resource usage of all pods in a workload/Requested resources
                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                  • Desired Value: Enter the desired average resource usage.
                                                                                                                                                                                                                                    This parameter indicates the desired value of the selected metric. Number of target pods (rounded up) = (Current metric value/Desired value) x Number of current pods
                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                     NOTE: 
                                                                                                                                                                                                                                    When calculating the number of pods to be added or reduced, the HPA policy uses the maximum number of pods in the last 5 minutes.
                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                  • Tolerance Range: Scaling is not triggered when the metric value is within the tolerance range. The desired value must be within the tolerance range.
                                                                                                                                                                                                                                    If the metric value is greater than the scale-in threshold and less than the scale-out threshold, no scaling is triggered. This parameter is supported only in clusters of v1.15 or later.
                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                  When calculating the number of pods to add or remove, HPA determines the target number of pods based on the current metric value, desired value, and the current number of pods. The current number of pods is the maximum number of pods over the last 5 minutes. The formula is as follows:
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  Desired number of pods = Rounded up value of [Current number of pods x (Current metric value/Desired value)]
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                  • Metric: You can select CPU usage or Memory usage.
                                                                                                                                                                                                                                    Usage = Average resource usage of all pods in a workload/Requested resources
                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                  • Desired Value: Enter the desired average resource usage.
                                                                                                                                                                                                                                  • Tolerance Range: Scaling is not triggered when the metric value is within the tolerance range. The desired value must be within the tolerance range.
                                                                                                                                                                                                                                    If the metric value is greater than the scale-in threshold and less than the scale-out threshold, no scaling is triggered. This parameter is supported only in clusters of v1.15 or later.
                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                4. Click  in the CronHPA policy rule. In the dialog box displayed, configure scaling policy parameters.
                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                5. Click  in the CronHPA policy rule. In the dialog box displayed, configure scaling policy parameters.
                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                  Table 3 CronHPA policy parameters
                                                                                                                                                                                                                                  Parameter
                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                  Description
                                                                                                                                                                                                                                  
@@ -324,7 +322,7 @@ spec:
 
                                                                                                                                                                                                                                  Using CronHPA to Directly Adjust the Number of Deployment Pods
                                                                                                                                                                                                                                  CronHPA adjusts associated Deployments separately to periodically adjust the number of Deployment pods. The method is as follows:
                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                  Using the CCE console
                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                  2. Choose Workloads in the navigation pane. Locate the target workload and choose More > Auto Scaling in the Operation column.
                                                                                                                                                                                                                                  3. Set Policy Type to HPA+CronHPA, disable HPA, and enable CronHPA.
                                                                                                                                                                                                                                    CronHPA periodically adjusts the number of workload pods.
                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                  4. Click  in the CronHPA policy rule. In the dialog box displayed, configure scaling policy parameters.
                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                  5. Click  in the CronHPA policy rule. In the dialog box displayed, configure scaling policy parameters.
                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                    Table 5 CronHPA policy parameters
                                                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                    Description
                                                                                                                                                                                                                                    
@@ -376,7 +374,7 @@ spec:
 
 
                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                    Parent topic: Scaling a Workload
                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                    Parent topic: Workload Scaling
                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                    
 
diff --git a/docs/cce/umn/cce_10_0416.html b/docs/cce/umn/cce_10_0416.html
index dd56fc9a6..63afb4e6e 100644
--- a/docs/cce/umn/cce_10_0416.html
+++ b/docs/cce/umn/cce_10_0416.html
@@ -5,13 +5,13 @@
 
                                                                                                                                                                                                                                     
                                                                                                                                                                                                                                    In 1.3.2 and later versions, Cloud Native Log Collection reports all warning events and some normal events to AOM by default. The reported events can be used to configure alarms. If the cluster version is 1.19.16, 1.21.11, 1.23.9, 1.25.4, or later, after Cloud Native Log Collection is installed, events are reported to AOM by this add-on instead of the control plane component. After Cloud Native Log Collection is uninstalled, events will not be reported to AOM.
                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                    
 
-
                                                                                                                                                                                                                                    Log Collection Reliability
                                                                                                                                                                                                                                    The log system's main purpose is to record all stages of data for service components, including startup, initialization, exit, runtime details, and exceptions. It is primarily employed in O&M scenarios for tasks like checking component status and analyzing fault causes.
                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                    Standard streams (stdout and stderr) and local log files use non-persistent storage. However, data integrity may be compromised due to the following risks:
                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                    • Log rotation and compression potentially deleting old files
                                                                                                                                                                                                                                    • Temporary storage volumes being cleared when Kubernetes pods end
                                                                                                                                                                                                                                    • Automatic OS cleanup triggered by limited node storage space
                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                    While the Cloud Native Log Collection add-on employs techniques like multi-level buffering, priority queues, and resumable uploads to enhance log collection reliability, logs could still be lost in the following situations:
                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                    • The service log throughput surpasses the collector's processing capacity.
                                                                                                                                                                                                                                    • The service pod is abruptly terminated and reclaimed by CCE.
                                                                                                                                                                                                                                    • The log collector pod experiences exceptions.
                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                    The following lists some recommended best practices for cloud native log management. You can review and implement them thoughtfully.
                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                    • Use dedicated, high-reliable streams to record critical service data (for example, financial transactions) and store the data in persistent storage.
                                                                                                                                                                                                                                    • Avoid storing sensitive information like customer details, payment credentials, and session tokens in logs.
                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                    Log Collection Reliability
                                                                                                                                                                                                                                    The log system's main purpose is to record all stages of data for service components, including startup, initialization, exit, runtime details, and exceptions. It is primarily employed in O&M scenarios for tasks like checking component status and analyzing fault causes.
                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                    Standard streams (stdout and stderr) and local log files use non-persistent storage. However, data integrity may be compromised due to the following risks:
                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                    • Log rotation and compression potentially deleting old files
                                                                                                                                                                                                                                    • Temporary storage volumes being cleared when Kubernetes pods end
                                                                                                                                                                                                                                    • Automatic OS cleanup triggered by limited node storage space
                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                    While the Cloud Native Log Collection add-on employs techniques like multi-level buffering, priority queues, and resumable uploads to enhance log collection reliability, logs could still be lost in the following situations:
                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                    • The service log throughput surpasses the collector's processing capacity.
                                                                                                                                                                                                                                    • The service pod is abruptly terminated and reclaimed by CCE.
                                                                                                                                                                                                                                    • The log collector pod experiences exceptions.
                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                    The following lists some recommended best practices for cloud native log management. You can review and implement them thoughtfully.
                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                    • Use dedicated, high-reliable streams to record critical service data (for example, financial transactions) and store the data in persistent storage.
                                                                                                                                                                                                                                    • Avoid storing sensitive information like customer details, payment credentials, and session tokens in logs.
                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                    Notes and Constraints
                                                                                                                                                                                                                                    This add-on is available only in clusters v1.17 or later.
                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                    
@@ -59,48 +59,50 @@
 
                                                                                                                                                                                                                                    Permissions
                                                                                                                                                                                                                                    The fluent-bit component of the add-on reads and collects the stdout logs on each node, file logs in pods, and node logs based on the collection configuration.
                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                    The following permissions are required for running the fluent-bit component:
                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                    • CAP_DAC_OVERRIDE: ignores the discretionary access control (DAC) restrictions on files.
                                                                                                                                                                                                                                    • CAP_FOWNER: ignores the restrictions that the file owner ID must match the process user ID.
                                                                                                                                                                                                                                    • DAC_READ_SEARCH: ignores the DAC restrictions on file reading and catalog research.
                                                                                                                                                                                                                                    • SYS_PTRACE: allows all processes to be traced.
                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                     
                                                                                                                                                                                                                                    The Cloud Native Log Collection add-on enhances the log reading capability based on these permissions. However, if log files are stored in an external file system (such as SFS), these permissions may not take effect. To ensure that logs can be collected properly, ensure that the paas user (UID 10000) has the read and execute permissions on the directory where the logs are stored and the read permissions on the files in the directory.
                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                    Installing the Add-on
                                                                                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Add-ons, locate Cloud Native Log Collection on the right, and click Install.
                                                                                                                                                                                                                                    2. On the Install Add-on page, configure the specifications as needed.
                                                                                                                                                                                                                                      • If you selected Preset, you can choose between Small or Large depending on the number of logs on nodes. The system will automatically set the number of add-on pods and resource quotas according to the preset specifications. You can see the configurations on the console.
                                                                                                                                                                                                                                        You can select the Small option for clusters where the logs of a single node are less than 5000/s or 5 MB/s, and select the Large option for clusters where the logs on a single node are less than 10000/s or 10 MB/s.
                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                        Installing the Add-on
                                                                                                                                                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                        2. In the navigation pane, choose Add-ons. Locate Cloud Native Log Collection and click Install.
                                                                                                                                                                                                                                        3. On the Install Add-on page, configure the specifications as needed.
                                                                                                                                                                                                                                          • If you selected Preset, you can choose between Small or Large depending on the number of logs on nodes. The system will automatically set the number of add-on pods and resource quotas according to the preset specifications. You can see the configurations on the console.
                                                                                                                                                                                                                                            You can select the Small option for clusters where the logs of a single node are less than 5000/s or 5 MB/s, and select the Large option for clusters where the logs on a single node are less than 10000/s or 10 MB/s.
                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                          • If you selected Custom, you can adjust the number of pods and resource quotas as needed. High availability is not possible with a single pod. If an error occurs on the node where the add-on instance runs, the add-on will fail.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                        4. Configure add-on parameters, which is supported by the add-on of v1.6.1 or later. For details, see Tail.
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Parameter
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@@ -111,15 +113,15 @@
 
                                                                                                                                                                                                                                        5. Configure deployment policies for the add-on pods.
                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                          Scheduling policies do not take effect on add-on pods of the DaemonSet type.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
-
                                                                                                                                                                                                                                          6. Parameter
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Description
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Description
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Default Value
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Default Value
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Large Specification
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Large Specification
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Other Specification
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Other Specification
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Initial Buffer Size (Buffer_Chunk_Size)
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Initial Buffer Size (Buffer_Chunk_Size)
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          The size of the initial buffer used to read files.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          The size of the initial buffer used to read files.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          256k
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          256k
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          128k
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          128k
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Maximum Buffer Size (Buffer_Max_Size)
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Maximum Buffer Size (Buffer_Max_Size)
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Limit on the buffer size for each monitored file. When a buffer is added, the number of memory buffers that can be added is restricted by this value. If the limit is exceeded, the file will be removed from the monitored file list.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Limit on the buffer size for each monitored file. When a buffer is added, the number of memory buffers that can be added is restricted by this value. If the limit is exceeded, the file will be removed from the monitored file list.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          1024k
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          1024k
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          512k
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          512k
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Memory Buffer Limit (Mem_Buf_Limit)
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Memory Buffer Limit (Mem_Buf_Limit)
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Memory limit when data is appended to the engine. When the limit is reached, the add-on will temporarily stop reading log file data. The reading will resume after the data is refreshed.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Memory limit when data is appended to the engine. When the limit is reached, the add-on will temporarily stop reading log file data. The reading will resume after the data is refreshed.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          300mb
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          300mb
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          40mb
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          40mb
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Table 1 Configurations for add-on scheduling
                                                                                                                                                                                                                                          Parameter
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          
-
-
-
@@ -169,36 +171,58 @@
 
                                                                                                                                                                                                                                          Table 1 Configurations for add-on scheduling
                                                                                                                                                                                                                                          Parameter
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Description
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Description
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Multi-AZ Deployment
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Multi-AZ Deployment
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          • Preferred: Deployment pods of the add-on will be preferentially scheduled to nodes in different AZs. If all the nodes in the cluster are deployed in the same AZ, the pods will be scheduled to different nodes in that AZ.
                                                                                                                                                                                                                                          • Forcible: Deployment pods of the add-on are forcibly scheduled to nodes in different AZs. There can be at most one pod in each AZ. If nodes in a cluster are not in different AZs, some add-on pods cannot run properly. If a node is faulty, add-on pods on it may fail to be migrated.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          • Preferred: Deployment pods of the add-on will be preferentially scheduled to nodes in different AZs. If all the nodes in the cluster are deployed in the same AZ, the pods will be scheduled to different nodes in that AZ.
                                                                                                                                                                                                                                          • Forcible: Deployment pods of the add-on are forcibly scheduled to nodes in different AZs. There can be at most one pod in each AZ. If nodes in a cluster are not in different AZs, some add-on pods cannot run properly. If a node is faulty, add-on pods on it may fail to be migrated.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
-
                                                                                                                                                                                                                                          Add-on Usage
                                                                                                                                                                                                                                          This add-on can collect container standard output logs, container file logs, node logs, and Kubernetes events. You can use LTS or AOM to store the collected logs. These services support different types of logs. For details, see Table 3.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Add-on Usage
                                                                                                                                                                                                                                          This add-on can collect container standard output logs, container file logs, node logs, and Kubernetes events. You can use LTS or AOM to store the collected logs. These services support different types of logs.
                                                                                                                                                                                                                                          
 
-
                                                                                                                                                                                                                                          Table 3 Log storage description
                                                                                                                                                                                                                                          Log Storage Location
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                          Table 3 Log storage description
                                                                                                                                                                                                                                          Log Storage Location
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Supported Log Types
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Supported Log Types
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          How to Use
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          How to Use
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          LTS
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          LTS
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          • Container standard output logs
                                                                                                                                                                                                                                          • Container file logs
                                                                                                                                                                                                                                          • Node logs
                                                                                                                                                                                                                                          • Kubernetes events
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          • Container standard output logs
                                                                                                                                                                                                                                          • Container file logs
                                                                                                                                                                                                                                          • Node logs
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Go to Logging to create a policy. For details, see Collecting Container Logs Using the Cloud Native Log Collection Add-on.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Go to Logging to create a policy. For details, see Collecting Container Logs Using the Cloud Native Log Collection Add-on.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          AOM
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          LTS
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Kubernetes events
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Kubernetes events
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          If the cluster version is 1.19.16, 1.21.11, 1.23.9, 1.25.4, or later, all abnormal events and some normal events will be reported by default. For details, see Reporting Kubernetes Events to AOM.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Collecting Kubernetes Events
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          LTS
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Control plane component logs
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Collecting Control Plane Component Logs
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          LTS
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Kubernetes audit logs
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Collecting Audit Logs
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          AOM
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Kubernetes events
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          If the cluster version is 1.19.16, 1.21.11, 1.23.9, 1.25.4, or later, all abnormal events and some normal events will be reported by default. For details, see Reporting Kubernetes Events to AOM.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          
 
-
                                                                                                                                                                                                                                          Change History
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Table 4 Release history
                                                                                                                                                                                                                                          Add-on Version
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Release History
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          
@@ -206,7 +230,22 @@
 
-
+
+
+
+
@@ -135,7 +135,7 @@
 
                                                                                                                                                                                                                                          Figure 1 shows the scheduling of a pod after a topology policy is configured.
                                                                                                                                                                                                                                          • When 9 CPU cores are requested by a pod and the best-effort topology policy is used, Volcano selects node 1 whose topology policy is also best-effort, and this policy allows the pod to be scheduled to multiple NUMA nodes. Therefore, the requested 9 CPU cores will be allocated to two NUMA nodes, and the pod can be scheduled to node 1.
                                                                                                                                                                                                                                          • When 11 CPU cores are requested by a pod and the restricted topology policy is used, Volcano selects nodes 2 and 3 whose topology policy is also restricted, and each node provides at least 11 CPU cores. However, the remaining CPU cores on node 2 or 3 are less than the requested. Therefore, the pod cannot be scheduled.
                                                                                                                                                                                                                                          • When 17 CPU cores are requested by a pod and the restricted topology policy is used, Volcano selects nodes 2 and 3 whose topology policy is also restricted, this policy allows the pod to be scheduled to multiple NUMA nodes, and the upper CPU limit of both the nodes is less than 17. Then, the pod can be scheduled to node 3.
                                                                                                                                                                                                                                          • When 17 CPU cores are requested by a pod and the single-numa-node topology policy is used, Volcano selects nodes whose topology policy is also single-numa-node. However, no node can provide a total of 17 CPU cores. Therefore, the pod cannot be scheduled.
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Figure 1 Comparison of NUMA scheduling policies
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Figure 1 Comparison of NUMA scheduling policies
                                                                                                                                                                                                                                          Scheduling Priority
                                                                                                                                                                                                                                          A topology policy aims to schedule pods to the optimal node. In this example, each node is scored to sort out the optimal node.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Principle: Schedule pods to the worker nodes that require the fewest NUMA nodes.
                                                                                                                                                                                                                                          
@@ -149,14 +149,15 @@
 
                                                                                                                                                                                                                                          • score (Node A) = 10 x (100 - 100 x 1/4) = 750
                                                                                                                                                                                                                                          • score (Node B) = 10 x (100 - 100 x 2/4) = 500
                                                                                                                                                                                                                                          • score (Node C) = 10 x (100 - 100 x 4/4) = 0
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Therefore, the optimal node is Node A.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Enabling NUMA Affinity Scheduling for Volcano
                                                                                                                                                                                                                                          1. Enable static CPU management in the node pool. For details, see Enabling CPU Management for a Custom Node Pool.
                                                                                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                            2. Choose Nodes in the navigation pane and click the Node Pools tab on the right. Locate the target node pool and choose More > Manage.
                                                                                                                                                                                                                                            3. On the Manage Configurations page, change the cpu-manager-policy value to static in the kubelet area.
                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                            4. Click OK.
                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                          2. Configure a CPU topology policy in the node pool.
                                                                                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Nodes. On the right of the page, click the Node Pools tab and choose More > Manage in the Operation column of the target node pool.
                                                                                                                                                                                                                                            2. Change the kubelet Topology Management Policy (topology-manager-policy) value to the required CPU topology policy.
                                                                                                                                                                                                                                              Valid topology policies include none, best-effort, restricted, and single-numa-node. For details, see Pod Scheduling Process.
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                              Enabling NUMA Affinity Scheduling for Volcano
                                                                                                                                                                                                                                              1. Enable CPU management in the node pool. For details, see Enabling CPU Management for a Custom Node Pool.
                                                                                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                2. Choose Nodes in the navigation pane and click the Node Pools tab on the right. Locate the target node pool and choose More > Manage.
                                                                                                                                                                                                                                                3. On the Manage Configurations page, adjust the CPU Management Policy (cpu-manager-policy) in the kubelet area based on the QoS class of the service pods.
                                                                                                                                                                                                                                                  • If the QoS class is Guaranteed (where resource requests equal limits), set the policy to static.
                                                                                                                                                                                                                                                  • If the QoS class is Burstable (where resource requests and limits are different), set the policy to enhanced-static.
                                                                                                                                                                                                                                                  • If the node pool contains pods with both Guaranteed and Burstable QoS classes, set the policy to enhanced-static.
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                4. Click OK.
                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                              2. Configure a CPU topology policy in the node pool.
                                                                                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                2. Choose Nodes in the navigation pane and click the Node Pools tab on the right. Locate the target node pool and choose More > Manage.
                                                                                                                                                                                                                                                3. Change the kubelet Topology Management Policy (topology-manager-policy) value to the required CPU topology policy.
                                                                                                                                                                                                                                                  Valid topology policies include none, best-effort, restricted, and single-numa-node. For details, see Pod Scheduling Process.
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                              3. Enable the numa-aware add-on and the resource_exporter function.
                                                                                                                                                                                                                                                Volcano 1.7.1 or later
                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console. Choose Add-ons in the navigation pane, locate Volcano Scheduler on the right, and click Edit.
                                                                                                                                                                                                                                                2. In the Extended Functions area, enable NUMA Topology Scheduling and click OK.
                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                Volcano earlier than 1.7.1
                                                                                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Settings and click the Scheduling tab. Select Volcano scheduler, find the expert mode, and click Try Now.
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                  2. In the navigation pane, choose Add-ons. Locate Volcano Scheduler on the right and click Edit.
                                                                                                                                                                                                                                                  3. In the Extended Functions area, enable NUMA Topology Scheduling and click OK.
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  Volcano earlier than 1.7.1
                                                                                                                                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                  2. In the navigation pane, choose Settings and click the Scheduling tab. Find the expert mode and click Try Now.
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                  3. Enable resource_exporter_enable to collect node NUMA information. The following is an example in JSON format:
                                                                                                                                                                                                                                                    {
    "plugins": {
       "eas_service": {
@@ -174,20 +175,22 @@
    },
    "resource_exporter_enable": "true"
 }
                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                    After this function is enabled, you can view the NUMA topology information of the current node.
                                                                                                                                                                                                                                                    kubectl get numatopo 
-NAME              AGE
+
                                                                                                                                                                                                                                                    After enabling this function, run the following command to view the NUMA topology information of the current node:
                                                                                                                                                                                                                                                    kubectl get numatopo 
                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                    Information similar to the following is displayed:
                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                    NAME              AGE
 node-1            4h8m
 node-2            4h8m
 node-3            4h8m
                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                  4. Enable the Volcano numa-aware algorithm add-on.
                                                                                                                                                                                                                                                    kubectl edit cm -n kube-system volcano-scheduler-configmap
                                                                                                                                                                                                                                                    kind: ConfigMap
+
                                                                                                                                                                                                                                                  5. Enable the Volcano numa-aware algorithm add-on.
                                                                                                                                                                                                                                                    kubectl edit cm -n kube-system volcano-scheduler-configmap
                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                    Add the highlighted content to the YAML file to enable Volcano NUMA-aware scheduling:
                                                                                                                                                                                                                                                    kind: ConfigMap
 apiVersion: v1
 metadata:
   name: volcano-scheduler-configmap
   namespace: kube-system
 data:
   default-scheduler.conf: |-
-    actions: "allocate, backfill, preempt"
+    actions: "allocate, backfill"
     tiers:
     - plugins:
       - name: priority
@@ -208,10 +211,10 @@ data:
       - name: nodeCSIscheduling
       - name: networkresource
         arguments:
-          NetworkType: vpc-router
-      - name: numa-aware # add it to enable numa-aware plugin
+          NetworkType: vpc-router    # The parameter value depends on the cluster type.
+      - name: numa-aware # Enable NUMA Aware.
         arguments:
-          weight: 10 # the weight of the NUMA Aware Plugin
                                                                                                                                                                                                                                                    
+          weight: 10 # Weight of NUMA Aware
 
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  
@@ -222,28 +225,29 @@ data:
 
                                                                                                                                                                                                                                                  1. Refer to the following examples for configuration.
                                                                                                                                                                                                                                                    1. Example 1: Configure NUMA affinity for a Deployment.
                                                                                                                                                                                                                                                      kind: Deployment
 apiVersion: apps/v1
 metadata:
-  name: numa-tset
+  name: numa-test
 spec:
   replicas: 1
   selector:
     matchLabels:
-      app: numa-tset
+      app: numa-test
   template:
     metadata:
       labels:
-        app: numa-tset
+        app: numa-test
       annotations:
         volcano.sh/numa-topology-policy: single-numa-node    # Configure the topology policy.
     spec:
+      schedulerName: volcano
       containers:
         - name: container-1
           image: nginx:alpine
           resources:
             requests:
-              cpu: 2           # The value must be an integer and must be the same as that in limits.
+              cpu: 2           # The value must be an integer.
               memory: 2048Mi
             limits:
-              cpu: 2           # The value must be an integer and must be the same as that in requests.
+              cpu: 2           # The value must be an integer.
               memory: 2048Mi
       imagePullSecrets:
       - name: default-secret
                                                                                                                                                                                                                                                      
@@ -317,23 +321,23 @@ spec:
 
                                                                                                                                                                                                                                                      • In example 1, 2 CPU cores are requested by a pod, and the single-numa-node topology policy is used. Therefore, the pod will be scheduled to node 1 with the same policy.
                                                                                                                                                                                                                                                      • In example 2, 20 CPU cores are requested by a pod, and the best-effort topology policy is used. The pod will be scheduled to node 3 because it can allocate all the requested 20 CPU cores onto one NUMA node, while node 2 can do so on two NUMA nodes.
                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                Checking NUMA Node Usage
                                                                                                                                                                                                                                                Run the lscpu command to check the CPU usage of the current node.
                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                # Check the CPU usage of the current node.
-lscpu
-...
+
                                                                                                                                                                                                                                                Checking NUMA Node Usage
                                                                                                                                                                                                                                                1. Run the following command to check the CPU usage of the current node:
                                                                                                                                                                                                                                                  lscpu
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  Information similar to the following is displayed:
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  ...
 CPU(s):              32
 NUMA node(s):        2
 NUMA node0 CPU(s):   0-15
 NUMA node1 CPU(s):   16-31
                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                  Then, check the NUMA node usage.
                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                  # Check the CPU allocation of the current node.
-cat /var/lib/kubelet/cpu_manager_state
-{"policyName":"static","defaultCpuSet":"0,10-15,25-31","entries":{"777870b5-c64f-42f5-9296-688b9dc212ba":{"container-1":"16-24"},"fb15e10a-b6a5-4aaa-8fcd-76c1aa64e6fd":{"container-1":"1-9"}},"checksum":318470969}
                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                  The preceding example shows that two containers are running on the node. One container uses CPU cores 1 to 9 of NUMA node 0, and the other container uses CPU cores 16 to 24 of NUMA node 1.
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                2. Run the following command to check NUMA node usage:
                                                                                                                                                                                                                                                  cat /var/lib/kubelet/cpu_manager_state
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  Information similar to the following is displayed:
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  {"policyName":"static","defaultCpuSet":"0,10-15,25-31","entries":{"777870b5-c64f-42f5-9296-688b9dc212ba":{"container-1":"16-24"},"fb15e10a-b6a5-4aaa-8fcd-76c1aa64e6fd":{"container-1":"1-9"}},"checksum":318470969}
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  The preceding example shows that two containers are running on the node. One container uses CPU cores 1 to 9 of NUMA node 0, and the other container uses CPU cores 16 to 24 of NUMA node 1.
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                Common Issues
                                                                                                                                                                                                                                                Schedule pods failed.
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                If Volcano is set as the scheduler and only NUMA is enabled without configuring CPU management during pod scheduling, job scheduling may fail. To fix this issue, do as follows:
                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                • Before using NUMA affinity scheduling, make sure that Volcano has been deployed and is running properly.
                                                                                                                                                                                                                                                • When using NUMA affinity scheduling:
                                                                                                                                                                                                                                                  1. Set the CPU management policy (cpu-manager-policy) of the node pool to static.
                                                                                                                                                                                                                                                  2. Correctly configure the topology management policy (topology-manager-policy) in the node pool.
                                                                                                                                                                                                                                                  3. Configure a correct topology policy for pods to filter nodes with the same topology policy in the node pool. For details, see Example of NUMA Affinity Scheduling.
                                                                                                                                                                                                                                                  4. Configure the Volcano scheduler to schedule application pods. For details, see Scheduling Workloads. Make sure that the CPU requests for all containers within the pods are integers (measured in cores) and that the requests and limits are identical.
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  • Before using NUMA affinity scheduling, make sure that Volcano has been deployed and is running properly.
                                                                                                                                                                                                                                                  • When using NUMA affinity scheduling:
                                                                                                                                                                                                                                                    1. Correctly configure the CPU management policy (cpu-manager-policy) of the node pool.
                                                                                                                                                                                                                                                      • If the QoS class is Guaranteed (where resource requests equal limits), set the policy to static.
                                                                                                                                                                                                                                                      • If the QoS class is Burstable (where resource requests and limits are different), set the policy to enhanced-static.
                                                                                                                                                                                                                                                      • If the node pool contains pods with both Guaranteed and Burstable QoS classes, set the policy to enhanced-static.
                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                    2. Correctly configure the topology management policy (topology-manager-policy) in the node pool.
                                                                                                                                                                                                                                                    3. Configure a correct topology policy for pods to filter nodes with the same topology policy in the node pool. For details, see Example of NUMA Affinity Scheduling.
                                                                                                                                                                                                                                                    4. Configure the Volcano scheduler to schedule application pods. For details, see Scheduling Workloads. Make sure that the CPU requests for all containers within the pods are integers (measured in cores).
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                
diff --git a/docs/cce/umn/cce_10_0426.html b/docs/cce/umn/cce_10_0426.html
index d151a9b13..bb5dc7455 100644
--- a/docs/cce/umn/cce_10_0426.html
+++ b/docs/cce/umn/cce_10_0426.html
@@ -5,14 +5,13 @@
 
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              Notes and Constraints
                                                                                                                                                                                                                                              • Do not add more than 1000 pods to the same security group. Otherwise, the security group performance may be impacted. 
                                                                                                                                                                                                                                              • Exercise caution when modifying the security group rules of a master node. 
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                              Procedure
                                                                                                                                                                                                                                              1. Log in to the CCE console. In the navigation pane, choose Clusters.
                                                                                                                                                                                                                                              2. Click the cluster name to access the Overview page.
                                                                                                                                                                                                                                              3. In the Networking Configuration area, click Edit next to the Default Node Security Group.
                                                                                                                                                                                                                                              4. Select an existing security group, confirm that the security group rules meet the cluster requirements, and click OK.
                                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                                • Ensure that correct port rules are configured for the selected security group. Otherwise, the node cannot be created. The port rules that a security group must comply with vary with the cluster type. 
                                                                                                                                                                                                                                                • The new security group takes effect only for newly created or managed nodes. For existing nodes, modify the security group rules and reset the nodes in real time. The original security group is still used. 
                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                Procedure
                                                                                                                                                                                                                                                1. Log in to the CCE console. In the navigation pane, choose Clusters.
                                                                                                                                                                                                                                                2. Click the cluster name to access the Overview page.
                                                                                                                                                                                                                                                3. In the Networking Configuration area, click Edit next to the Default Node Security Group.
                                                                                                                                                                                                                                                4. Select an existing security group, confirm that the security group rules meet the cluster requirements, and click OK.
                                                                                                                                                                                                                                                  • Ensure that correct port rules are configured for the selected security group. Otherwise, the node cannot be created. The port rules that a security group must comply with vary with the cluster type. 
                                                                                                                                                                                                                                                  • The new security group takes effect only for newly created or managed nodes. For existing nodes, modify the security group rules and reset the nodes in real time. The original security group is still used. 
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                              Parent topic: Managing a Cluster
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                              Parent topic: Managing Clusters
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              
 
diff --git a/docs/cce/umn/cce_10_0430.html b/docs/cce/umn/cce_10_0430.html
index e877f7b26..e7820757d 100644
--- a/docs/cce/umn/cce_10_0430.html
+++ b/docs/cce/umn/cce_10_0430.html
@@ -5,7 +5,7 @@
 
                                                                                                                                                                                                                                              Cluster Network
                                                                                                                                                                                                                                              A cluster network can be divided into three network types:
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              • Node network: IP addresses are assigned to nodes in a cluster.
                                                                                                                                                                                                                                              • Container network: IP addresses are assigned to containers in a cluster for communication. Currently, multiple container network models are supported, and each model has its own working mechanism.
                                                                                                                                                                                                                                              • Service network: A Service is a Kubernetes object used to access containers. Each Service has a static IP address.
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              When you create a cluster, select a proper CIDR block for each network. Ensure that the CIDR blocks do not conflict with each other and have sufficient available IP addresses. You cannot change the container network model after the cluster is created. Plan the container network model properly in advance.
                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                              You are advised to learn about the cluster network and container network models before creating a cluster. For details, see Container Network.
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                              You are advised to learn about the cluster network and container network models before creating a cluster. For details, see Container Networks.
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              Number of Master Nodes in a Cluster and Cluster Scale
                                                                                                                                                                                                                                              In a CCE cluster, the number of master nodes does not determine the cluster scale. These are two different aspects of the cluster.
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              • Master nodes: When creating a cluster on CCE, you have the option to choose one or three master nodes. If you choose three master nodes, the cluster will have high availability.
                                                                                                                                                                                                                                              • Cluster scale: refers to the maximum number of worker nodes that can be managed by a cluster. For example, you can choose a cluster management scale of 50 or 200 nodes when creating the cluster. The flavors of the master nodes are influenced by the cluster scale. Higher cluster scales require higher flavors of the master nodes.
                                                                                                                                                                                                                                                It is possible to change the cluster scale after creating the cluster. However, you can only increase the scale and cannot decrease it. For details, see Changing a Cluster Scale.
                                                                                                                                                                                                                                                
diff --git a/docs/cce/umn/cce_10_0431.html b/docs/cce/umn/cce_10_0431.html
index acd927ec3..68b6aec68 100644
--- a/docs/cce/umn/cce_10_0431.html
+++ b/docs/cce/umn/cce_10_0431.html
@@ -4,7 +4,7 @@
 
                                                                                                                                                                                                                                                Check Items
                                                                                                                                                                                                                                                Check the following items:
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                • Check whether the node is available. 
                                                                                                                                                                                                                                                • Check whether the node OS supports the upgrade.
                                                                                                                                                                                                                                                • Check whether the node is marked with unexpected node pool labels.
                                                                                                                                                                                                                                                • Check whether the Kubernetes node name is the same as the ECS name.
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                Solution
                                                                                                                                                                                                                                                1. The node is unavailable. Preferentially recover the node.
                                                                                                                                                                                                                                                  If a node is unavailable, log in to the CCE console and click the cluster name to access the cluster console. Then, choose Nodes in the navigation pane. In the right pane, click the Nodes tab. Ensure that the node is in the Running state. A node in the Installing or Deleting state cannot be upgraded.
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  Solution
                                                                                                                                                                                                                                                  1. The node is unavailable. Preferentially recover the node.
                                                                                                                                                                                                                                                    If a node is unavailable, log in to the CCE console and click the cluster name to access the cluster console. Then, choose Nodes in the navigation pane. In the right pane, click the Nodes tab. Ensure that the node is in the Running state. A node in the Installing or Deleting state cannot be upgraded.
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                    If a node is unavailable, recover the node and retry the check task. 
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                  2. The node OS does not support the upgrade.
                                                                                                                                                                                                                                                    The following table lists the node OSs that support the upgrade. You can reset the node OS to an available OS in the list.
                                                                                                                                                                                                                                                    
 
@@ -37,7 +37,7 @@
 
                                                                                                                                                                                                                                                    • If no, delete the label.
                                                                                                                                                                                                                                                    • If yes, modify the load balancing policy, remove the dependency, and then delete the label.
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                  3. The node is marked with a CNIProblem taint. Preferentially recover the node.
                                                                                                                                                                                                                                                    The node contains a taint whose key is node.cloudprovider.kubernetes.io/cni-problem, and the effect is NoSchedule. The taint is added by the NPD add-on. Upgrade the NPD add-on to the latest version and check again. If the problem persists, contact technical support.
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                  4. The resources for the affected node in Kubernetes are not available. It is possible that the node is being deleted. Try again later.
                                                                                                                                                                                                                                                    Recheck after the node is deleted.
                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                  5. The OS running on the master node is EulerOS 2.5, which does not support the cluster to be upgraded to v1.27.5-r0.
                                                                                                                                                                                                                                                    You can upgrade the version to 1.25 or 1.28. If you choose to upgrade the version to 1.28, EulerOS 2.5 will be upgraded to HCE 2.0 during the upgrade. If you have other requirements, submit a service ticket.
                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                  6. The OS running on the master node is EulerOS 2.5, which does not support the cluster to be upgraded to v1.27.5-r0.
                                                                                                                                                                                                                                                    You can upgrade the version to 1.25 or 1.28. If you choose to upgrade the version to 1.28, EulerOS 2.5 will be rolling upgraded to HCE OS 2.0 during the upgrade. If you have other requirements, submit a service ticket.
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                
diff --git a/docs/cce/umn/cce_10_0433.html b/docs/cce/umn/cce_10_0433.html
index 824e21107..91d656564 100644
--- a/docs/cce/umn/cce_10_0433.html
+++ b/docs/cce/umn/cce_10_0433.html
@@ -4,13 +4,14 @@
 
                                                                                                                                                                                                                                                Check Items
                                                                                                                                                                                                                                                Check the following items:
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                • Check whether the add-on status is normal.
                                                                                                                                                                                                                                                • Check whether the add-on supports the target version.
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                Solution
                                                                                                                                                                                                                                                • Scenario 1: The add-on malfunctions.
                                                                                                                                                                                                                                                  Log in to the CCE console and click the cluster name to access the cluster console. Choose Add-ons in the navigation pane and obtain add-ons. Then, handle malfunctional add-ons.
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  Solution
                                                                                                                                                                                                                                                  • Scenario 1: The add-on malfunctions.
                                                                                                                                                                                                                                                    Log in to the CCE console and click the cluster name to access the cluster console. Choose Add-ons in the navigation pane and obtain the malfunctional add-on. Then, rectify the fault.
                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                  • Scenario 2: The target version of the cluster upgrade does not support the add-on.
                                                                                                                                                                                                                                                    The following error information is displayed during the pre-upgrade check:
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                    addon [***] does not support cluster target version, check and try again
                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                    Log in to the CCE console and click the cluster name to access the cluster console. Choose Add-ons in the navigation pane and manually uninstall the add-on. For details about the supported add-on versions and substitutions, see the Help document.
                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                    Log in to the CCE console and click the cluster name to access the cluster console. Choose Add-ons in the navigation pane and manually uninstall the add-on. For details about the supported add-on versions and substitutions, see the Help document.
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                  • Scenario 3: The add-on configuration does not meet the upgrade requirements. Upgrade the add-on and try again.
                                                                                                                                                                                                                                                    The following error information is displayed during the pre-upgrade check:
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                    please upgrade addon [ ] in the page of addon managecheck and try again
                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                    In this case, log in to the CCE console and click the cluster name to access the cluster console. Choose Add-ons in the navigation pane and manually upgrade the add-on.
                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                    In this case, log in to the CCE console and click the cluster name to access the cluster console. Choose Add-ons in the navigation pane and manually upgrade the add-on.
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                
diff --git a/docs/cce/umn/cce_10_0436.html b/docs/cce/umn/cce_10_0436.html
index 52c69f82a..f87a70da0 100644
--- a/docs/cce/umn/cce_10_0436.html
+++ b/docs/cce/umn/cce_10_0436.html
@@ -3,9 +3,9 @@
 
                                                                                                                                                                                                                                                Node Pools
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                Check Items
                                                                                                                                                                                                                                                • Check the node pool status.
                                                                                                                                                                                                                                                • Check whether the node pool OS or container runtime is supported after the upgrade.
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                Solution
                                                                                                                                                                                                                                                • Scenario: The node pool malfunctions.
                                                                                                                                                                                                                                                  Log in to the CCE console and click the cluster name to access the cluster console. Choose Nodes in the navigation pane and check the status of the affected node pool on the Node Pools tab. If the node pool is being scaled, wait until the node pool scaling is complete.
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  Solution
                                                                                                                                                                                                                                                  • Scenario: The node pool malfunctions.
                                                                                                                                                                                                                                                    Log in to the CCE console and click the cluster name to access the cluster console. Choose Nodes in the navigation pane and check the status of the affected node pool on the Node Pools tab. If the node pool is being scaled, wait until the node pool scaling is complete.
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                  • Scenario: The node pool OS is not supported.
                                                                                                                                                                                                                                                    The runtime and OS vary depending on the cluster version. This issue typically occurs when a cluster of an earlier version is upgraded to v1.27 or later. 
                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                    Log in to the CCE console and click the cluster name to access the cluster console. Choose Nodes in the navigation pane, view the status of the affected node pool on the Node Pools tab, and click Upgrade. Change the supported OSs based on the pre-upgrade check result, and click OK.
                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                    Log in to the CCE console and click the cluster name to access the cluster console. Choose Nodes in the navigation pane, check the status of the affected node pool on the Node Pools tab, and click Upgrade. Change the supported OSs based on the pre-upgrade check result, and click OK.
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                    If there are nodes in the affected node pool, choose More > Synchronize in the operation column to synchronize the OS of the existing nodes. For details, see Synchronizing Node Pools.
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  
diff --git a/docs/cce/umn/cce_10_0437.html b/docs/cce/umn/cce_10_0437.html
index 23e8f9471..b8276ff3e 100644
--- a/docs/cce/umn/cce_10_0437.html
+++ b/docs/cce/umn/cce_10_0437.html
@@ -5,12 +5,12 @@
 
                                                                                                                                                                                                                                                   
                                                                                                                                                                                                                                                  This check item is performed only for clusters using VPC networking. For clusters using other networking, skip this check item.
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                Solution
                                                                                                                                                                                                                                                Log in to the VPC console, choose Access Control > Security Groups, and enter the target cluster name in the search box. Two security groups are expected to display:
                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                • The security group name is cluster name-node-xxx. This security group is associated with the worker nodes.
                                                                                                                                                                                                                                                • The security group name is cluster name-control-xxx. This security group is associated with the master nodes.
                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                Solution
                                                                                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                2. In the navigation pane, choose Overview. In the Networking Configuration area, view the default node security group.
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                3. Click the name of the default node security group to go to the details pagee. Ensure that the inbound rules contain the rule in the figure below. This rule allows the master node to access worker nodes using the ICMP protocol.
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                4. If the rule does not exist, click Add Rule to add the inbound rule to the node security group.
                                                                                                                                                                                                                                                  • Priority: Set it to 1.
                                                                                                                                                                                                                                                  • Action: Select Allow.
                                                                                                                                                                                                                                                  • Type: Select IPv4.
                                                                                                                                                                                                                                                  • Protocol & Port: Select Protocols/ICMP and select All for Port.
                                                                                                                                                                                                                                                  • Source: Select Security Group and set it to the master node security group. The master node security group is in the format of cluster-name-control-xxx. You can search for the security group by cluster name.
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                Click the node security group and ensure that the following rules are configured to allow the master node to access the node using ICMP.
                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                If the preceding security group rule is unavailable, add the rule with the following configurations to the node security group: Set Protocol & Port to ICMP: All, and Source to Security group and then the master node's security group. 
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                
diff --git a/docs/cce/umn/cce_10_0439.html b/docs/cce/umn/cce_10_0439.html
index d4b176f7a..2e1ddfc15 100644
--- a/docs/cce/umn/cce_10_0439.html
+++ b/docs/cce/umn/cce_10_0439.html
@@ -5,7 +5,7 @@
 
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                Solution
                                                                                                                                                                                                                                                This issue is caused by either an error in the node's package pull component or the absence of key system components on the node, which could be due to an upgrade from an earlier version.
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                Solution 1
                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                Log in to the CCE console and click the cluster name to access the cluster console. Choose Nodes in the navigation pane. Locate the row containing the target node and choose More > Reset Node in the Operation column. For details, see Resetting a Node. After the node is reset, retry the check task.
                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                Log in to the CCE console and click the cluster name to access the cluster console. Choose Nodes in the navigation pane. Locate the row containing the target node and choose More > Reset Node in the Operation column. For details, see Resetting a Node. After the node is reset, retry the check task.
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                                Resetting a node will reset all node labels, which may affect workload scheduling. Before resetting a node, check and retain the labels that you have manually added to the node.
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                Solution 2
                                                                                                                                                                                                                                                
diff --git a/docs/cce/umn/cce_10_0440.html b/docs/cce/umn/cce_10_0440.html
index a587b2499..c48a63d70 100644
--- a/docs/cce/umn/cce_10_0440.html
+++ b/docs/cce/umn/cce_10_0440.html
@@ -3,13 +3,19 @@
 
                                                                                                                                                                                                                                                Discarded Kubernetes Resources
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                Check Items
                                                                                                                                                                                                                                                Check whether there are discarded resources in the clusters.
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                Solution
                                                                                                                                                                                                                                                • Scenario 1: The Service in the clusters of v1.25 or later has discarded annotation tolerate-unready-endpoints.
                                                                                                                                                                                                                                                  Error log:
                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                  some check failed in cluster upgrade: this cluster has deprecated service list: map[***] with deprecated annotation list [tolerate-unready-endpoints]
                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                  Check whether the Service provided in the log information contains the annotation tolerate-unready-endpoint. If so, replace the annotation with the following fields in Service spec:
                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                  publishNotReadyAddresses: true
                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                • Scenario 2: The Service in the clusters of v1.27 or later has discarded annotation service.kubernetes.io/topology-aware-hints.
                                                                                                                                                                                                                                                  Error log:
                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                  some check failed in cluster upgrade: this cluster has deprecated service list: map[***] with deprecated annotation list [service.kubernetes.io/topology-aware-hints]
                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                  Check whether the Service provided in the log information contains the annotation service.kubernetes.io/topology-aware-hints. If so, replace it with the annotation service.kubernetes.io/topology-mode in the affected Service.
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  Solution
                                                                                                                                                                                                                                                  • Scenario 1: The Service in the clusters of v1.25 or later has deprecated annotation tolerate-unready-endpoints.
                                                                                                                                                                                                                                                    Error log:
                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                    some check failed in cluster upgrade: this cluster has deprecated service list: map[test-svc] with deprecated annotation list [tolerate-unready-endpoints]
                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                    In this example, check the log to see if the Service (test-svc) has the tolerate-unready-endpoints annotation. This annotation indicates whether the endpoint controller should continue creating endpoints for unready pods. If the deprecated annotation exists, delete it and add the following field to the Service's spec as a replacement. For details, see ServiceSpec.
                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                    1. Run the kubectl command to modify the YAML file of the Service.
                                                                                                                                                                                                                                                      kubectl edit service test-svc
                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                    2. Delete the "tolerate-unready-endpoints" annotation and add the following field to spec to replace the annotation:
                                                                                                                                                                                                                                                      publishNotReadyAddresses: true
                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                  • Scenario 2: The Service in the clusters of v1.27 or later has deprecated annotation service.kubernetes.io/topology-aware-hints.
                                                                                                                                                                                                                                                    Error log:
                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                    some check failed in cluster upgrade: this cluster has deprecated service list: map[test-svc] with deprecated annotation list [service.kubernetes.io/topology-aware-hints]
                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                    In this example, check the log to see if the Service (test-svc) contains the service.kubernetes.io/topology-aware-hints annotation. This annotation was used to enable topology aware hints in Services. However, this function have been renamed. If the deprecated annotation exists, delete it and use service.kubernetes.io/topology-mode as a replacement (For details, see Topology Aware Routing):
                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                    1. Run the kubectl command to modify the YAML file of the Service.
                                                                                                                                                                                                                                                      kubectl edit service test-svc
                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                    2. Delete the "service.kubernetes.io/topology-aware-hints" annotation and add the "service.kubernetes.io/topology-mode" annotation to spec.
                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                
diff --git a/docs/cce/umn/cce_10_0441.html b/docs/cce/umn/cce_10_0441.html
index 23fcc6299..16b5b83ae 100644
--- a/docs/cce/umn/cce_10_0441.html
+++ b/docs/cce/umn/cce_10_0441.html
@@ -12,7 +12,14 @@
 
 
                                                                                                                                                                                                                                          
-
+
+
+
+
-
diff --git a/docs/cce/umn/cce_10_0442.html b/docs/cce/umn/cce_10_0442.html
index b5680cced..be1fa1230 100644
--- a/docs/cce/umn/cce_10_0442.html
+++ b/docs/cce/umn/cce_10_0442.html
@@ -9,10 +9,11 @@
 
                                                                                                                                                                                                                                          Perform the pre-upgrade check again.
                                                                                                                                                                                                                                        6. Scenario 2: The error message "your cce-agent is not the latest version" is displayed.
                                                                                                                                                                                                                                          This issue occurs if cce-agent is not of the latest version and the automatic update failed. This issue is typically caused by an invalid OBS path or the component version is outdated.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Solution
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          1. Log in to the affected node and run the following command to obtain a valid OBS address:
                                                                                                                                                                                                                                            cat /home/paas/upgrade/agentConfig | python -m json.tool
                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                          2. Log in to a where the check failed, obtain the OBS address again by referring to the previous step, and check whether the OBS addresses are the same. If they are different, change the OBS address of the abnormal node to the correct address.
                                                                                                                                                                                                                                          3. Run the following commands to download the latest binary file:
                                                                                                                                                                                                                                            • x86
                                                                                                                                                                                                                                              curl -k "https://{OBS address you have obtained}/cluster-versions/base/cce-agent" > /tmp/cce-agent
                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                            • Arm
                                                                                                                                                                                                                                              curl -k "https://{OBS address you have obtained}/cluster-versions/base/cce-agent-arm" > /tmp/cce-agent-arm
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                              1. Log in to a properly running node and run the following command to obtain the path to the cce-agent configuration file:
                                                                                                                                                                                                                                                find / -name "agentConfig"
                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                              2. Check the cce-agent configuration file and obtain the valid OBS address. addr in the following figure is the correct OBS address.
                                                                                                                                                                                                                                                cat /opt/cloud/cce/kubernetes/cce-agent/agentConfig | python -m json.tool
                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                              3. Log in to a where the check failed, obtain the OBS address again by referring to the previous step, and check whether the OBS addresses are the same. If they are different, change the OBS address of the abnormal node to the correct address.
                                                                                                                                                                                                                                              4. Run the following commands to download the latest binary file:
                                                                                                                                                                                                                                                • x86
                                                                                                                                                                                                                                                  curl -k "https://{OBS-address-obtained}/cluster-versions/base/cce-agent" > /tmp/cce-agent
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                • Arm
                                                                                                                                                                                                                                                  curl -k "https://{OBS-address-obtained}/cluster-versions/base/cce-agent-arm" > /tmp/cce-agent-arm
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                              5. Replace the original cce-agent binary file.
                                                                                                                                                                                                                                                • x86
                                                                                                                                                                                                                                                  mv -f /tmp/cce-agent /usr/local/bin/cce-agent
 chmod 750 /usr/local/bin/cce-agent
diff --git a/docs/cce/umn/cce_10_0445.html b/docs/cce/umn/cce_10_0445.html
index e06a42912..49b4d61d0 100644
--- a/docs/cce/umn/cce_10_0445.html
+++ b/docs/cce/umn/cce_10_0445.html
@@ -2,7 +2,7 @@
 
 
                                                                                                                                                                                                                                                  Node Disks
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  Check Items
                                                                                                                                                                                                                                                  Check the following items:
                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                  • Check whether the key data disks on the node meet the upgrade requirements.
                                                                                                                                                                                                                                                  • Check whether the /tmp directory has 500 MB available space.
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  • Check whether the key data disks on the node meet the upgrade requirements.
                                                                                                                                                                                                                                                  • Check whether the /tmp directory has 500 MB of available space.
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  Solution
                                                                                                                                                                                                                                                  During the node upgrade, the key disks store the upgrade component package, and the /tmp directory stores temporary files.
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  
diff --git a/docs/cce/umn/cce_10_0447.html b/docs/cce/umn/cce_10_0447.html
index a8a245084..acd81f009 100644
--- a/docs/cce/umn/cce_10_0447.html
+++ b/docs/cce/umn/cce_10_0447.html
@@ -1,13 +1,9 @@
 
 
 
                                                                                                                                                                                                                                                  Node Key Directory File Permissions
                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                  Check Items
                                                                                                                                                                                                                                                  Check whether the owner and owner group of the files in the /var/paas directory used by the CCE are both paas.
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  Check Items
                                                                                                                                                                                                                                                  Check whether the root directory permissions are properly assigned.
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                  Solution
                                                                                                                                                                                                                                                  • Scenario 1: The error message "xx file permission has been changed!" is displayed.
                                                                                                                                                                                                                                                    Solution: Enable CCE to use the /var/paas directory to manage nodes and store file data whose owner and owner group are both paas.
                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                    During the current cluster upgrade, the owner and owner group of the files in the /var/paas directory are reset to paas.
                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                    Check whether file data in the current service pod is stored in the /var/paas directory. If yes, do not use this directory, remove abnormal files from this directory, and check again. After the check is passed, proceed with the upgrade.
                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                    find /var/paas -not \( -user paas -o -user root \) -print
                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                  • Scenario 2: The error message "user paas must have at least read and execute permissions on the root directory" is displayed.
                                                                                                                                                                                                                                                    Solution: Change the permission on the root directory to the default permission 555. If the permission on the root directory of the node is modified, user paas does not have the read permission on the root directory. As a result, restarting the component failed during the upgrade.
                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                    Solution
                                                                                                                                                                                                                                                    • Scenario 1: The error message "user paas must have at least read and execute permissions on the root directory" is displayed.
                                                                                                                                                                                                                                                      Solution: Change the permission on the root directory to the default permission 555. If the permission on the root directory of the node is modified, user paas does not have the read permission on the root directory. As a result, restarting the component failed during the upgrade.
                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                  
diff --git a/docs/cce/umn/cce_10_0448.html b/docs/cce/umn/cce_10_0448.html
index 67f5997d2..77ecb2212 100644
--- a/docs/cce/umn/cce_10_0448.html
+++ b/docs/cce/umn/cce_10_0448.html
@@ -3,8 +3,7 @@
 
                                                                                                                                                                                                                                                  kubelet
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  Check Items
                                                                                                                                                                                                                                                  Check whether the kubelet on the node is running properly.
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                  Solution
                                                                                                                                                                                                                                                  
diff --git a/docs/cce/umn/cce_10_0449.html b/docs/cce/umn/cce_10_0449.html
index 8549e3152..d7763d36c 100644
--- a/docs/cce/umn/cce_10_0449.html
+++ b/docs/cce/umn/cce_10_0449.html
@@ -3,7 +3,7 @@
 
                                                                                                                                                                                                                                                  Node Memory
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  Check Items
                                                                                                                                                                                                                                                  Check whether the node's memory usage is above 90%.
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                  Solution
                                                                                                                                                                                                                                                  • Upgrade the cluster during off-peak hours.
                                                                                                                                                                                                                                                  • Check whether too many pods are deployed on the node. If yes, reschedule pods to other idle nodes.
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  Solution
                                                                                                                                                                                                                                                  • Upgrade the cluster during off-peak hours.
                                                                                                                                                                                                                                                  • Log in to the node, run the top command to obtain the memory usage of the process, and adjust the services running on the node as needed.
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  
diff --git a/docs/cce/umn/cce_10_0450.html b/docs/cce/umn/cce_10_0450.html
index 4a7117b28..3b99aa399 100644
--- a/docs/cce/umn/cce_10_0450.html
+++ b/docs/cce/umn/cce_10_0450.html
@@ -5,11 +5,11 @@
 
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  Solution
                                                                                                                                                                                                                                                  • Scenario 1: ntpd is running abnormally.
                                                                                                                                                                                                                                                    Log in to the node and run the systemctl status ntpd command to obtain the running status of ntpd. If the command output is abnormal, run the systemctl restart ntpd command and obtain the status again.
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                    The normal command output is as follows:
                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                    Figure 1 Running status of ntpd
                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                    Figure 1 Running status of ntpd
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                    If the problem persists after ntpd is restarted, contact technical support.
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                  • Scenario 2: chronyd is running abnormally.
                                                                                                                                                                                                                                                    Log in to the node and run the systemctl status chronyd command to obtain the running status of chronyd. If the command output is abnormal, run the systemctl restart chronyd command and obtain the status again.
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                    The normal command output is as follows:
                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                    Figure 2 Running status of chronyd
                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                    Figure 2 Running status of chronyd
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                    If the problem persists after chronyd is restarted, contact technical support.
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  
diff --git a/docs/cce/umn/cce_10_0455.html b/docs/cce/umn/cce_10_0455.html
index 29dcdd823..df8014b1d 100644
--- a/docs/cce/umn/cce_10_0455.html
+++ b/docs/cce/umn/cce_10_0455.html
@@ -3,7 +3,7 @@
 
                                                                                                                                                                                                                                                  Node Readiness
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  Check Items
                                                                                                                                                                                                                                                  Check whether the nodes in the cluster are ready.
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                  Solution
                                                                                                                                                                                                                                                  • Scenario 1: The nodes are in the unavailable status.
                                                                                                                                                                                                                                                    Log in to the CCE console and click the cluster name to access the cluster console. Choose Nodes in the navigation pane and filter out unavailable nodes, rectify the faulty nodes by referring to the suggestions provided by the console, and check again.
                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                    Solution
                                                                                                                                                                                                                                                    • Scenario 1: The nodes are in the unavailable status.
                                                                                                                                                                                                                                                      Log in to the CCE console and click the cluster name to access the cluster console. Choose Nodes in the navigation pane and filter out unavailable nodes, rectify the faults by referring to the suggestions provided by the console, and check again.
                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                    • Scenario 2: The displayed node status is inconsistent with the actual status.
                                                                                                                                                                                                                                                      The possible causes are as follows:
                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                      1. The node status is normal on the nodes page, but the check result shows that the node is not ready. Check again.
                                                                                                                                                                                                                                                      2. The node is not found on the nodes page, but the check result shows that the node is in the cluster. Contact technical support.
                                                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_10_0456.html b/docs/cce/umn/cce_10_0456.html
index 7e765cc33..4116605a8 100644
--- a/docs/cce/umn/cce_10_0456.html
+++ b/docs/cce/umn/cce_10_0456.html
@@ -5,7 +5,7 @@
 
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                    Solution
                                                                                                                                                                                                                                                    Log in to the node and run the systemctl is-active systemd-journald command to obtain the running status of journald. If the command output is abnormal, run the systemctl restart systemd-journald command and obtain the status again.
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                    The normal command output is as follows:
                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                    Figure 1 Running status of journald
                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                    Figure 1 Running status of journald
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                    If the problem persists after journald is restarted, contact technical support.
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                  
diff --git a/docs/cce/umn/cce_10_0459.html b/docs/cce/umn/cce_10_0459.html
index bf6534bdf..ba299ca35 100644
--- a/docs/cce/umn/cce_10_0459.html
+++ b/docs/cce/umn/cce_10_0459.html
@@ -12,13 +12,13 @@ do
         echo "$mount_path hang mount"
     fi
 done
                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                • Run the saved script and check the output.
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                • Run the saved script and check the output.
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  The mount points of the /root/foo and /root/bar folders are incorrect.
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                • Run the following command to check the suspended mount points:
                                                                                                                                                                                                                                                  mount -n | grep /root/foo
                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  When a mount point is suspended, it typically indicates that services are not using it anymore. After confirming that the mount point is no longer required, run the following command to unmount it and then re-execute the previously mentioned script:
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  umount -l -f localhost:/tmp/nfs
                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  After the execution, perform the check again on the pre-upgrade check page.
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                              
 
diff --git a/docs/cce/umn/cce_10_0460.html b/docs/cce/umn/cce_10_0460.html
index 542e14942..6145ed827 100644
--- a/docs/cce/umn/cce_10_0460.html
+++ b/docs/cce/umn/cce_10_0460.html
@@ -19,7 +19,7 @@
 
 
 
                                                                                                                                                                                                                                              Solution
                                                                                                                                                                                                                                              Scenario 1: The node is skipped during the cluster upgrade.
                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                              1. Configure the kubectl command. For details, see Connecting to a Cluster Using kubectl.
                                                                                                                                                                                                                                              2. Check the kubelet version of the corresponding node. The following information is expected:
                                                                                                                                                                                                                                                Figure 1 kubelet version
                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                1. Configure the kubectl command. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                                                2. Check the kubelet version of the corresponding node. The following information is expected:
                                                                                                                                                                                                                                                  Figure 1 kubelet version
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  If the version of the node is different from that of other nodes, the node is skipped during the upgrade. Reset the node and upgrade the cluster again. For details about how to reset a node, see Resetting a Node.
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                   
                                                                                                                                                                                                                                                  Resetting a node will reset all node labels, which may affect workload scheduling. Before resetting a node, check and retain the labels that you have manually added to the node.
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  
diff --git a/docs/cce/umn/cce_10_0462.html b/docs/cce/umn/cce_10_0462.html
index 9a3ca0a79..904f8d83c 100644
--- a/docs/cce/umn/cce_10_0462.html
+++ b/docs/cce/umn/cce_10_0462.html
@@ -154,32 +154,32 @@
 
                                                                                                                                                                                                                                          7. 
-
-
-
-
-
-
-
-
-
-
@@ -243,7 +243,7 @@
 
-
diff --git a/docs/cce/umn/cce_10_0463.html b/docs/cce/umn/cce_10_0463.html
index db1c6e2ce..e03e21009 100644
--- a/docs/cce/umn/cce_10_0463.html
+++ b/docs/cce/umn/cce_10_0463.html
@@ -68,7 +68,7 @@
 
diff --git a/docs/cce/umn/cce_10_0465.html b/docs/cce/umn/cce_10_0465.html
index 14cd85d9b..ad2f1ebfe 100644
--- a/docs/cce/umn/cce_10_0465.html
+++ b/docs/cce/umn/cce_10_0465.html
@@ -9,6 +9,8 @@
 
                                                                                                                                                                                                                                        7. Configuring Pod Security Admission
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          8. 
+
                                                                                                                                                                                                                                        8. Using AppArmor to Confine Container Access to Resources
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          9. 
diff --git a/docs/cce/umn/cce_10_0476.html b/docs/cce/umn/cce_10_0476.html
index 2e2cc395f..b0aa5d9b5 100644
--- a/docs/cce/umn/cce_10_0476.html
+++ b/docs/cce/umn/cce_10_0476.html
@@ -22,26 +22,37 @@
 
 
                                                                                                                                                                                                                                          
-
-
-
-
-
-
-
-
+
+
+
+
+
+
@@ -90,26 +101,37 @@
 
-
-
-
-
-
-
-
-
+
+
+
+
+
+
@@ -158,26 +180,37 @@
 
-
-
-
-
-
-
-
-
+
+
+
+
+
+
@@ -256,7 +289,7 @@
 
-
-
-
                                                                                                                                                                                                                                          Table 4 Cloud Native Log Collection add-on
                                                                                                                                                                                                                                          Add-on Version
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Supported Cluster Version
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          1.7.2
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          1.7.3
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          v1.21
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          v1.23
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          v1.25
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          v1.27
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          v1.28
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          v1.29
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          v1.30
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          v1.31
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          v1.32
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          CCE clusters v1.32 are supported.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          1.7.2
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          v1.21
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          v1.23
                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_10_0420.html b/docs/cce/umn/cce_10_0420.html
index 8edcd603b..2165af9b5 100644
--- a/docs/cce/umn/cce_10_0420.html
+++ b/docs/cce/umn/cce_10_0420.html
@@ -1,11 +1,11 @@
 
 
 
                                                                                                                                                                                                                                          Deploying an Application Through the Helm v2 Client
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Prerequisites
                                                                                                                                                                                                                                          The Kubernetes cluster created on CCE has been connected to kubectl. For details, see Procedure.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Prerequisites
                                                                                                                                                                                                                                          The Kubernetes cluster created on CCE has been connected to kubectl. For details, see Step 1: Download kubectl.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Installing Helm v2
                                                                                                                                                                                                                                          This section uses Helm v2.17.0 as an example.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          For other versions, visit https://github.com/helm/helm/releases.
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          1. Download the Helm client from the VM connected to the cluster.
                                                                                                                                                                                                                                            wget https://get.helm.sh/helm-v2.17.0-linux-amd64.tar.gz
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                            1. Download the v2.17.0 Helm client from the VM connected to the cluster.
                                                                                                                                                                                                                                              wget https://get.helm.sh/helm-v2.17.0-linux-amd64.tar.gz
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                            2. Decompress the Helm package.
                                                                                                                                                                                                                                              tar -xzvf helm-v2.17.0-linux-amd64.tar.gz
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                            3. Copy Helm to the system path, for example, /usr/local/bin/helm.
                                                                                                                                                                                                                                              mv linux-amd64/helm /usr/local/bin/helm
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                            4. RBAC is enabled on the Kubernetes API server. Create the service account name tiller for the tiller and assign cluster-admin, a system ClusterRole, to the tiller. Create a tiller resource account as follows:
                                                                                                                                                                                                                                              vim tiller-rbac.yaml
                                                                                                                                                                                                                                              
@@ -64,20 +64,20 @@ Error: cannot connect to Tiller
 
                                                                                                                                                                                                                                              Error information:
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              Client: &version.Version{SemVer:"v3.3.0", GitCommit:"021cb0ac1a1b2f888144ef5a67b8dab6c2d45be6", GitTreeState:"clean"}
 Error: cannot connect to Tiller
                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                              The Helm chart reads the configuration certificate in .Kube/config and communicates with Kubernetes. The preceding error indicates that the kubectl configuration is incorrect. In this case, reconnect the cluster to kubectl. For details, see Procedure.
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                              The Helm chart reads the configuration certificate in .kube/config and communicates with Kubernetes. The preceding error indicates that the kubectl configuration is incorrect. In this case, reconnect the cluster to kubectl. For details, see Step 1: Download kubectl.
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                            5. Storage fails to be created after you have connected to cloud storage services.
                                                                                                                                                                                                                                              This issue may be caused by the annotation field in the created PVC. Change the chart name and install the chart again.
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                            6. If kubectl is not properly configured, the error message "Error: Kubernetes cluster unreachable..." will be displayed when you install Helm.
                                                                                                                                                                                                                                              Example:
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              helm install prometheus/ --generate-name
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              Error information:
                                                                                                                                                                                                                                              WARNING: This chart is deprecated
 Error: Kubernetes cluster unreachable: Get "http://localhost:8080/version?timeout=32s": dial tcp [::1]:8080: connect: connection refused
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                              Solution: Configure kubeconfig for the node. For details, see Procedure.
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                              Solution: Configure kubeconfig for the node. For details, see Step 1: Download kubectl.
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              7. 
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Parent topic: Helm Chart
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Parent topic: Helm Charts
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
diff --git a/docs/cce/umn/cce_10_0421.html b/docs/cce/umn/cce_10_0421.html
index 6fb3a619c..c37aa0938 100644
--- a/docs/cce/umn/cce_10_0421.html
+++ b/docs/cce/umn/cce_10_0421.html
@@ -24,7 +24,7 @@
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Parent topic: Helm Chart
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Parent topic: Helm Charts
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
diff --git a/docs/cce/umn/cce_10_0422.html b/docs/cce/umn/cce_10_0422.html
index a8d194893..f23494006 100644
--- a/docs/cce/umn/cce_10_0422.html
+++ b/docs/cce/umn/cce_10_0422.html
@@ -6,7 +6,7 @@
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Precautions
                                                                                                                                                                                                                                          • Helm v2 stores release information in ConfigMaps. Helm v3 does so in secrets.
                                                                                                                                                                                                                                          • When you query, update, or operate a Helm v2 release on the CCE console, CCE will attempt to convert the release to v3. If you operate in the background, convert the release by following the instructions below.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Conversion Process (Without Using the Helm v3 Client)
                                                                                                                                                                                                                                          1. Download the helm 2-to-3 conversion plugin on the CCE node.
                                                                                                                                                                                                                                            wget https://github.com/helm/helm-2to3/releases/download/v0.10.2/helm-2to3_0.10.2_linux_amd64.tar.gz
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                            Conversion Process (Without Using the Helm v3 Client)
                                                                                                                                                                                                                                            1. Download the helm 2to3 plugin on the CCE node.
                                                                                                                                                                                                                                              wget https://github.com/helm/helm-2to3/releases/download/v0.10.2/helm-2to3_0.10.2_linux_amd64.tar.gz
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                            1. Decompress the plugin package.
                                                                                                                                                                                                                                              tar -xzvf helm-2to3_0.10.2_linux_amd64.tar.gz
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                            1. Perform the simulated conversion.
                                                                                                                                                                                                                                              Take the test-convert release as an example. Run the following command to simulate the conversion: If the following information is displayed, the simulation is successful.
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              # ./2to3 convert --dry-run --tiller-out-cluster -s configmaps test-convert
@@ -97,7 +97,7 @@ Helm v2 data was cleaned up successfully.
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                            Parent topic: Helm Chart
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                            Parent topic: Helm Charts
                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                            
 
diff --git a/docs/cce/umn/cce_10_0423.html b/docs/cce/umn/cce_10_0423.html
index 7f36b2eca..e23fb0cb2 100644
--- a/docs/cce/umn/cce_10_0423.html
+++ b/docs/cce/umn/cce_10_0423.html
@@ -5,7 +5,7 @@
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          none
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Nodes with the following topology policies will not be filtered during scheduling:
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          • none: unschedulable
                                                                                                                                                                                                                                          • best-effort: schedulable
                                                                                                                                                                                                                                          • restricted: schedulable
                                                                                                                                                                                                                                          • single-numa-node: schedulable
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          • none: schedulable
                                                                                                                                                                                                                                          • best-effort: schedulable
                                                                                                                                                                                                                                          • restricted: schedulable
                                                                                                                                                                                                                                          • single-numa-node: schedulable
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          None
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
 
 
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          v1.23 or v1.25
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Upgraded to v1.28, v1.29, v1.30, v1.31, or v1.32
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Pay attention to Kubernetes API changes. For details, see Deprecated APIs.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Check the API version used in the cluster. Do not use a deprecated API version. Change the API version to the one recommended in Deprecated APIs.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          v1.23 or v1.25
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Upgraded to v1.27
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Docker is no longer recommended. Use containerd instead. For details, see Container Engines.
                                                                                                                                                                                                                                          
@@ -30,7 +37,7 @@
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          v1.19 to v1.21
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          The bug of exec probe timeouts is fixed in Kubernetes 1.21. Before this bug is fixed, the exec probe does not consider the timeoutSeconds field. Instead, the probe will run indefinitely, even beyond its configured deadline. It will stop until the result is returned. If this field is not specified, the default value 1 is used. This field takes effect after the upgrade. If the probe runs over 1 second, the application health check may fail and the application may restart frequently.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          The bug of exec probe timeouts is fixed in Kubernetes v1.21. Before this bug is fixed, the exec probe does not consider the timeoutSeconds field. Instead, the probe will run indefinitely, even beyond its configured deadline. It will stop until the result is returned. If this field is not specified, the default value 1 is used. This field takes effect after the upgrade. If the probe runs over 1 second, the application health check may fail and the application may restart frequently.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Before the upgrade, check whether the timeout is properly set for the exec probe.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          runC
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          ECS (VM)
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          ECS (VM)
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Ubuntu 22.04
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Ubuntu 22.04
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          5.x
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          5.x
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Docker
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          containerd
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Docker
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          containerd
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          OverlayFS
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          OverlayFS
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          runC
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          runC
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          ECS (VM)
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          ECS (VM)
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          HCE OS 2.0
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          5.x
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Docker
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          containerd
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Docker
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          containerd
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          OverlayFS
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          OverlayFS
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          runC
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          runC
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           
 
                                                                                                                                                                                                                                          docker inspect
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          crictl inspecti
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          crictl inspect
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          None
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Memory: 256 MiB
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          CPU: 0.25 cores
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          It is recommended that the ratio of CPU (unit: core) to memory (unit: GiB) be in the range of 1:1 to 1:8. For example, if CPU is 0.5 cores, the memory should range form 512 MiB to 4 GiB.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          It is recommended that the ratio of CPU (unit: core) to memory (unit: GiB) be in the range of 1:1 to 1:8. For example, if the CPU is 0.5 cores, the memory should range from 512 MiB to 4 GiB.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          None
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
 
 
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          HCE OS 2.0
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          HCE OS 2.0
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          v1.31
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          v1.32
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          5.10.0-182.0.0.95.r2220_156.hce2.x86_64
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          5.10.0-182.0.0.95.r2220_156.hce2.x86_64
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          v1.30
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          v1.31
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          5.10.0-182.0.0.95.r2220_156.hce2.x86_64
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          v1.30
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          5.10.0-182.0.0.95.r2220_156.hce2.x86_64
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          5.10.0-182.0.0.95.r2220_156.hce2.x86_64
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Ubuntu 22.04
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Ubuntu 22.04
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          v1.31
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          v1.32
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          ×
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          5.15.0-126-generic
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          5.15.0-126-generic
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          v1.30
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          v1.31
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          ×
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          ×
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          5.15.0-126-generic
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          v1.30
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          ×
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          5.15.0-126-generic
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          5.15.0-126-generic
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          EulerOS release 2.9
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          EulerOS release 2.9
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          v1.31
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          v1.32
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          4.18.0-147.5.1.6.h1447.eulerosv2r9.x86_64
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          4.18.0-147.5.1.6.h1447.eulerosv2r9.x86_64
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          v1.30
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          v1.31
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          4.18.0-147.5.1.6.h1447.eulerosv2r9.x86_64
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          v1.30
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          4.18.0-147.5.1.6.h1447.eulerosv2r9.x86_64
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          4.18.0-147.5.1.6.h1447.eulerosv2r9.x86_64
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          4.18.0-147.5.1.6.h1447.eulerosv2r9.x86_64
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          EulerOS release 2.5
                                                                                                                                                                                                                                          
@@ -267,9 +300,9 @@
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          √
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          3.10.0-862.14.1.5.h687.eulerosv2r7.x86_64
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          3.10.0-862.14.1.5.h687.eulerosv2r7.x86_64
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          v1.23
                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_10_0477.html b/docs/cce/umn/cce_10_0477.html
index 6c62e780b..5269e05ad 100644
--- a/docs/cce/umn/cce_10_0477.html
+++ b/docs/cce/umn/cce_10_0477.html
@@ -9,9 +9,9 @@
 
                                                                                                                                                                                                                                          For details, visit https://github.com/kubernetes/enhancements/tree/master/keps/sig-auth/1205-bound-service-account-tokens.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                          If you need a token that never expires, you can also manually manage secrets for service accounts. Although a permanent service account token can be manually created, you are advised to use a short-lived token by calling the TokenRequest API for higher security.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Diagnosis
                                                                                                                                                                                                                                          Perform the following steps to check your CCE clusters of v1.21 or later:
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Diagnosis
                                                                                                                                                                                                                                          Perform the following operations to check your CCE clusters of v1.21 or later:
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          1. Use kubectl to access the cluster and run the kubectl get --raw "/metrics" | grep stale command to obtain the metrics. Check the metric named serviceaccount_stale_tokens_total.
                                                                                                                                                                                                                                            If the value is greater than 0, some workloads in the cluster may be using an earlier client-go version. In this case, check whether this problem occurs in your deployed applications. If yes, upgrade client-go to the version specified by the community as soon as possible. The version must be at least two major versions of the CCE cluster. For example, if your cluster version is 1.23, the Kubernetes dependency library version must be at least 1.19.
                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_10_0486.html b/docs/cce/umn/cce_10_0486.html
index d5ea4a65c..f95fd8e11 100644
--- a/docs/cce/umn/cce_10_0486.html
+++ b/docs/cce/umn/cce_10_0486.html
@@ -3,7 +3,7 @@
 
                                                                                                                                                                                                                                          Memory Resource Limit of Kubernetes Components
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Check Items
                                                                                                                                                                                                                                          Check whether the resources of Kubernetes components, such as etcd and kube-controller-manager, exceed the upper limit.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Solution
                                                                                                                                                                                                                                          • Solution 1: Reduce Kubernetes resources that are needed.
                                                                                                                                                                                                                                          • Solution 2: Modify cluster specifications. For details, see Changing Cluster Scale.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Solution
                                                                                                                                                                                                                                          • Solution 1: Reduce Kubernetes resources that are needed.
                                                                                                                                                                                                                                          • Solution 2: Modify cluster specifications. For details, see Changing a Cluster Scale.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_10_0487.html b/docs/cce/umn/cce_10_0487.html
index 0607b7c1c..801c28208 100644
--- a/docs/cce/umn/cce_10_0487.html
+++ b/docs/cce/umn/cce_10_0487.html
@@ -8,8 +8,11 @@
 
                                                                                                                                                                                                                                          Solution
                                                                                                                                                                                                                                          Check Description
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Based on the check result, it is detected that your cluster calls a deprecated API of the target cluster version using kubectl or other applications. You can rectify the fault before the upgrade. Otherwise, the API will be intercepted by kube-apiserver after the upgrade. For details about each deprecated API, see Deprecated APIs.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Case Study
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Case 1:
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Ingresses of the extensions/v1beta1 and networking.k8s.io/v1beta1 APIs are deprecated in Kubernetes v1.22. If you upgrade a cluster from v1.19 or v1.21 to v1.23, existing resources are not affected, but the v1beta1 API may be intercepted in the creation and editing scenarios.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          For details about the YAML configuration structure changes, see Using kubectl to Create a LoadBalancer Ingress.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Case 2:
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          The scanning result indicates that the user agent's coredns client is accessing the deprecated or to-be-deprecated discovery.k8s.io/v1beta1 Kubernetes API (specifically the /apis/discovery.k8s.io/v1beta1/endpointslices path). To prevent domain name resolution issues during the cluster upgrade, you must manually restart the CoreDNS pod before proceeding. 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_10_0490.html b/docs/cce/umn/cce_10_0490.html
index d3076d554..b996f0284 100644
--- a/docs/cce/umn/cce_10_0490.html
+++ b/docs/cce/umn/cce_10_0490.html
@@ -5,8 +5,8 @@
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Solution
                                                                                                                                                                                                                                          1. On the Nodes page of the CCE console, click the name of the abnormal node to go to the ECS page.
                                                                                                                                                                                                                                          2. Copy the node ID and save it to the local host.
                                                                                                                                                                                                                                          3. Log in to the abnormal node and back up files.
                                                                                                                                                                                                                                            cp /var/lib/cloud/data/instance-id /tmp/instance-id
 cp /var/paas/conf/server.conf /tmp/server.conf
                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                          4. Log in to the abnormal node and write the obtained node ID to the file.
                                                                                                                                                                                                                                            echo "Node ID" > /var/lib/cloud/data/instance-id
-echo "Node ID" > /var/paas/conf/server.conf
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                          5. Log in to the abnormal node and write the obtained node ID to the file.
                                                                                                                                                                                                                                            echo Node ID > /var/lib/cloud/data/instance-id
+echo Node ID > /var/paas/conf/server.conf
                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_10_0491.html b/docs/cce/umn/cce_10_0491.html
index 216048335..2ce74688e 100644
--- a/docs/cce/umn/cce_10_0491.html
+++ b/docs/cce/umn/cce_10_0491.html
@@ -1,7 +1,7 @@
 
 
 
                                                                                                                                                                                                                                          Node Configuration Consistency
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Check Items
                                                                                                                                                                                                                                          When you upgrade a cluster to v1.19 or later, the system checks whether the following configuration files have been modified on the backend:
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Check Items
                                                                                                                                                                                                                                          When you upgrade a cluster to v1.19 or later, CCE checks whether the following configuration files have been modified on the backend:
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          • /opt/cloud/cce/kubernetes/kubelet/kubelet
                                                                                                                                                                                                                                          • /opt/cloud/cce/kubernetes/kubelet/kubelet_config.yaml
                                                                                                                                                                                                                                          • /opt/cloud/cce/kubernetes/kube-proxy/kube-proxy
                                                                                                                                                                                                                                          • /etc/containerd/default_runtime_spec.json
                                                                                                                                                                                                                                          • /etc/sysconfig/docker
                                                                                                                                                                                                                                          • /etc/default/docker
                                                                                                                                                                                                                                          • /etc/docker/daemon.json
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          If you modify some parameters in these files, the cluster upgrade may fail or services may be abnormal after the upgrade. If you confirm that the modification does not affect services, continue the upgrade.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                          CCE uses the standard image script to check node configuration consistency. If you use other custom images, the check may fail.
                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_10_0493.html b/docs/cce/umn/cce_10_0493.html
index 68155b6d6..010a87009 100644
--- a/docs/cce/umn/cce_10_0493.html
+++ b/docs/cce/umn/cce_10_0493.html
@@ -4,7 +4,7 @@
 
                                                                                                                                                                                                                                          Check Items
                                                                                                                                                                                                                                          Check whether the current CoreDNS key configuration Corefile is different from the Helm release record. The difference may be overwritten during the add-on upgrade, affecting domain name resolution in the cluster.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Solution
                                                                                                                                                                                                                                          You can upgrade CoreDNS separately after confirming the configuration differences.
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          1. Configure the kubectl command. For details, see Connecting to a Cluster Using kubectl.
                                                                                                                                                                                                                                          2. Obtain the Corefile that takes effect currently.
                                                                                                                                                                                                                                            kubectl get cm -nkube-system coredns -o jsonpath='{.data.Corefile}' > corefile_now.txt
+
                                                                                                                                                                                                                                            1. Configure the kubectl command. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                                            2. Obtain the Corefile that takes effect currently.
                                                                                                                                                                                                                                              kubectl get cm -nkube-system coredns -o jsonpath='{.data.Corefile}' > corefile_now.txt
 cat corefile_now.txt
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                            3. Obtain the Corefile in the Helm Release records.
                                                                                                                                                                                                                                              latest_release=`kubectl get secret -nkube-system -l owner=helm -l name=cceaddon-coredns --sort-by=.metadata.creationTimestamp | awk 'END{print $1}'`
 kubectl get secret -nkube-system $latest_release -o jsonpath='{.data.release}' | base64 -d | base64 -d | gzip -d | python -m json.tool | python -c "
@@ -22,8 +22,10 @@ exit(1);
 " > corefile_record.txt
 cat corefile_record.txt
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                            4. Compare the output differences between 2 and 3.
                                                                                                                                                                                                                                              diff corefile_now.txt corefile_record.txt -y;
                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                              Figure 1 Viewing output differences
                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                            5. Return to the CCE console and click the cluster name to access the cluster console. Choose Add-ons in the navigation pane, select CoreDNS, and click Upgrade.
                                                                                                                                                                                                                                              To retain custom configurations, use either of the following methods:
                                                                                                                                                                                                                                              • (Recommended) Set parameterSyncStrategy to inherit. In this case, custom settings are automatically inherited. The system automatically parses, identifies, and inherits custom parameters.
                                                                                                                                                                                                                                              • Set parameterSyncStrategy to force. Manually enter the differential configuration. For details, see CoreDNS.
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                              Figure 1 Viewing output differences
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                            6. Return to the CCE console and click the cluster name to access the cluster console. Choose Add-ons in the navigation pane, select CoreDNS, and click Upgrade.
                                                                                                                                                                                                                                              To retain custom configurations, use either of the following methods:
                                                                                                                                                                                                                                              • (Recommended) Set parameterSyncStrategy to inherit. In this case, custom settings are automatically inherited. The system automatically parses, identifies, and inherits custom parameters.
                                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                                After the automatic inheritance of parameter settings (parameterSyncStrategy=inherit) is enabled, stub domain settings will be cleared and merged into the extended parameter settings. The original stub domain settings remain unchanged and can still be viewed under Extended Parameter Settings.
                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                              • Set parameterSyncStrategy to force. Manually enter the differential configuration. For details, see CoreDNS.
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                            7. Click OK. After the add-on upgrade is complete, check whether all CoreDNS instances are available and whether Corefile meets the expectation.
                                                                                                                                                                                                                                              kubectl get cm -nkube-system coredns -o jsonpath='{.data.Corefile}'
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                            8. Change the value of parameterSyncStrategy to ensureConsistent to enable configuration consistency verification.
                                                                                                                                                                                                                                              In addition, it is a good practice to use the parameter configuration function of CCE add-ons to modify the Corefile configuration for consistency.
                                                                                                                                                                                                                                              
diff --git a/docs/cce/umn/cce_10_0495.html b/docs/cce/umn/cce_10_0495.html
index ec7a87f29..280e34e33 100644
--- a/docs/cce/umn/cce_10_0495.html
+++ b/docs/cce/umn/cce_10_0495.html
@@ -3,15 +3,19 @@
 
                                                                                                                                                                                                                                              Key Node Commands
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              Check Items
                                                                                                                                                                                                                                              Whether some key commands that the node upgrade depends on are working
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                              Solution
                                                                                                                                                                                                                                              • Scenario 1: Executing the package manager command failed.
                                                                                                                                                                                                                                                Executing the rpm or dpkg command failed. In this case, log in to the affected node and check whether the following commands are available:
                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                Solution
                                                                                                                                                                                                                                                • Scenario 1: The RPM package manager command fails to be executed.
                                                                                                                                                                                                                                                  The rpm command fails to be executed. In this case, log in to the affected node and check whether the following command is available:
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  rpm -qa
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  If the preceding command is unavailable, run the following command:
                                                                                                                                                                                                                                                  rpm --rebuilddb
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  If the fault persists, reset the node. For details, see Resetting a Node.
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                • Scenario 2: The dpkg package manager command fails to be executed.
                                                                                                                                                                                                                                                  The dpkg command fails to be executed. In this case, log in to the affected node and check whether the following command is available:
                                                                                                                                                                                                                                                  dpkg -l
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  If the command is unavailable, reset the node. For details, see Resetting a Node.
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                • Scenario 2: The systemctl status command fails to be executed.
                                                                                                                                                                                                                                                  If the systemctl status command on a node is unavailable, many check items will be affected. Log in to the node and check the availability of the following commands:
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  systemctl status kubelet
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  If the systemctl command cannot be used, reset the node. For details, see Resetting a Node.
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                If the fault persists, reset the node. For details, see Resetting a Node.
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              
diff --git a/docs/cce/umn/cce_10_0497.html b/docs/cce/umn/cce_10_0497.html
index 4bfd40d4c..1e6bd71b8 100644
--- a/docs/cce/umn/cce_10_0497.html
+++ b/docs/cce/umn/cce_10_0497.html
@@ -4,13 +4,13 @@
 
                                                                                                                                                                                                                                              Check Items
                                                                                                                                                                                                                                              Check whether the certificate used by an HTTPS load balancer has been modified on ELB.
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              Solution
                                                                                                                                                                                                                                              The certificate referenced by an HTTPS ingress created on CCE is modified on the ELB console. This leads to inconsistent certificate content in the CCE cluster and that required by the load balancer. After the CCE cluster is upgraded, the load balancer's certificate is overwritten.
                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                              1. Log in to the ELB console, choose Elastic Load Balance > Certificates, locate the certificate, and find the secret_id in the certificate description.
                                                                                                                                                                                                                                                The secret_id is the metadata.uid of the secret in the cluster. Use this UID to obtain the secret name in the cluster.
                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                1. Log in to the ELB console, choose Elastic Load Balance > Certificates, locate the certificate, and find secret_id in the certificate description.
                                                                                                                                                                                                                                                  The secret_id is the metadata.uid of the secret in the cluster. Use this UID to obtain the secret name in the cluster.
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  Run the following kubectl command to obtain the secret name (replace <secret_id> with the actual value):
                                                                                                                                                                                                                                                  kubectl get secret --all-namespaces -o jsonpath='{range .items[*]}{"uid:"}{.metadata.uid}{" namespace:"}{.metadata.namespace}{" name:"}{.metadata.name}{"\n"}{end}' | grep <secret_id>
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                2. Only clusters of v1.19.16-r2, v1.21.5-r0, v1.23.3-r0, and later versions support certificates required by load balancers. For clusters of the earlier versions, see Solution 1. For clusters of other versions, see Solution 2.
                                                                                                                                                                                                                                                  • Solution 1: Replace the certificate used by an ingress with the one used by the load balancer. Then, you can create or edit the certificate on the ELB console.
                                                                                                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console. Choose Services & Ingresses in the navigation pane, click the Ingresses tab, locate the row containing the ingress that uses the certificate, and choose More > Update in the Operation column. If multiple ingresses are using this certificate, update the certificate for all of these ingresses. To check which ingresses are using a certificate, use the secretName parameter in spec.tls of the ingress YAML files.
                                                                                                                                                                                                                                                      Run the following kubectl command to obtain the ingresses using a certificate (replace <secret_name> with the actual value):
                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                    2. Only clusters of v1.19.16-r2, v1.21.5-r0, v1.23.3-r0, and later versions support certificates required by load balancers. For clusters of the earlier versions, see Solution 1. For clusters of other versions, see Solution 2.
                                                                                                                                                                                                                                                      • Solution 1: Replace the certificate used by an ingress with the one used by the load balancer. Then, you can create or edit the certificate on the ELB console.
                                                                                                                                                                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console. Choose Services & Ingresses in the navigation pane, click the Ingresses tab, locate the row containing the ingress that uses the certificate, and choose More > Update in the Operation column. If multiple ingresses are using this certificate, update the certificate for all of these ingresses. To check which ingresses are using a certificate, use the secretName parameter in spec.tls of the ingress YAML files.
                                                                                                                                                                                                                                                          Run the following kubectl command to obtain the ingresses using a certificate (replace <secret_name> with the actual value):
                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                          kubectl get ingress --all-namespaces -o jsonpath='{range .items[*]}{"namespace:"}{.metadata.namespace}{" name:"}{.metadata.name}{" tls:"}{.spec.tls[*]}{"\n"}{end}' | grep <secret_name>
                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                        2. When configuring a listener, select ELB server certificate for Certificate Source and click OK. In this way, the certificate can be created or edited on the ELB console.
                                                                                                                                                                                                                                                        3. On the ConfigMaps and Secrets page, delete the target secret. Before the deletion, back up data.
                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                      • Solution 2: Overwrite the certificate used by an ingress with the corresponding secret resource of the cluster to prevent the certificate being updated on the ELB console during the cluster upgrade.
                                                                                                                                                                                                                                                        Log in to the CCE console and click the cluster name to access the cluster console. Choose ConfigMaps and Secrets from the navigation pane, click the Secrets tab, locate the row containing the target secret, click Update in the Operation column, and enter the certificate you are using.
                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                      • Solution 2: Overwrite the certificate used by an ingress with the corresponding secret resource of the cluster to prevent the certificate being updated on the ELB console during the cluster upgrade.
                                                                                                                                                                                                                                                        Log in to the CCE console and click the cluster name to access the cluster console. Choose ConfigMaps and Secrets in the navigation pane, click the Secrets tab, locate the row containing the target secret, click Update in the Operation column, and enter the certificate you are using.
                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                              
diff --git a/docs/cce/umn/cce_10_0498.html b/docs/cce/umn/cce_10_0498.html
index edb5b00b5..10cc1443f 100644
--- a/docs/cce/umn/cce_10_0498.html
+++ b/docs/cce/umn/cce_10_0498.html
@@ -1,16 +1,31 @@
 
 
 
                                                                                                                                                                                                                                              Node Mounting
                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                              Check Items
                                                                                                                                                                                                                                              Check whether the default mount directory and soft link on the node have been manually mounted or modified.
                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                              • Non-shared disk
                                                                                                                                                                                                                                                • By default, /var/lib/docker, containerd, or /mnt/paas/kubernetes/kubelet is mounted to CCE nodes. Check whether /var, /var/lib, /mnt, /mnt/paas, and /mnt/paas/kubernetes have been manually mounted.
                                                                                                                                                                                                                                                • CCE creates the /var/lib/kubelet to /mnt/paas/kubernetes/kubelet link by default. Check whether the link has been manually modified.
                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                              • Shared disk
                                                                                                                                                                                                                                                • By default, /mnt/paas/ is mounted to CCE nodes. Check whether /mnt has been manually mounted.
                                                                                                                                                                                                                                                • CCE creates the /var/lib/kubelet to /mnt/paas/kubernetes/kubelet and /var/lib/docker or /var/lib/containerd to /mnt/paas/runtime soft links by default. Check whether the links have been manually modified.
                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                Check Items
                                                                                                                                                                                                                                                This section describes how to diagnose and fix node-mount failures caused by CCE storage misconfigurations.
                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                Solution
                                                                                                                                                                                                                                                • Check item 1: mount point conflicts
                                                                                                                                                                                                                                                  Check Content
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  Verify that all required paths are mounted as expected. CCE needs to use the subdirectories of these paths. If the paths have been mounted, they are inaccessible to CCE nodes. In this case, an exception may occur when the node is restarted or a node component is restarted during an upgrade.
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  If there is a vgpaas-share volume group (shared disk), check only the /mnt path.
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  If there is no vgpaas-share volume group (not a shared disk), check the /mnt, /mnt/paas, /mnt/paas/kubernetes, /var, and /var/lib paths.
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  Solution
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  If the error message "the file path xxx is mounted, but the subpath is used by the CCE" is displayed, a path is mounted but CCE still needs to access its subpath. Check the node's pre-installation script for any mount commands that target the affected path. Remove the command or remount to an unused path. Then, drain and reset the node.
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                • Check item 2: symlinks and bind mounts
                                                                                                                                                                                                                                                  Check Content
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  Verify that the following key directories are correctly configured:
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  1. General check: Check whether /var/lib/kubelet is linked to /mnt/paas/kubernetes/kubelet.
                                                                                                                                                                                                                                                  2. Conditional check: when the vgpaas-share volume group (shared disk) is used
                                                                                                                                                                                                                                                    • If Docker is used, check whether /var/lib/docker is linked to /mnt/paas/runtime.
                                                                                                                                                                                                                                                    • If containerd is used, check whether /var/lib/containerd is linked to /mnt/paas/runtime.
                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  Solution
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  If the error message "the target path of the path link xxx" is displayed, the symlink either points to nothing or to a wrong location. If ls on the symlink target returns content, drain and reset the node. Use the fixes below only if the symlink or mount point is empty. The following uses /var/lib/kubelet as an example:
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  • Case 1: A symlink is missing.
                                                                                                                                                                                                                                                    Create a symlink.
                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                    sudo ln -sf /mnt/paas/kubernetes/kubelet /var/lib/kubelet
                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                  • Case 2: A symlink points to a wrong location.
                                                                                                                                                                                                                                                    1. Remove the incorrect symlink.
                                                                                                                                                                                                                                                      sudo rm /var/lib/kubelet
                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                    2. Create a correct symlink.
                                                                                                                                                                                                                                                      sudo ln -sf /mnt/paas/kubernetes/kubelet /var/lib/kubelet
                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                Solution
                                                                                                                                                                                                                                                How Do I Check Whether a Disk Is Shared?
                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                1. Log in to the target node based on the check information.
                                                                                                                                                                                                                                                2. Run the lsblk command to check whether vgpaas-share is mounted to /mnt/paas. If yes, a shared disk is used.
                                                                                                                                                                                                                                                  Figure 1 Checking whether a shared disk is used
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  Common Issues
                                                                                                                                                                                                                                                  How Do I Check Whether the vgpaas-share Volume Group (Shared Disk) Exists?
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  1. Log in to the target node based on the check information.
                                                                                                                                                                                                                                                  2. Run the lsblk command to check whether vgpaas-share is mounted to /mnt/paas. If yes, a shared disk is used.
                                                                                                                                                                                                                                                    Figure 1 Checking whether a shared disk is used
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                  What Can I Do If an Error Occurred in a Node Mounting Check?
                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                  1. Cancel the manually modified mount point.
                                                                                                                                                                                                                                                  2. Cancel the modification on the default soft links.
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                
diff --git a/docs/cce/umn/cce_10_0500.html b/docs/cce/umn/cce_10_0500.html
index fa9bd0d2c..171f5e06f 100644
--- a/docs/cce/umn/cce_10_0500.html
+++ b/docs/cce/umn/cce_10_0500.html
@@ -6,9 +6,9 @@
 
                                                                                                                                                                                                                                                Solution
                                                                                                                                                                                                                                                Solution 1: Delete the Service that is associated with a load balancer without a private IPv4 address.
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                Solution 2: Bind a private IP address to the load balancer without a private IPv4 address. The procedure is as follows:
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                1. Obtain the load balancer associated with the target Service.
                                                                                                                                                                                                                                                  • Method 1: Obtain the load balancer ID based on the pre-upgrade check log. Go to the ELB console and filter load balancers by load balancer ID.
                                                                                                                                                                                                                                                    elbs (ids: [*****]) without ipv4 private ip, please bind private ip to these elbs and try again
                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                  • Method 2: Log in to the CCE console and click the cluster name to access the cluster console. Then, choose Services & Ingresses in the navigation pane. In the right pane, click the name of the target load balancer to go to the ELB page.
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                2. Method 2: Log in to the CCE console and click the cluster name to access the cluster console. Then, choose Services & Ingresses in the navigation pane. In the right pane, click the name of the target load balancer to go to the ELB page.
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                            9. Check whether the load balancer has a private IPv4 address.
                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                            10. Bind a private IP address to the load balancer without a private IPv4 address.
                                                                                                                                                                                                                                              1. Log in to the CCE console and click the name of the target load balancer.
                                                                                                                                                                                                                                              2. On the Summary tab, click Bind next to Private IPv4 address.
                                                                                                                                                                                                                                              3. Configure the subnet and IPv4 address, and click OK.
                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                              4. Bind a private IP address to the load balancer without a private IPv4 address.
                                                                                                                                                                                                                                                1. Log in to the ELB console and click the name of the target load balancer.
                                                                                                                                                                                                                                                2. On the Summary tab, click Bind next to Private IPv4 address.
                                                                                                                                                                                                                                                3. Configure the subnet and IPv4 address, and click OK.
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_10_0503.html b/docs/cce/umn/cce_10_0503.html
index 4b8061d04..adc1da525 100644
--- a/docs/cce/umn/cce_10_0503.html
+++ b/docs/cce/umn/cce_10_0503.html
@@ -1,11 +1,11 @@
 
 
-
                                                                                                                                                                                                                                          CCE AI Suite (NVIDIA GPU)
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Check Items
                                                                                                                                                                                                                                          CCE AI Suite (NVIDIA GPU) is involved in the upgrade, which may affect the GPU driver installation during the creation of a GPU node.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          CCE AI Suite (NVIDIA GPU) Exceptions
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Check Items
                                                                                                                                                                                                                                          Check whether CCE AI Suite (NVIDIA GPU) involved in the upgrade affects the GPU driver installation when creating a GPU node.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Solution
                                                                                                                                                                                                                                          The driver of CCE AI Suite (NVIDIA GPU) needs to be configured by yourself. Check the compatibility between this add-on and the GPU driver. It is a good practice to verify the upgrade of the GPU driver to the target version in the test environment, configure the current GPU driver, and check whether the created GPU node can run properly.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Perform the following operations to check the target GPU driver version and the current driver configuration of CCE AI Suite (NVIDIA GPU):
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          1. Log in to the CCE console. In the navigation pane, choose Add-ons. Then, check the CCE AI Suite (NVIDIA GPU) add-on.
                                                                                                                                                                                                                                          2. Click Upgrade of the add-on and check the target version and driver version of the add-on.
                                                                                                                                                                                                                                          3. Verify the upgraded GPU driver version in the test environment, configure the current GPU driver, and check whether the created GPU node can run properly.
                                                                                                                                                                                                                                            If the GPU add-on and the GPU driver are incompatible, install the driver of a later version. If necessary, contact technical support.
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                            1. Log in to the CCE console. In the navigation pane, choose Add-ons. Then, check the CCE AI Suite (NVIDIA GPU) add-on.
                                                                                                                                                                                                                                            2. Click Upgrade of the add-on and check the target version and driver version of the add-on.
                                                                                                                                                                                                                                            3. Verify the upgraded GPU driver version in the test environment, configure the current GPU driver, and check whether the created GPU node can run properly.
                                                                                                                                                                                                                                              If the GPU add-on and the GPU driver are incompatible, install the driver of a later version. If necessary, contact technical support.
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_10_0504.html b/docs/cce/umn/cce_10_0504.html
index 6c49978cd..b71c8f647 100644
--- a/docs/cce/umn/cce_10_0504.html
+++ b/docs/cce/umn/cce_10_0504.html
@@ -3,8 +3,16 @@
 
                                                                                                                                                                                                                                          Nodes' System Parameters
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Check Items
                                                                                                                                                                                                                                          Check whether the default system parameter settings on your nodes are modified.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Solution
                                                                                                                                                                                                                                          If the MTU value of the bond0 network on your BMS node is not the default value 1500, this check item failed.
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Non-default parameter settings may lead to service packet loss. Change them back to the default values.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Solution
                                                                                                                                                                                                                                          If the MTU value of the bond0 network on your BMS node is not the default value 1500, this check item will fail.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Non-default parameter settings may lead to service packet loss. Change them back to the default values. Take the following steps:
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          1. Disable bond0.
                                                                                                                                                                                                                                            sudo ip link set dev bond0 down
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                             
                                                                                                                                                                                                                                            Disabling bond0 will interrupt services. Exercise caution when performing this operation.
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                          2. Change the MTU value to 1500.
                                                                                                                                                                                                                                            sudo ip link set dev bond0 mtu 1500
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                          3. Restart bond0.
                                                                                                                                                                                                                                            sudo ip link set dev bond0 up
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                          4. Verify the modification result. (Ensure that the MTU has been updated.)
                                                                                                                                                                                                                                            ip link show dev bond0 | grep mtu
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                            If the command output is mtu 1500, the setting has been modified.
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_10_0505.html b/docs/cce/umn/cce_10_0505.html
index 8b52a9335..dcb8e84de 100644
--- a/docs/cce/umn/cce_10_0505.html
+++ b/docs/cce/umn/cce_10_0505.html
@@ -1,7 +1,7 @@
 
 
 
                                                                                                                                                                                                                                          Residual Package Version Data
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Check Items
                                                                                                                                                                                                                                          Check whether there are residual package version data in the current cluster.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Check Items
                                                                                                                                                                                                                                          Check whether there is residual package version data in the current cluster.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Solution
                                                                                                                                                                                                                                          A message is displayed indicating that there are residual 10.12.1.109 CRD resources in your cluster. This issue occurs because CRD resources are not cleared after nodes in earlier CCE versions are deleted.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_10_0508.html b/docs/cce/umn/cce_10_0508.html
index d77bfb056..46162706e 100644
--- a/docs/cce/umn/cce_10_0508.html
+++ b/docs/cce/umn/cce_10_0508.html
@@ -1,30 +1,43 @@
 
 
 
                                                                                                                                                                                                                                          NGINX Ingress Controller
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Check Items
                                                                                                                                                                                                                                          • Check item 1: Check whether there is an Nginx Ingress route whose ingress type is not specified (kubernetes.io/ingress.class: nginx is not added to annotations) in the cluster.
                                                                                                                                                                                                                                          • Check item 2: Check whether the DefaultBackend Service specified by the NGINX Ingress Controller backend is available.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Check Items
                                                                                                                                                                                                                                          • Check item 1: Check whether there is an Nginx Ingress route whose ingress type is not specified (kubernetes.io/ingress.class: nginx is not added to annotations) in the cluster.
                                                                                                                                                                                                                                          • Check item 2: Check whether the DefaultBackend Service specified by the NGINX Ingress Controller backend is available.
                                                                                                                                                                                                                                          • Check item 3: Check whether the key length of the default server certificate specified by the NGINX Ingress Controller meets the security requirements. (Message: ee key too small)
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Fault Locating
                                                                                                                                                                                                                                          For Check Item 1
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          For Nginx Ingress, check the YAML. If the ingress type is not specified in the YAML file and the ingress is managed by the NGINX Ingress Controller, the ingress is at risk. 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          1. Check the ingress type.
                                                                                                                                                                                                                                            Run the following command:
                                                                                                                                                                                                                                            kubectl get ingress <ingress-name> -oyaml | grep -E ' kubernetes.io/ingress.class: | ingressClassName:' -B 1
                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                            • Fault scenario: If the command output is empty, the ingress type is not specified.
                                                                                                                                                                                                                                            • Normal scenario: The command output is not empty, indicating that the ingress type has been specified by annotations or ingressClassName.
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                              • Fault scenario: If the command output is empty, the ingress type is not specified.
                                                                                                                                                                                                                                              • Normal scenario: The command output is not empty, indicating that the ingress type has been specified by annotations or ingressClassName.
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                          2. Ensure that the ingress is managed by the Nginx ingress Controller. The LoadBalancer Ingresses are not affected by this issue.
                                                                                                                                                                                                                                            • For clusters of v1.19, confirm this issue using managedFields.
                                                                                                                                                                                                                                              kubectl get ingress <ingress-name> -oyaml | grep 'manager: nginx-ingress-controller'
                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                            • Ensure that the ingress is managed by the Nginx ingress Controller. The LoadBalancer Ingresses are not affected by this issue.
                                                                                                                                                                                                                                              • For clusters of v1.19, confirm this issue using managedFields.
                                                                                                                                                                                                                                                kubectl get ingress <ingress-name> -oyaml | grep 'manager: nginx-ingress-controller'
                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                              • For clusters of other versions, check the logs of the NGINX Ingress Controller pod.
                                                                                                                                                                                                                                                 kubectl logs -nkube-system cceaddon-nginx-ingress-controller-545db6b4f7-bv74t | grep 'updating Ingress status'
                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              If the fault persists, contact technical support.
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          For Check Item 2
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          1. View the DefaultBackend Service in the namespace where the NGINX Ingress Controller is deployed.
                                                                                                                                                                                                                                            kubectl get pod cceaddon-nginx-ingress-<controller-name>-controller-*** -n <namespace> -oyaml | grep 'default-backend'
                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                            In the preceding command, cceaddon-nginx-ingress-<controller-name>-controller-*** is the controller pod name, <controller-name> is the controller name specified during add-on installation, and <namespace> is the namespace where the controller is deployed.
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                            cceaddon-nginx-ingress-<controller-name>-controller-*** is the controller pod name, <controller-name> is the controller name specified during add-on installation, and <namespace> is the namespace where the controller is deployed.
                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                            Command output:
                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                            - '--default-backend-service=<namespace>/<backend-svc-name>'
                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                            In the preceding command, <backend-svc-name> is the name of the DefaultBackend Service for the NGINX Ingress Controller.
                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                          2. Check whether the DefaultBackend Service of the NGINX Ingress Controller is available.
                                                                                                                                                                                                                                            kubectl get svc <backend-svc-name> -n <namespace>
                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                            If the Service is unavailable, this check item failed.
                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          For Check Item 3
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          1. Check whether there is a default server certificate in the namespace where the NGINX Ingress Controller is deployed.
                                                                                                                                                                                                                                            kubectl get pod cceaddon-nginx-ingress-<controller-name>-controller-*** -n <namespace> -oyaml | grep 'default-ssl-certificate'
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                            cceaddon-nginx-ingress-<controller-name>-controller-*** is the controller pod name, <controller-name> is the controller name specified during add-on installation, and <namespace> is the namespace where the controller is deployed.
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                            Command output:
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                            - '--default-ssl-certificate=<namespace>/<secret-name>'
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                            <secret-name> indicates the secret name for the default server certificate specified by the NGINX Ingress Controller.
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                          2. Check whether the default certificate used by the NGINX Ingress Controller has a security risk due to insufficient encryption length.
                                                                                                                                                                                                                                            kubectl get secret <secret-name> -n <namespace> -o=custom-columns=:'data.tls\.key' | base64 -d | openssl <encryption-algorithm> -noout -text
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                            <encryption-algorithm> is the encryption algorithm used by the certificate. Common encryption algorithms include RSA and DSA.
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                            Method of obtaining an RSA key length
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                            Method of obtaining a DSA key length
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Solution
                                                                                                                                                                                                                                          For Check Item 1
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Add an annotation to the Nginx ingresses as follows:
                                                                                                                                                                                                                                          
@@ -65,6 +78,8 @@ spec:
   internalTrafficPolicy: Cluster
 
 
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          For Check Item 3
                                                                                                                                                                                                                                          • Change the secret of the certificate described in 1 and configure a certificate that meets the key length specified by OpenSSL SECLEVEL. For details about the relationship between the security levels and key lengths, see official OpenSSL documents.
                                                                                                                                                                                                                                          • Add the @SECLEVEL field to the ssl-ciphers parameter to support certificates with lower security levels. 
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_10_0518.html b/docs/cce/umn/cce_10_0518.html
index fa1e3de14..ec04ffbe5 100644
--- a/docs/cce/umn/cce_10_0518.html
+++ b/docs/cce/umn/cce_10_0518.html
@@ -3,8 +3,14 @@
 
                                                                                                                                                                                                                                          Number of Node Images
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Check Items
                                                                                                                                                                                                                                          Check the number of images on your node. If there are more than 1000 images, it takes a long time for Docker to start, affecting the standard Docker output and functions such as Nginx.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Solution
                                                                                                                                                                                                                                          Manually delete residual images.
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Perform the pre-upgrade check again.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Solution
                                                                                                                                                                                                                                          • If there are too many images on a node, you can delete unnecessary images from the node.
                                                                                                                                                                                                                                            You can run the command below to delete an image with the <none> tag. Such images are typically left from builds or updates.
                                                                                                                                                                                                                                            • For nodes that use Docker
                                                                                                                                                                                                                                              docker image prune
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                            • For nodes that use containerd
                                                                                                                                                                                                                                              1. View all images with the none tags.
                                                                                                                                                                                                                                                crictl images | grep "<none>" 
                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                              2. Delete all images with the none tags in batches. Use awk to extract the image IDs and pipe them to xargs for deletion.
                                                                                                                                                                                                                                                crictl images | grep "<none>" | awk '{print $3}' | xargs -r crictl rmi
                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                          • Too many images slow Docker or containerd startup on your nodes. This delays containers that burst stdout logs for just a few seconds typically. Skip this check if services are not affected.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_10_0520.html b/docs/cce/umn/cce_10_0520.html
index 9e56a1305..11de66cca 100644
--- a/docs/cce/umn/cce_10_0520.html
+++ b/docs/cce/umn/cce_10_0520.html
@@ -1,11 +1,11 @@
 
 
-
                                                                                                                                                                                                                                          Compatibility Check of Secret Encryption
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Check Items
                                                                                                                                                                                                                                          Check whether the target version supports secret encryption. If it does not, clusters that have this feature enabled cannot be upgraded to the target version.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Compatibility Check of At-Rest Encryption for Secrets
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Check Items
                                                                                                                                                                                                                                          Check whether the target version supports at-rest encryption for secrets. If it does not, clusters that have this feature enabled cannot be upgraded to the target version.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Solution
                                                                                                                                                                                                                                          Secret encryption is supported in CCE clusters of v1.27 or later versions. The feature is available in the following versions:
                                                                                                                                                                                                                                          • v1.27: v1.27.10-r0 or later
                                                                                                                                                                                                                                          • v1.28: v1.28.8-r0 or later
                                                                                                                                                                                                                                          • v1.29: v1.29.4-r0 or later
                                                                                                                                                                                                                                          • Other clusters of later versions
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Solution
                                                                                                                                                                                                                                          At-rest encryption for secrets is supported in CCE clusters of v1.27 or later versions. The feature is available in the following versions:
                                                                                                                                                                                                                                          • v1.27: v1.27.10-r0 or later
                                                                                                                                                                                                                                          • v1.28: v1.28.8-r0 or later
                                                                                                                                                                                                                                          • v1.29: v1.29.4-r0 or later
                                                                                                                                                                                                                                          • Other clusters of later versions
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          If secret encryption has been enabled in the cluster before the upgrade, the target cluster version must also support this feature. Select a target version that supports secret encryption for the upgrade.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          If at-rest encryption for secrets is enabled in the cluster before the upgrade, the target cluster version must also support this feature. Select a target version that supports at-rest encryption for secrets for the upgrade.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_10_0522.html b/docs/cce/umn/cce_10_0522.html
index c2778315c..07f4193c0 100644
--- a/docs/cce/umn/cce_10_0522.html
+++ b/docs/cce/umn/cce_10_0522.html
@@ -3,8 +3,8 @@
 
                                                                                                                                                                                                                                          Drainage Tasks
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Check Items
                                                                                                                                                                                                                                          An unfinished drainage task is detected in the cluster, which may resume after the upgrade. If this happens, running pods will be evicted, which could impact your services.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Solution
                                                                                                                                                                                                                                          1. Configure the kubectl command. For details, see Connecting to a Cluster Using kubectl.
                                                                                                                                                                                                                                          2. Check if there are any drainage tasks in progress.
                                                                                                                                                                                                                                            kubectl get drainage
                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                            Figure 1 An in-progress drainage task
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                            Solution
                                                                                                                                                                                                                                            1. Configure the kubectl command. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                                            2. Check if there are any drainage tasks in progress.
                                                                                                                                                                                                                                              kubectl get drainage
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                              Figure 1 An in-progress drainage task
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              Delete the drainage resources and perform the pre-upgrade check again.
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                            3. Run the following command to delete a drainage task:
                                                                                                                                                                                                                                              kubectl delete drainage {Name of the drainage task}
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                            
diff --git a/docs/cce/umn/cce_10_0528.html b/docs/cce/umn/cce_10_0528.html
index bb1bac589..767a2dbc1 100644
--- a/docs/cce/umn/cce_10_0528.html
+++ b/docs/cce/umn/cce_10_0528.html
@@ -9,12 +9,12 @@
 
                                                                                                                                                                                                                                            • nodepool id(1786cd55-xxxx-xxxx-aac8-0255ac100095) indicates that the node pool with the ID 1786cd55-xxxx-xxxx-aac8-0255ac100095 has an abnormal configuration.
                                                                                                                                                                                                                                            • nodepool id(master) indicates that the cluster has an abnormal configuration.
                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                            Scenario 1: Abnormal node pool configuration
                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                            To fix this issue, perform the following operations:
                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                            1. Log in to the CCE console. In the navigation pane, choose Nodes.
                                                                                                                                                                                                                                            2. Locate the affected node pool and choose More > Manage.
                                                                                                                                                                                                                                            3. In Networking Components, set the nic-max-above-warm-target value to a maximum of 256.
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                              1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Nodes.
                                                                                                                                                                                                                                              2. Locate the affected node pool and choose More > Manage.
                                                                                                                                                                                                                                              3. In Networking Components, set the nic-max-above-warm-target value to a maximum of 256.
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                              4. Click OK.
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              Scenario 2: Abnormal cluster configuration
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              To fix this issue, perform the following operations:
                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                              1. Log in to the CCE console. In the navigation pane, choose Settings.
                                                                                                                                                                                                                                              2. Click the Network tab and set the Threshold for Unbinding Pre-bound Container ENIs value to a maximum of 256.
                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Settings.
                                                                                                                                                                                                                                                2. Click the Network tab and set the Threshold for Unbinding Pre-bound Container ENIs value to a maximum of 256.
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                3. Click Confirm Configuration.
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                            
diff --git a/docs/cce/umn/cce_10_0530.html b/docs/cce/umn/cce_10_0530.html
index 3ec165f36..b779fae14 100644
--- a/docs/cce/umn/cce_10_0530.html
+++ b/docs/cce/umn/cce_10_0530.html
@@ -7,7 +7,7 @@
 
                                                                                                                                                                                                                                            To check the SNATIPRanges value of a cluster, run the following command:
                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                            kubectl get yc default -oyaml | grep snatIPRanges
                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                            You can also run the ip route command in the pod to check the pod's route table.
                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Solution
                                                                                                                                                                                                                                          When you update SNATIPRanges in a region's backbone configuration, the change takes effect after the cluster is upgraded. However, the pod's route table will not be automatically updated. To fix this, simply restart the pod to refresh its route table.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          CCE automatically checks if the SNATIPRanges configuration has been updated before a cluster upgrade. You can manually skip this check item and restart the pod after the upgrade to update its route table.
                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_10_0531.html b/docs/cce/umn/cce_10_0531.html
index 3a80ac8b3..2339c0c98 100644
--- a/docs/cce/umn/cce_10_0531.html
+++ b/docs/cce/umn/cce_10_0531.html
@@ -1,10 +1,11 @@
 
 
 
                                                                                                                                                                                                                                          Add-on Configuration Consistency
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Check Items
                                                                                                                                                                                                                                          Manual modifications to add-on configuration parameters (typically ConfigMaps), instead of modifications through the CCE console or APIs, may be overwritten after an upgrade, potentially affecting service operation.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Check Items
                                                                                                                                                                                                                                          Manual modifications to add-on configuration parameters (typically ConfigMaps), instead of modifications through the CCE console or add-on API updates, may be overwritten after an upgrade, potentially affecting service operation.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Solution
                                                                                                                                                                                                                                          • Non-forced upgrades
                                                                                                                                                                                                                                            • When upgrading your cluster, if the add-on version is compatible with both the source and target cluster versions, you need to determine whether to upgrade the add-on version.
                                                                                                                                                                                                                                            • If the add-on configurations are inconsistent but a forced upgrade is not required, you can skip this check item and leave the add-on upgrade option unselected during the cluster upgrade.
                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                          • Forced upgrades
                                                                                                                                                                                                                                            • If the add-on version is no longer compatible with the upgraded cluster version, you must upgrade the add-on version.
                                                                                                                                                                                                                                            • If the add-on configurations are inconsistent and a forced upgrade is required, you cannot skip this check item. In this case, reconfigure the add-on parameters through the CCE console or APIs to ensure configuration consistency before proceeding with the upgrade.
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                            Solution
                                                                                                                                                                                                                                            • Non-forced upgrades
                                                                                                                                                                                                                                              • When upgrading your cluster, if the add-on version is compatible with both the source and target cluster versions, you need to determine whether to upgrade the add-on version.
                                                                                                                                                                                                                                              • If the add-on configurations are inconsistent but a forced upgrade is not required, you can skip this check item and leave the add-on upgrade option unselected during the cluster upgrade.
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                            • Forced upgrades
                                                                                                                                                                                                                                              • If the add-on version is no longer compatible with the upgraded cluster version, you must upgrade the add-on version.
                                                                                                                                                                                                                                              • If the add-on configurations are inconsistent and a forced upgrade is required, you cannot skip this check item. In this case, reconfigure the add-on parameters through the CCE console or APIs to ensure configuration consistency before proceeding with the upgrade.
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                              If the CoreDNS add-on configurations are inconsistent, see CoreDNS Configuration Consistency.
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_10_0549.html b/docs/cce/umn/cce_10_0549.html
index 3733c4c99..68cc6dde9 100644
--- a/docs/cce/umn/cce_10_0549.html
+++ b/docs/cce/umn/cce_10_0549.html
@@ -3,553 +3,525 @@
 
                                                                                                                                                                                                                                          Pre-upgrade Check
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          The system automatically checks a cluster before its upgrade. If the cluster does not meet the pre-upgrade check conditions, the upgrade cannot continue. To avoid risks, you can perform pre-upgrade check according to the check items and solutions described in this section.
                                                                                                                                                                                                                                          
 
-
                                                                                                                                                                                                                                          Table 1 Check items
                                                                                                                                                                                                                                          No.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/docs/cce/umn/cce_10_0550.html b/docs/cce/umn/cce_10_0550.html
index 9fe92fa6e..57e8ff909 100644
--- a/docs/cce/umn/cce_10_0550.html
+++ b/docs/cce/umn/cce_10_0550.html
@@ -107,7 +107,7 @@
 
                                                                                                                                                                                                                                        9. CIDR Block of the Cluster Management Plane
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          10. 
-
                                                                                                                                                                                                                                        10. CCE AI Suite (NVIDIA GPU)
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                        11. CCE AI Suite (NVIDIA GPU) Exceptions
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                        12. Nodes' System Parameters
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          13. 
@@ -137,7 +137,7 @@
 
                                                                                                                                                                                                                                        13. Number of Node Images
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          14. 
-
                                                                                                                                                                                                                                        14. Compatibility Check of Secret Encryption
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                        15. Compatibility Check of At-Rest Encryption for Secrets
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                        16. Compatibility Between the Ubuntu Kernel and GPU Driver
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          17. 
diff --git a/docs/cce/umn/cce_10_0552.html b/docs/cce/umn/cce_10_0552.html
index 259bcff4b..d18df805a 100644
--- a/docs/cce/umn/cce_10_0552.html
+++ b/docs/cce/umn/cce_10_0552.html
@@ -2,8 +2,8 @@
 
 
                                                                                                                                                                                                                                          Enhanced CPU Policy
                                                                                                                                                                                                                                          Kubernetes provides two CPU policies: none and static.
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          • none: The CPU policy is disabled by default, indicating the existing scheduling behavior.
                                                                                                                                                                                                                                          • static: The static CPU core binding policy is enabled. This policy allows pods with certain resource characteristics to be granted enhanced CPU affinity and exclusivity on the node.
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Based on the Kubernetes static core binding policy, the enhanced CPU policy (enhanced-static) supports burstable pods (whose CPU requests and limits must be positive integers) and allows them to preferentially use certain CPUs to ensure application stability. Example:
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          • none: The CPU policy is disabled by default, indicating the existing scheduling behavior.
                                                                                                                                                                                                                                          • static: The static CPU pinning policy is enabled. This policy allows pods with certain resource characteristics to be granted enhanced CPU affinity and exclusivity on the node.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          The enhanced-static CPU policy extends Kubernetes static CPU pinning to support burstable pods, which must have integer CPU requests and limits. It enables these pods to preferentially use specific CPUs, ensuring application stability. Example:
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          ...
 spec:
   containers:
@@ -16,14 +16,14 @@ spec:
       requests:
         memory: "200Mi"
         cpu: "1"
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          This feature is built on the optimized CPU scheduling in the HCE OS 2.0 kernel. When the CPU usage preferentially used by a container exceeds 85%, the container is automatically allocated to other CPUs with low usage to ensure the response capability of applications.
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          This feature is based on optimized CPU scheduling in the HCE OS 2.0 kernel. When the CPU usage preferentially used by a container exceeds 85%, the container is automatically allocated to other CPUs with low usage to ensure the response capability of applications.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                          • When enhanced CPU policy is enabled, the application performance is better than that of the none policy but worse than that of the static policy.
                                                                                                                                                                                                                                          • CPU would not be exclusively used by burstable pods, it is still in the shared CPU pool. When the burstable pods are in the low tide, other pods can share this CPU.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Notes and Constraints
                                                                                                                                                                                                                                          To use this feature, the following conditions must be met:
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          • The cluster version must be v1.23 or later.
                                                                                                                                                                                                                                          • The node OS is HCE OS 2.0.
                                                                                                                                                                                                                                          • The CPU management policy does not apply to ECS (PM) nodes in CCE Turbo clusters.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          • The cluster version must be v1.23 or later.
                                                                                                                                                                                                                                          • The node OS must be HCE OS 2.0.
                                                                                                                                                                                                                                          • The CPU management policy does not apply to ECS (PM) nodes in CCE Turbo clusters.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Procedure
                                                                                                                                                                                                                                          1. Log in to the CCE console.
                                                                                                                                                                                                                                          2. Click the cluster name to access the cluster console. Choose Nodes in the navigation pane. In the right pane, click the Node Pools tab.
                                                                                                                                                                                                                                          3. Select a node pool whose OS is HCE OS 2.0 and choose Manage in the Operation column.
                                                                                                                                                                                                                                          4. On the Manage Configurations page, change the cpu-manager-policy value to enhanced-static in the kubelet area.
                                                                                                                                                                                                                                          5. Click OK.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Procedure
                                                                                                                                                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                          2. Choose Nodes in the navigation pane and click the Node Pools tab on the right.
                                                                                                                                                                                                                                          3. Select a node pool whose OS is HCE OS 2.0 and click Manage in the Operation column.
                                                                                                                                                                                                                                          4. On the Manage Configurations page, change the cpu-manager-policy value to enhanced-static in the kubelet area.
                                                                                                                                                                                                                                          5. Click OK.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Verification
                                                                                                                                                                                                                                          Take a node with 8 vCPUs and 32 GiB of memory as an example. Deploy a workload whose CPU request is 1 and limit is 2 in the cluster beforehand.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          1. Log in to a node in the node pool and view the /var/lib/kubelet/cpu_manager_state output.
                                                                                                                                                                                                                                            cat /var/lib/kubelet/cpu_manager_state
                                                                                                                                                                                                                                            
diff --git a/docs/cce/umn/cce_10_0554.html b/docs/cce/umn/cce_10_0554.html
index 8163668ab..f6541df64 100644
--- a/docs/cce/umn/cce_10_0554.html
+++ b/docs/cce/umn/cce_10_0554.html
@@ -1,42 +1,38 @@
 
 
 
                                                                                                                                                                                                                                            Collecting Control Plane Component Logs
                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                            CCE allows you to collect the logs of master nodes. On the Logging page, you can select one or more control plane components (kube-controller-manager, kube-apiserver, and kube-scheduler) whose logs need to be reported.
                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                            Notes and Constraints
                                                                                                                                                                                                                                            • The cluster version must be v1.21.7-r0 or later, v1.23.5-r0 or later, or 1.25.
                                                                                                                                                                                                                                            • There is required LTS resource quota.
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                            CCE allows you to collect the logs of master nodes. On the Logging page, you can select one or more control plane components (kube-controller-manager, kube-apiserver, and kube-scheduler) whose logs need to be reported.
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                            Constraints
                                                                                                                                                                                                                                            • The cluster version must be v1.21.7-r0 or later, v1.23.5-r0 or later, or 1.25.
                                                                                                                                                                                                                                            • There is required LTS resource quota.
                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                            Control Plane Components
                                                                                                                                                                                                                                            There are three control plane log types. Each log stream corresponds to a component of the Kubernetes control plane. To learn more about these components, see Kubernetes Components.
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                            Control Plane Components
                                                                                                                                                                                                                                            CCE can collect the following types of control plane logs. Each log stream corresponds to a component of the Kubernetes control plane. To learn more about these components, see Kubernetes Components.
                                                                                                                                                                                                                                            
 
-
                                                                                                                                                                                                                                          Table 1 Check items
                                                                                                                                                                                                                                          No.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Check Item
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Check Item
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Description
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          1
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          1
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Node Restrictions
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Node Restrictions
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          • Check whether the node is available. 
                                                                                                                                                                                                                                          • Check whether the node OS supports the upgrade.
                                                                                                                                                                                                                                          • Check whether the node is marked with unexpected node pool labels.
                                                                                                                                                                                                                                          • Check whether the Kubernetes node name is the same as the ECS name.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          2
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          2
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Upgrade Management
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Upgrade Management
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether the target cluster is under upgrade management.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          3
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          3
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Add-ons
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Add-ons
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          • Check whether the add-on status is normal.
                                                                                                                                                                                                                                          • Check whether the add-on supports the target version.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          4
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          4
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Helm Charts
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Helm Charts
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether the current HelmRelease record contains discarded Kubernetes APIs that are not supported by the target cluster version. If yes, the Helm chart may be unavailable after the upgrade.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          5
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          5
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          SSH Connectivity of Master Nodes
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Check whether your master nodes can be accessed using SSH.
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          6
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Node Pools
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Node Pools
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check the node pool status.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          7
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          6
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Security Groups
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Security Groups
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether the Protocol & Port of the worker node security groups is set to ICMP: All and whether the security group rule with the source IP address set to the master node security group has been deleted.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          8
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          7
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Residual Nodes
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Residual Nodes
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether nodes need to be migrated.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          9
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          8
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Discarded Kubernetes Resources
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Discarded Kubernetes Resources
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether there are discarded resources in the clusters.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          10
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          9
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Compatibility Risks
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Compatibility Risks
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Read the version compatibility differences and ensure that they are not affected. The patch upgrade does not involve version compatibility differences.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          11
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          10
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          CCE Agent Versions
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          CCE Agent Versions
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether cce-agent on the current node is of the latest version.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          12
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          11
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Node CPU Usage
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Node CPU Usage
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether the node's CPU usage is above 90%.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          13
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          12
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          CRDs
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Node Disks
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          • Check whether the key CRD packageversions.version.cce.io of the cluster is deleted.
                                                                                                                                                                                                                                          • Check whether the cluster key CRD network-attachment-definitions.k8s.cni.cncf.io is deleted.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          • Check whether the key data disks on the node meet the upgrade requirements.
                                                                                                                                                                                                                                          • Check whether the /tmp directory has 500 MB of available space.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          14
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          13
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Node Disks
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          • Check whether the key data disks on the node meet the upgrade requirements.
                                                                                                                                                                                                                                          • Check whether the /tmp directory has 500 MB available space.
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          15
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Node DNS
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Node DNS
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          • Check whether the DNS configuration of the current node can resolve the OBS address.
                                                                                                                                                                                                                                          • Check whether the current node can access the OBS address of the storage upgrade component package.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          16
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          14
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Node Key Directory File Permissions
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Node Key Directory File Permissions
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Check whether the owner and owner group of the files in the /var/paas directory used by the CCE are both paas.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Check whether the root directory permissions are properly assigned.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          17
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          15
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          kubelet
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          kubelet
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether the kubelet on the node is running properly.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          18
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          16
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Node Memory
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Node Memory
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether the node's memory usage is above 90%.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          19
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          17
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Node Clock Synchronization Server
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Node Clock Synchronization Server
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether the clock synchronization server ntpd or chronyd of the node is running properly.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          20
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          18
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Node OS
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Node OS
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether the OS kernel version of the node is supported by CCE.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          21
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          19
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Node CPU Cores
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Node CPU Cores
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Verify that the master nodes in your cluster have more than 2 CPU cores.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          22
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          20
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Node Python Commands
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Check whether the Python commands are available on a node.
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          23
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Node Readiness
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Node Readiness
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether the nodes in the cluster are ready.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          24
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          21
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Node journald
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Node journald
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether journald of a node is normal.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          25
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          22
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          containerd.sock
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          containerd.sock
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether the containerd.sock file is on the node. This file affects the startup of container runtime in the Euler OS.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          26
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          23
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Internal Error
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Internal Error
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          This check item is not typical and implies that an internal error was found during the pre-upgrade check.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          27
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          24
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Node Mount Points
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Node Mount Points
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether there are inaccessible mount points on the node.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          28
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          25
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Kubernetes Node Taints
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Kubernetes Node Taints
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether the taint needed for cluster upgrade exists on the node.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          29
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          26
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Everest Restrictions
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Everest Restrictions
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether there are any compatibility restrictions on the current Everest add-on.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          30
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          27
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          cce-hpa-controller Limitations
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          cce-hpa-controller Limitations
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether there are compatibility limitations between the current and target cce-controller-hpa add-on versions.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          31
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          28
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Enhanced CPU Policies
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Enhanced CPU Policies
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether the current cluster version and the target version support enhanced CPU policy.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          32
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          29
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Health of Worker Node Components
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Health of Worker Node Components
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether the container runtime and network components on the worker nodes are healthy.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          33
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          30
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Health of Master Node Components
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Health of Master Node Components
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether cluster components such as the Kubernetes component, container runtime component, and network component are running properly before the upgrade.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          34
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          31
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Memory Resource Limit of Kubernetes Components
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Memory Resource Limit of Kubernetes Components
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether the resources of Kubernetes components, such as etcd and kube-controller-manager, exceed the upper limit.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          35
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          32
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Discarded Kubernetes APIs
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Discarded Kubernetes APIs
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          The system scans the audit logs of the past day to check whether the user calls the deprecated APIs of the target Kubernetes version.
                                                                                                                                                                                                                                           NOTE: 
                                                                                                                                                                                                                                          Due to the limited time range of audit logs, this check item is only an auxiliary method. APIs to be deprecated may have been used in the cluster, but their usage is not included in the audit logs of the past day. Check the API usage carefully.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          36
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          33
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          IPv6 Support in CCE Turbo Clusters
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          IPv6 Support in CCE Turbo Clusters
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          If IPv6 is enabled for a CCE Turbo cluster, check whether the target cluster version supports IPv6.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          37
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          34
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          NetworkManager
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          NetworkManager
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether NetworkManager of a node is normal.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          38
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          35
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Node ID File
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Node ID File
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check the ID file format.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          39
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          36
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Node Configuration Consistency
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Node Configuration Consistency
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          When you upgrade a cluster to v1.19 or later, the system checks whether the following configuration files have been modified on the backend:
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          When you upgrade a cluster to v1.19 or later, CCE checks whether the following configuration files have been modified on the backend:
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          40
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          37
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Node Configuration File
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Node Configuration File
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether the configuration files of key components exist on the node.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          41
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          38
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          CoreDNS Configuration Consistency
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          CoreDNS Configuration Consistency
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether the current CoreDNS key configuration Corefile is different from the Helm release record. The difference may be overwritten during the add-on upgrade, affecting domain name resolution in the cluster.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          42
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          39
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          sudo
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          sudo
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether the sudo commands and sudo-related files of the node are working.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          43
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          40
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Key Node Commands
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Key Node Commands
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Whether some key commands that the node upgrade depends on are working
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          44
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          41
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Mounting of a Sock File on a Node
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Mounting of a Sock File on a Node
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether the docker/containerd.sock file is directly mounted to the pods on a node. During an upgrade, Docker or containerd restarts and the sock file on the host changes, but the sock file mounted to pods does not change accordingly. As a result, your services cannot access Docker or containerd due to sock file inconsistency. After the pods are rebuilt, the sock file is mounted to the pods again, and the issue is resolved accordingly.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          45
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          42
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          HTTPS Load Balancer Certificate Consistency
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          HTTPS Load Balancer Certificate Consistency
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether the certificate used by an HTTPS load balancer has been modified on ELB.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          46
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          43
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Node Mounting
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Node Mounting
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Check whether the default mount directory and soft link on the node have been manually mounted or modified.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          This section describes how to diagnose and fix node-mount failures caused by CCE storage misconfigurations.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          47
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          44
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Login Permissions of User paas on a Node
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Login Permissions of User paas on a Node
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether user paas is allowed to log in to a node.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          48
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          45
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Private IPv4 Addresses of Load Balancers
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Private IPv4 Addresses of Load Balancers
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether the load balancer associated with a Service is allocated with a private IPv4 address.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          49
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          46
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Historical Upgrade Records
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Historical Upgrade Records
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check the historical upgrade records of the cluster and confirm that the current version of the cluster meets the requirements for upgrading to the target version.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          50
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          47
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          CIDR Block of the Cluster Management Plane
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          CIDR Block of the Cluster Management Plane
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether the CIDR block of the cluster management plane is the same as that configured on the backbone network.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          51
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          48
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          CCE AI Suite (NVIDIA GPU)
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          CCE AI Suite (NVIDIA GPU) Exceptions
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          CCE AI Suite (NVIDIA GPU) is involved in the upgrade, which may affect the GPU driver installation during the creation of a GPU node.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Check whether CCE AI Suite (NVIDIA GPU) involved in the upgrade affects the GPU driver installation when creating a GPU node.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          52
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          49
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Nodes' System Parameters
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Nodes' System Parameters
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether the default system parameter settings on your nodes are modified.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          53
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          50
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Residual Package Version Data
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Residual Package Version Data
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Check whether there are residual package version data in the current cluster.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Check whether there is residual package version data in the current cluster.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          54
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          51
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Node Commands
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Node Commands
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether the commands required for the upgrade are available on the node.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          55
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          52
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Node Swap
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Node Swap
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether swap has been enabled on cluster nodes.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          56
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          53
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          NGINX Ingress Controller
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          NGINX Ingress Controller
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether there are compatibility issues that may occur during NGINX Ingress Controller upgrade.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          57
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          54
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          containerd Pod Restart Risks
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          containerd Pod Restart Risks
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether the service pods running on a containerd node are restarted when containerd is upgraded.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          58
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          55
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Key CCE AI Suite (NVIDIA GPU) Parameters
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Key CCE AI Suite (NVIDIA GPU) Parameters
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether the configuration of CCE AI Suite (NVIDIA GPU) in a cluster has been intrusively modified. If so, upgrading the cluster may fail.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          59
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          56
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          GPU Pod Rebuild Risks
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          GPU Pod Rebuild Risks
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether GPU service pods are rebuilt in a cluster when kubelet is restarted during the upgrade of the cluster.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          60
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          57
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          ELB Listener Access Control
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          ELB Listener Access Control
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          If so, check whether their configurations are correct.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          61
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          58
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Master Node Flavor
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Check whether the flavor of the master nodes in the cluster is the same as the actual flavor of these nodes.
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          62
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Subnet Quota of Master Nodes
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Subnet Quota of Master Nodes
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether the number of available IP addresses in the cluster subnet supports rolling upgrade.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          63
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          59
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Node Runtime
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Node Runtime
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether an alarm is generated when a cluster is upgraded to v1.27 or later. Do not use Docker in clusters of versions later than 1.27.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          64
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          60
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Node Pool Runtime
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Node Pool Runtime
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether an alarm is generated when a cluster is upgraded to v1.27 or later. Do not use Docker in clusters of versions later than 1.27.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          65
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          61
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Number of Node Images
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Number of Node Images
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check the number of images on your node. If there are more than 1000 images, it takes a long time for Docker to start, affecting the standard Docker output and functions such as Nginx.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          66
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          62
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Compatibility Check of Secret Encryption
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Compatibility Check of At-Rest Encryption for Secrets
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Check whether the target version supports secret encryption. If it does not, clusters that have this feature enabled cannot be upgraded to the target version.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Check whether the target version supports at-rest encryption for secrets. If it does not, clusters that have this feature enabled cannot be upgraded to the target version.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          67
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          63
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Compatibility Between the Ubuntu Kernel and GPU Driver
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Compatibility Between the Ubuntu Kernel and GPU Driver
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Make sure that CCE AI Suite (NVIDIA GPU) and Ubuntu nodes are compatible before using them in a cluster. If the Ubuntu kernel is 5.15.0-113-generic, the driver of the GPU add-on must be 535.161.08 or later.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          68
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          64
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Drainage Tasks
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Drainage Tasks
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          An unfinished drainage task is detected in the cluster, which may resume after the upgrade. If this happens, running pods will be evicted, which could impact your services.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          69
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          65
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Image Layers on a Node
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Image Layers on a Node
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check the number of image layers on your node. If there are more than 5000 layers, it will take a long time for Docker or containerd to start, affecting the stdout of Docker or containerd.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          70
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          66
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Cluster Rolling Upgrade
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Cluster Rolling Upgrade
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether your cluster is eligible for a rolling upgrade. The result shows that the rolling upgrade is not supported.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          71
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          67
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Rotation Certificates
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Rotation Certificates
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether the number of certificates on your node is greater than 1000. During an upgrade, certificate files will be processed in batches. An excessive number of certificate files will lead to a slow node upgrade and result in pod eviction from the node.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          72
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          68
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Ingress and ELB Configuration Consistency
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Ingress and ELB Configuration Consistency
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether any modifications have been made to the listener, forwarding policy, forwarding rule, backend cloud server group, backend cloud server, or certificate configurations that were automatically generated by the ingress on the ELB console.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          73
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          69
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Network Policies of Cluster Network Components
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Network Policies of Cluster Network Components
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check the network policy settings on the master nodes in your cluster. If any manual modifications have been made, they will be reset during the upgrade.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          74
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          70
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Cluster and Node Pool Configurations
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Cluster and Node Pool Configurations
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether the nic-max-above-warm-target value configured for the network component of the current cluster exceeds the maximum value allowed.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          75
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          71
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Time Zone of Master Nodes
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Time Zone of Master Nodes
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Check whether the time zone of the master nodes matches the cluster's time zone. If they are different, the master nodes will be updated to match the cluster's time zone during a rolling upgrade.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          76
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          72
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          SNATIPRanges
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          SNATIPRanges
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Check whether the SNATIPRanges value has changed after the upgrade. This check is available only for CCE Turbo clusters.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Check whether the SNATIPRanges value has changed after the upgrade. This check is available only for CCE Turbo clusters.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          77
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          73
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Add-on Configuration Consistency
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Add-on Configuration Consistency
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Manual modifications to add-on configuration parameters (typically ConfigMaps), instead of modifications through the CCE console or APIs, may be overwritten after an upgrade, potentially affecting service operation.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Manual modifications to add-on configuration parameters (typically ConfigMaps), instead of modifications through the CCE console or add-on API updates, may be overwritten after an upgrade, potentially affecting service operation.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           
 
 
 
 
 
                                                                                                                                                                                                                                          
-
@@ -78,7 +78,7 @@ spec:
 
diff --git a/docs/cce/umn/cce_10_0604.html b/docs/cce/umn/cce_10_0604.html
index 0c839f6b5..86ee1880a 100644
--- a/docs/cce/umn/cce_10_0604.html
+++ b/docs/cce/umn/cce_10_0604.html
@@ -1,15 +1,15 @@
 
 
-
                                                                                                                                                                                                                                          Configuring Shared Bandwidth for a Pod with IPv6 Dual-Stack ENIs
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Application Scenarios
                                                                                                                                                                                                                                          By default, pods with IPv6 dual-stack ENIs can access only the IPv6 private network. To access the public network, configure shared bandwidth for such pods.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Configuring Shared Bandwidth for a Pod with IPv6 Dual-Stack Network Interfaces	
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Application Scenarios
                                                                                                                                                                                                                                          By default, pods with IPv6 dual-stack network interfaces can access only the IPv6 private network. To access the public network, configure shared bandwidth for such pods.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Notes and Constraints
                                                                                                                                                                                                                                          • Only CCE Turbo clusters are supported and the following constraints must be met:
                                                                                                                                                                                                                                            • IPv6 dual stack has been enabled for the cluster.
                                                                                                                                                                                                                                            • The cluster version is v1.23.8-r0, v1.25.3-r0, or later.
                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                          • The number of IPv6 ENIs that can be added to a shared bandwidth is limited by the tenant quota. The default value is 20. 
                                                                                                                                                                                                                                          • hostNetwork Pods are not supported.
                                                                                                                                                                                                                                          • All types of workloads are supported. When configuring IPv6 shared bandwidth for workloads with the replicas attribute, such as Deployment and StatefulSet, ensure that the number of replicas and the maximum number of pods during the upgrade are less than the remaining quota of IPv6 ENIs that can be added to the shared bandwidth.
                                                                                                                                                                                                                                          • IPv6 dual-stack pod configured with shared bandwidth: When a pod is created, the CNI returns a success message only after the IPv6 dual-stack ENI is inserted into the shared bandwidth. When a pod is deleted, the IPv6 dual-stack ENI is removed from the shared bandwidth after the pod is completely deleted or the pod is in the deleting status for 30 seconds.
                                                                                                                                                                                                                                          • If the IPv6 dual-stack ENI corresponding to the pod fails to be added to the shared bandwidth, an alarm event FailedIPv6InsertBandwidth is generated on the pod, for example, when the quota is exceeded or flow control is triggered. Rectify the fault based on the alarm event.
                                                                                                                                                                                                                                          • On the Shared Bandwidths page of the EIP console, go to the target shared bandwidth details page, and click the IPv6 Addresses tab. The IPv6 dual-stack ENI whose Associated Instance is CCE is displayed. Do not remove the ENI directly on the page or using VPC APIs, otherwise, your services may be affected.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                        17. The number of IPv6 network interfaces that can be added to a shared bandwidth is limited by the tenant quota. The default value is 20.
                                                                                                                                                                                                                                        18. hostNetwork Pods are not supported.
                                                                                                                                                                                                                                        19. All types of workloads are supported. When configuring IPv6 shared bandwidth for workloads with the replicas attribute, such as Deployment and StatefulSet, ensure that the number of replicas and the maximum number of pods during the upgrade are less than the remaining quota of IPv6 network interfaces that can be added to the shared bandwidth.
                                                                                                                                                                                                                                        20. IPv6 dual-stack pod configured with shared bandwidth: When a pod is created, the CNI returns a success message only after the IPv6 dual-stack network interface is inserted into the shared bandwidth. When a pod is deleted, the IPv6 dual-stack network interface is removed from the shared bandwidth after the pod is completely deleted or the pod is in the deleting status for 30 seconds.
                                                                                                                                                                                                                                        21. If the IPv6 dual-stack network interface corresponding to the pod fails to be added to the shared bandwidth, an alarm event FailedIPv6InsertBandwidth is generated on the pod, for example, when the quota is exceeded or flow control is triggered. Rectify the fault based on the alarm event.
                                                                                                                                                                                                                                        22. On the Shared Bandwidths page of the EIP console, go to the target shared bandwidth details page and click the IPv6 Addresses tab. The IPv6 dual-stack network interface whose associated instance is CCE is displayed. Do not remove the network interface directly on the page or using VPC APIs, or your services may be affected.
                                                                                                                                                                                                                                          23. 
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Using the CCE Console
                                                                                                                                                                                                                                          When creating a workload, you can set the IPv6 shared bandwidth on the Advanced Settings > Network Configuration area.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Using kubectl
                                                                                                                                                                                                                                          You can add annotations to a Deployment to specify the shared bandwidth to be added to the IPv6 dual-stack ENI of the pod. The following is an example:
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Using kubectl
                                                                                                                                                                                                                                          You can add annotations to a Deployment to specify the shared bandwidth to be added to the IPv6 dual-stack network interface of the pod. The following is an example:
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          ...
 spec:
   selector:
@@ -20,7 +20,7 @@ spec:
     metadata:
       annotations:
         yangtse.io/ipv6-bandwidth-id: "xxx"
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          • yangtse.io/ipv6-bandwidth-id: specifies the ID of the shared bandwidth. The IPv6 dual-stack ENIs corresponding to the pod will be added to the shared bandwidth. You can query the ID on the Shared Bandwidths page on the EIP console.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          • yangtse.io/ipv6-bandwidth-id: specifies the ID of the shared bandwidth. The IPv6 dual-stack network interfaces corresponding to the pod will be added to the shared bandwidth. You can obtain the ID on the Shared Bandwidths page on the EIP console.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_10_0605.html b/docs/cce/umn/cce_10_0605.html
index 7fa4e5410..ae61339b8 100644
--- a/docs/cce/umn/cce_10_0605.html
+++ b/docs/cce/umn/cce_10_0605.html
@@ -64,7 +64,7 @@
 
                                                                                                                                                                                                                                          • Deletion: The pod is deleted from the current node and will not be scheduled to other nodes.
                                                                                                                                                                                                                                          • Eviction: The pod is deleted from the current node and rescheduled to another node.
                                                                                                                                                                                                                                          • None: The pod will not be evicted or deleted.
                                                                                                                                                                                                                                          • Drainage cancellation: If a pod on a node cancels drainage, the drainage process of the node is terminated and no pod is evicted or deleted.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Drainage Through the Console
                                                                                                                                                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                          2. In the navigation pane, choose Nodes. On the displayed page, click the Nodes tab.
                                                                                                                                                                                                                                          3. Locate the target node and choose More > Nodal Drainage in the Operation column.
                                                                                                                                                                                                                                          4. In the Nodal Drainage window displayed, set parameters.
                                                                                                                                                                                                                                            • Timeout (s): Node drain tasks automatically fail after the specified timeout expires. A value of 0 indicates that task will not time out.
                                                                                                                                                                                                                                            • Forced Drainage: If this function is enabled, pods managed by DaemonSet will be ignored, and pods with emptyDir volumes and pods not managed by controllers will be deleted. For details, see Rules for Draining Nodes.
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                            Drainage Through the Console
                                                                                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                            2. In the navigation pane, choose Nodes. On the displayed page, click the Nodes tab.
                                                                                                                                                                                                                                            3. Locate the target node and choose More > Nodal Drainage in the Operation column.
                                                                                                                                                                                                                                            4. In the Nodal Drainage window displayed, set parameters.
                                                                                                                                                                                                                                              • Timeout (s): Node drain tasks automatically fail after the specified timeout expires. A value of 0 indicates that task will not time out.
                                                                                                                                                                                                                                              • Forced Drainage: If this function is enabled, pods managed by DaemonSet will be ignored, and pods with emptyDir volumes and pods not managed by controllers will be deleted. For details, see Rules for Draining Nodes.
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                            5. Click OK and wait until the node drainage is complete.
                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                            Drainage Using kubectl
                                                                                                                                                                                                                                            1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                                            2. Edit the YAML file for drainage.
                                                                                                                                                                                                                                              The following is an example of Drainage-test.yaml:
                                                                                                                                                                                                                                              
@@ -171,7 +171,7 @@ status:
 
                                                                                                                                                                                                                                              Cancellation Through the Console
                                                                                                                                                                                                                                               
                                                                                                                                                                                                                                              In clusters of v1.23.16-r0, v1.25.11-r0, v1.27.8-r0, v1.28.6-r0, v1.29.2-r0, or later versions, node drainage can be canceled.
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              This operation will abort drainage on nodes, but workloads that have been evicted from these nodes will not be automatically migrated back.
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                              1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                              2. In the navigation pane, choose Nodes. On the displayed page, click the Nodes tab.
                                                                                                                                                                                                                                              3. Locate the node that is being drained and click Cancel Drainage.
                                                                                                                                                                                                                                              4. In the displayed dialog box, click OK. The node status changes to Drainage cancelled. You can click Enable Scheduling to restore the node to the schedulable state.
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                              1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                              2. In the navigation pane, choose Nodes. On the displayed page, click the Nodes tab.
                                                                                                                                                                                                                                              3. Locate the node that is being drained and click Cancel Drainage.
                                                                                                                                                                                                                                              4. In the displayed dialog box, click OK. The node status changes to Drainage cancelled. You can click Enable Scheduling to restore the node to the schedulable state.
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              Cancellation Using kubectl
                                                                                                                                                                                                                                               
                                                                                                                                                                                                                                              In clusters of v1.23.16-r0, v1.25.11-r0, v1.27.8-r0, v1.28.6-r0, v1.29.2-r0, or later versions, node drainage can be canceled.
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              This operation will abort drainage on nodes, but workloads that have been evicted from these nodes will not be automatically migrated back.
                                                                                                                                                                                                                                              
diff --git a/docs/cce/umn/cce_10_0613.html b/docs/cce/umn/cce_10_0613.html
index fe8478301..eb3b85df1 100644
--- a/docs/cce/umn/cce_10_0613.html
+++ b/docs/cce/umn/cce_10_0613.html
@@ -1,128 +1,146 @@
 
 
-
                                                                                                                                                                                                                                              Overview
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                              EVS Overview
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              To achieve persistent storage, CCE allows you to mount the storage volumes created from Elastic Volume Service (EVS) disks to a path of a container. When the container is migrated within an AZ, the mounted EVS volumes are also migrated. By using EVS volumes, you can mount the remote file directory of a storage system to a container so that data in the data volume is permanently preserved. Even if the container is deleted, the data in the data volume is still stored in the storage system.
                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                               
                                                                                                                                                                                                                                              Common I/O disks are the previous-generation product and cannot be created.
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                               
                                                                                                                                                                                                                                              Common I/O disks are a previous-generation product and are no longer available for creation.
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              EVS Disk Performance Specifications
                                                                                                                                                                                                                                              EVS performance metrics include:
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              • IOPS: the number of input/output operations performed by an EVS disk per second
                                                                                                                                                                                                                                              • Throughput: the amount of data read from and written into an EVS disk per second
                                                                                                                                                                                                                                              • I/O latency: the minimum interval between two consecutive I/O operations on an EVS disk
                                                                                                                                                                                                                                              
 
-
                                                                                                                                                                                                                                          Table 1 Control plane components
                                                                                                                                                                                                                                          Log Type
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          
-
-
-
-
-
-
-
-
-
-
-
-
-
@@ -44,18 +40,22 @@
 
                                                                                                                                                                                                                                          Enabling Control Plane Logging
                                                                                                                                                                                                                                          Enabling control plane logging during cluster creation
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          1. Log in to the CCE console.
                                                                                                                                                                                                                                          2. Click Create Cluster. Then, configure the parameters and click Next: Select Add-on.
                                                                                                                                                                                                                                          3. On the displayed page, select Cloud Native Log Collection and click Next: Add-on Configuration.
                                                                                                                                                                                                                                          4. On the displayed page, select Control Plane Logs for Cloud Native Log Collection.
                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                          5. Click Next: Confirm configuration.
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Enabling control plane logging for an existing cluster
                                                                                                                                                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Logging.
                                                                                                                                                                                                                                          2. Click the Control Plane Logs tab and modify the settings in Logging Settings.
                                                                                                                                                                                                                                            Figure 1 Modifying logging settings
                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                          3. Determine whether to enable logging for each component. If yes, click .
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          1. Log in to the CCE console.
                                                                                                                                                                                                                                          2. Click Create Cluster. Then, configure the parameters and click Next: Select Add-on.
                                                                                                                                                                                                                                          3. On the displayed page, select Cloud Native Log Collection and click Next: Configure Add-on.
                                                                                                                                                                                                                                          4. On the displayed page, select Control Plane Logs for Cloud Native Log Collection.
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                          5. Click Next: Confirm Settings.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Enabling control plane logging for an existing cluster
                                                                                                                                                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                          2. In the navigation pane, choose Logging.
                                                                                                                                                                                                                                          3. Click the Control Plane Logs tab and modify the settings in Logging Settings.
                                                                                                                                                                                                                                            Figure 1 Modifying logging settings
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                          4. Determine whether to enable logging for each component. If yes, click .
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Viewing Control Plane Component Logs of the Target Cluster
                                                                                                                                                                                                                                          Viewing control plane component logs of the target cluster on the CCE console
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Logging.
                                                                                                                                                                                                                                          2. Click the Control Plane Logs tab and select the topic of logs to be viewed. For details about available control plane log types, see Control Plane Components. For details about related operations, see Log Tank Service User Guide.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                          2. In the navigation pane, choose Logging.
                                                                                                                                                                                                                                          3. Click the Control Plane Logs tab and select the topic of logs to be viewed. For details about available control plane log types, see Control Plane Components.
                                                                                                                                                                                                                                            By default, no field index is configured for log streams created for CCE. You can choose Configure Index > Index Settings > Index Fields > Auto Configure to quickly configure field indexes. You can add fields extracted from structured logs to collect and analyze statistics. 
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Viewing control plane component logs of the target cluster on the LTS console
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          1. Log in to the LTS console and choose Log Management.
                                                                                                                                                                                                                                          2. Search for the log group by cluster ID and click the log group name to view the log streams. For details, see Log Tank Service User Guide.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          1. Log in to the LTS console and choose Log Management.
                                                                                                                                                                                                                                          2. Search for the log group by cluster ID and click the log group name to view the log streams.
                                                                                                                                                                                                                                            By default, no field index is configured for log streams created for CCE. You can choose Configure Index > Index Settings > Index Fields > Auto Configure to quickly configure field indexes. You can add fields extracted from structured logs to collect and analyze statistics. 
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Disabling Control Plane Logging
                                                                                                                                                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Logging.
                                                                                                                                                                                                                                          2. Click the Control Plane Logs tab. Then, modify the log setting.
                                                                                                                                                                                                                                          3. Determine whether to enable logging for each component.If you enable logging, click .
                                                                                                                                                                                                                                             
                                                                                                                                                                                                                                            After you disable control plane logging, logs are no longer written to the original log stream, but the existing logs will not be deleted and expenses may be incurred for this.
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                            Disabling Control Plane Logging
                                                                                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                            2. In the navigation pane, choose Logging.
                                                                                                                                                                                                                                            3. Click the Control Plane Logs tab. Then, modify the log setting.
                                                                                                                                                                                                                                            4. Determine whether to enable logging for each component.If you enable logging, click .
                                                                                                                                                                                                                                               
                                                                                                                                                                                                                                              After you disable control plane logging, logs are no longer written to the original log stream, but the existing logs will not be deleted and expenses may be incurred for this.
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                            
diff --git a/docs/cce/umn/cce_10_0555.html b/docs/cce/umn/cce_10_0555.html
index 01d35c65b..7aab79b71 100644
--- a/docs/cce/umn/cce_10_0555.html
+++ b/docs/cce/umn/cce_10_0555.html
@@ -2,14 +2,14 @@
 
 
                                                                                                                                                                                                                                            Collecting Container Logs Using the Cloud Native Log Collection Add-on
                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                            The Cloud Native Log Collection add-on (Cloud Native Log Collection) is developed based on Fluent Bit and OpenTelemetry for collecting logs and Kubernetes events. This add-on supports CRD-based log collection policies. It collects and forwards stdout logs, container file logs, node logs, and Kubernetes events in a cluster based on configured policies.
                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                            Constraints
                                                                                                                                                                                                                                            • Up to 100 log rules can be created for each cluster.
                                                                                                                                                                                                                                            • The Cloud Native Log Collection add-on cannot collect .gz, .tar, and .zip logs and cannot access symbolic links of logs.
                                                                                                                                                                                                                                            • If the node storage driver is Device Mapper, container file logs must be collected from the path where the data disk is attached to the node.
                                                                                                                                                                                                                                            • If the container runtime is containerd, each stdout log cannot be in multiple lines. (This does not apply to the Cloud Native Log Collection add-on of version 1.3.0 or later.)
                                                                                                                                                                                                                                            • If a volume is mounted to the directory of a service container, this add-on cannot collect data from the parent directory. In this case, you need to configure a complete data directory.
                                                                                                                                                                                                                                            • If the lifetime of a container is less than 1 minute, logs cannot be collected in a timely manner. As a result, logs may be lost.
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                            Notes and Constraints
                                                                                                                                                                                                                                            • Up to 100 log rules can be created for each cluster.
                                                                                                                                                                                                                                            • The Cloud Native Log Collection add-on cannot collect .gz, .tar, and .zip logs and cannot access symbolic links of logs.
                                                                                                                                                                                                                                            • If the node storage driver is Device Mapper, container file logs must be collected from the path where the data disk is attached to the node.
                                                                                                                                                                                                                                            • If the container runtime is containerd, each stdout log cannot be in multiple lines. (This does not apply to the Cloud Native Log Collection add-on of version 1.3.0 or later.)
                                                                                                                                                                                                                                            • If a volume is mounted to the directory of a service container, this add-on cannot collect data from the parent directory. In this case, you need to configure a complete data directory.
                                                                                                                                                                                                                                            • If the lifetime of a container is less than 1 minute, logs cannot be collected in a timely manner. As a result, logs may be lost.
                                                                                                                                                                                                                                            • When you create a log stream using a collection policy, ensure that the log stream name is unique because LTS does not allow log streams with the same name (both before and after renaming), even in different log groups.
                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                            Enabling Logging on the Console
                                                                                                                                                                                                                                            1. Enable logging.
                                                                                                                                                                                                                                              Enabling logging during cluster creation
                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                              1. Log in to the CCE console.
                                                                                                                                                                                                                                              2. Click Create Cluster from the top menu.
                                                                                                                                                                                                                                              3. Configure the parameters by referring to Creating a CCE Standard/Turbo Cluster. Then, click Next: Select Add-on in the lower right corner.
                                                                                                                                                                                                                                              4. On the Select Add-on page, select Cloud Native Log Collection.
                                                                                                                                                                                                                                              5. Click Next: Add-on Configuration in the lower right corner and select the required logs.
                                                                                                                                                                                                                                                • Container logs: A log collection policy named default-stdout will be created, and stdout logs in all namespaces will be reported to LTS.
                                                                                                                                                                                                                                                • Kubernetes events: A log collection policy named default-event will be created, and Kubernetes events in all namespaces will be reported to LTS.
                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                              6. Click Next: Confirm configuration in the lower right corner. On the displayed page, click Submit.
                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                            2. View and configure log collection policies.
                                                                                                                                                                                                                                              1. On the CCE console, click the cluster name to access the cluster console. In the navigation pane, choose Logging.
                                                                                                                                                                                                                                              2. Click View Log Collection Policies in the upper right corner.
                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                1. Log in to the CCE console.
                                                                                                                                                                                                                                                2. Click Create Cluster.
                                                                                                                                                                                                                                                3. Configure the parameters by referring to Creating a CCE Standard/Turbo Cluster. Then, click Next: Select Add-on in the lower right corner.
                                                                                                                                                                                                                                                4. On the Select Add-on page, select Cloud Native Log Collection.
                                                                                                                                                                                                                                                5. Click Next: Configure Add-on in the lower right corner and select the required logs.
                                                                                                                                                                                                                                                  • Container logs: A log collection policy named default-stdout will be created, and stdout logs in all namespaces will be reported to LTS.
                                                                                                                                                                                                                                                  • Kubernetes events: A log collection policy named default-event will be created, and Kubernetes events in all namespaces will be reported to LTS.
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                6. Click Next: Confirm Settings in the lower right corner. On the displayed page, click Submit.
                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                              3. View and configure log collection policies.
                                                                                                                                                                                                                                                1. In the navigation pane, choose Logging.
                                                                                                                                                                                                                                                2. Click View Log Collection Policies in the upper right corner.
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  All log collection policies reported to LTS are displayed.
                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                3. Click Create Log Collection Policy.
                                                                                                                                                                                                                                                   
                                                                                                                                                                                                                                                  • To avoid log disorder, you are advised to select different log streams for reporting logs in the log collection policies of various log types.
                                                                                                                                                                                                                                                  • The following are requirements for configuring the container and node file log paths:
                                                                                                                                                                                                                                                    • Log directory: Enter an absolute path, for example, /log. The path must start with a slash (/) and contain a maximum of 512 characters. Only uppercase letters, lowercase letters, digits, hyphens (-), underscores (_), slashes (/), asterisks (*), and question marks (?) are allowed.
                                                                                                                                                                                                                                                    • Log file name: It can contain only uppercase letters, lowercase letters, digits, hyphens (-), underscores (_), asterisks (*), question marks (?), and periods (.). Logs in the format of .gz, .tar, and .zip are not supported.
                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                  • Click Create Log Collection Policy.
                                                                                                                                                                                                                                                     
                                                                                                                                                                                                                                                    • To keep the logs organized, you are advised to select different log streams for different types of logs when configuring the log collection policies.
                                                                                                                                                                                                                                                    • The following are requirements for configuring the container and node file log paths:
                                                                                                                                                                                                                                                      • Log directory: Enter an absolute path, for example, /log. The path must start with a slash (/) and contain a maximum of 512 characters. Only uppercase letters, lowercase letters, digits, hyphens (-), underscores (_), slashes (/), asterisks (*), and question marks (?) are allowed.
                                                                                                                                                                                                                                                      • Log file name: It can contain only uppercase letters, lowercase letters, digits, hyphens (-), underscores (_), asterisks (*), question marks (?), and periods (.). Logs in the format of .gz, .tar, and .zip are not supported.
                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                      The directory and file names must be complete and support asterisks (*) and question marks (?) as wildcards. A maximum of three levels of directories can be matched using wildcards. The level-1 directory does not support wildcards. An asterisk (*) can match multiple characters. A question mark (?) can match only one character. For example:
                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                      • If the directory is /var/logs/* and the file name is *.log, the match expression is /var/logs/*/*.log, indicating that any files with the extension .log in all level-1 directories in the /var/logs directory are matched. Note that this expression cannot match any files with the extension .log in the /var/logs directory and multi-level directories in the /var/logs directory.
                                                                                                                                                                                                                                                      • If the directory is /var/logs/app_* and the file name is *.log, any log files with the extension .log in all directories that match app_* in the /var/logs directory will be reported.
                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                    
@@ -23,9 +23,9 @@
 
 
                                                                                                                                                                                                                                          
-
-
@@ -34,9 +34,9 @@
 
-
-
-
                                                                                                                                                                                                                                          Table 1 Control plane components
                                                                                                                                                                                                                                          Component
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Component
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Log Stream
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Log Stream
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Description
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Description
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Control plane component logs
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          kube-apiserver
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          kube-apiserver
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          kube-apiserver-{{clusterID}}
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          kube-apiserver-{{clusterID}}
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Exposes Kubernetes APIs. For more information, see kube-apiserver.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Exposes Kubernetes APIs. For more information, see kube-apiserver.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          kube-controller-manager
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          kube-controller-manager
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          kube-controller-manager-{{clusterID}}
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          kube-controller-manager-{{clusterID}}
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Manages controllers and embeds the core control loops shipped with Kubernetes. For more information, see kube-controller-manager.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Manages controllers and embeds the core control loops shipped with Kubernetes. For more information, see kube-controller-manager.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          kube-scheduler
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          kube-scheduler
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          kube-scheduler-{{clusterID}}
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          kube-scheduler-{{clusterID}}
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Manages when and where to run Pods in your cluster. For more information, see kube-scheduler.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Manages when and where to run Pods in your cluster. For more information, see kube-scheduler.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           
 
 
                                                                                                                                                                                                                                          Log Type
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Container standard output: used to collect container stdout logs. You can create a log collection policy by namespace, workload name, or instance label.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Container standard output: used to collect container stdout logs. You can create a log collection policy by namespace, workload name, or instance label.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Container file log: used to collect text logs. You can specify a workload or instance label to create a log collection policy.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Container file log: used to collect text logs. You can specify a workload or instance label to create a log collection policy.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Node file log: used to collect logs from a node. Only one file path can be configured for a log collection policy.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Log Source
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          • All containers: You can specify all containers in a namespace. If this parameter is not specified, logs of containers in all namespaces will be collected.
                                                                                                                                                                                                                                          • Workload: You can specify a workload and its containers. If this parameter is not specified, logs of all containers running the workload will be collected.
                                                                                                                                                                                                                                          • Workload with target label: You can specify a workload by label and its containers. If this parameter is not specified, logs of all containers running the workload will be collected.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          • All containers: You can specify all containers in a namespace. If this parameter is not specified, logs of containers in all namespaces will be collected.
                                                                                                                                                                                                                                          • Workload: You can specify a workload and its containers. If this parameter is not specified, logs of all containers running the workload will be collected.
                                                                                                                                                                                                                                          • Workload with target label: You can specify a workload by label and its containers. If this parameter is not specified, logs of all containers running the workload will be collected.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          • Workload: You can specify a workload and its containers. If this parameter is not specified, logs of all containers running the workload will be collected.
                                                                                                                                                                                                                                          • Workload with target label: You can specify a workload by label and its containers. If this parameter is not specified, logs of all containers running the workload will be collected.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          • Workload: You can specify a workload and its containers. If this parameter is not specified, logs of all containers running the workload will be collected.
                                                                                                                                                                                                                                          • Workload with target label: You can specify a workload by label and its containers. If this parameter is not specified, logs of all containers running the workload will be collected.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          You also need to specify the log collection path. For details, see the log path configuration requirements.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Collection Path: used to configure the log collection path. For details, see the log path configuration requirements.
                                                                                                                                                                                                                                          
@@ -46,9 +46,9 @@
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Log Format
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          • Single-line
                                                                                                                                                                                                                                            Each log contains only one line of text. The newline character \n denotes the start of a new log.
                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                          • Multi-line
                                                                                                                                                                                                                                            Some programs (for example, Java program) print a log that occupies multiple lines. By default, logs are collected by line. If you want to display logs as a single message, you can enable multi-line logging and use the regular pattern. When you select Multi-line, configure Log Matching Format.
                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                            For example, if logs need to be collected by line and each log starts with a date and occupies three lines, you can set Log Matching Format to the regular expression of the date, for example, \d{4}-\d{2}-\d{2} \d{2}\:\d{2}\:\d{2}.*.
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                          • Single-line
                                                                                                                                                                                                                                            Each log contains only one line of text. The newline character \n denotes the start of a new log.
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                          • Multi-line
                                                                                                                                                                                                                                            Some programs (for example, Java program) print a log that occupies multiple lines. By default, logs are collected by line. If you want to display logs as a single message, you can enable multi-line logging and use the regular pattern. When you select Multi-line, configure Log Matching Format.
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                            For example, if logs need to be collected by line and each log starts with a date and occupies three lines, you can set Log Matching Format to the regular expression of the date, for example, \d{4}-\d{2}-\d{2} \d{2}\:\d{2}\:\d{2}.*.
                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                            The three lines starting with the date are regarded as a log.
                                                                                                                                                                                                                                            2022-01-01 00:00:00 Exception in thread "main" java.lang.RuntimeException: Something has gone wrong, aborting!
 at com.myproject.module.MyProject.badMethod(MyProject.java:22)
 at com.myproject.module.MyProject.oneMoreMethod(MyProject.java:18)
                                                                                                                                                                                                                                            
@@ -60,8 +60,8 @@ at com.myproject.module.MyProject.oneMoreMethod(MyProject.java:18)
 
                                                                                                                                                                                                                                          LTS Collection
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          This parameter is used to configure the log group and log stream for log reporting.
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          • Centralized: The default log group (k8s-log-{Cluster ID}) and default log stream (stdout-{Cluster ID}) are automatically selected.
                                                                                                                                                                                                                                          • Custom: Select a log group and log stream from the drop-down list.
                                                                                                                                                                                                                                            • Log Group: A log group is the basic unit for LTS to manage logs. If you do not have a log group, CCE prompts you to create one. The default name is k8s-log-{Cluster ID}, for example, k8s-log-bb7eaa87-07dd-11ed-ab6c-0255ac1001b3.
                                                                                                                                                                                                                                            • Log Stream: A log stream is the basic unit for reading and writing logs. You can put different types of logs into different streams to ease management. When you install the add-on or create a log collection policy based on the policy template, the following log streams are automatically created:
                                                                                                                                                                                                                                              - stdout-{Cluster ID} for container logs, for example, stdout-bb7eaa87-07dd-11ed-ab6c-0255ac1001b3
                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                              - event-{Cluster ID} for Kubernetes events, for example, event-bb7eaa87-07dd-11ed-ab6c-0255ac1001b3
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                              • Centralized: The default log group (k8s-log-{Cluster ID}) and default log stream (stdout-{Cluster ID}) are automatically selected.
                                                                                                                                                                                                                                              • Custom: Select a log group and log stream from the drop-down list.
                                                                                                                                                                                                                                                • Log Group: A log group is the basic unit for LTS to manage logs. If you do not have a log group, CCE prompts you to create one. The default name is k8s-log-{Cluster ID}, for example, k8s-log-bb7eaa87-07dd-11ed-ab6c-0255ac1001b3.
                                                                                                                                                                                                                                                • Log Stream: A log stream is the basic unit for reading and writing logs. You can put different types of logs into different streams to ease management. When you install the add-on or create a log collection policy based on the policy template, the following log streams are automatically created:
                                                                                                                                                                                                                                                  - stdout-{Cluster ID} for container logs, for example, stdout-bb7eaa87-07dd-11ed-ab6c-0255ac1001b3
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  - event-{Cluster ID} for Kubernetes events, for example, event-bb7eaa87-07dd-11ed-ab6c-0255ac1001b3
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              
@@ -71,7 +71,7 @@ at com.myproject.module.MyProject.oneMoreMethod(MyProject.java:18)
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
-
                                                                                                                                                                                                                                        23. View the logs.
                                                                                                                                                                                                                                          1. On the CCE console, click the cluster name to access the cluster console. In the navigation pane, choose Logging.
                                                                                                                                                                                                                                          2. View different types of logs:
                                                                                                                                                                                                                                          3. Click View Log Collection Policies in the upper right corner. Locate the log collection policy and click View Log to go to the log list.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                        24. View the logs.
                                                                                                                                                                                                                                          1. In the navigation pane, choose Logging.
                                                                                                                                                                                                                                          2. View different types of logs:
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          25. 
 
 
diff --git a/docs/cce/umn/cce_10_0557.html b/docs/cce/umn/cce_10_0557.html
index 407350312..682ad690f 100644
--- a/docs/cce/umn/cce_10_0557.html
+++ b/docs/cce/umn/cce_10_0557.html
@@ -3,7 +3,7 @@
 
                                                                                                                                                                                                                                          Overview
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Kubernetes logs allow you to locate and rectify faults. This section describes how to manage Kubernetes logs using different methods.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          The following are Kubernetes log management methods:
                                                                                                                                                                                                                                          
-
+
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_10_0565.html b/docs/cce/umn/cce_10_0565.html
index 8a92bc9a9..97f7f4b6d 100644
--- a/docs/cce/umn/cce_10_0565.html
+++ b/docs/cce/umn/cce_10_0565.html
@@ -3,7 +3,7 @@
 
                                                                                                                                                                                                                                          New Node Check
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Check Items
                                                                                                                                                                                                                                          Check whether nodes can be created in the cluster.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Procedure
                                                                                                                                                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                          2. In the navigation pane, choose Nodes. On the displayed page, click the Nodes tab and then Create Node. For details about the node configuration, see Creating a Node.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Procedure
                                                                                                                                                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                          2. In the navigation pane, choose Nodes. On the displayed page, click the Nodes tab and then Create Node. For details about the node configuration, see Creating a Node.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Solution
                                                                                                                                                                                                                                          If nodes cannot be created in your cluster after the cluster is upgraded, contact technical support.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_10_0566.html b/docs/cce/umn/cce_10_0566.html
index 607f45ddd..0f4ec2932 100644
--- a/docs/cce/umn/cce_10_0566.html
+++ b/docs/cce/umn/cce_10_0566.html
@@ -4,7 +4,7 @@
 
                                                                                                                                                                                                                                          Check Items
                                                                                                                                                                                                                                          • Check whether pods can be created on the existing nodes after the cluster is upgraded.
                                                                                                                                                                                                                                          • Check whether pods can be created on new nodes after the cluster is upgraded.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Procedure
                                                                                                                                                                                                                                          After creating a node based on New Node Check, create a DaemonSet workload to create pods on each node.
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                          2. In the navigation pane, choose Workloads. On the displayed page, click Create Workload or Create from YAML in the upper right corner. For details about how to create a DaemonSet, see Creating a DaemonSet.
                                                                                                                                                                                                                                            It is a good practice to use the image for routine tests as the base image. You can deploy minimum pods for an application by referring to the following YAML file.
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                            2. In the navigation pane, choose Workloads. On the displayed page, click Create Workload or Create from YAML in the upper right corner. For details about how to create a DaemonSet, see Creating a DaemonSet.
                                                                                                                                                                                                                                              It is a good practice to use the image for routine tests as the base image. You can deploy minimum pods for an application by referring to the following YAML file.
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                               
                                                                                                                                                                                                                                              In this test, a DaemonSet is deployed in the default namespace using YAML. It uses the nginx:perl base image and specifies a request of 10m vCPUs and 10 MiB of memory. The resource limits for this DaemonSet are set to 100m vCPUs and 50 MiB of memory.
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              apiVersion: apps/v1
diff --git a/docs/cce/umn/cce_10_0601.html b/docs/cce/umn/cce_10_0601.html
index 358e01cbd..bfde0490d 100644
--- a/docs/cce/umn/cce_10_0601.html
+++ b/docs/cce/umn/cce_10_0601.html
@@ -6,12 +6,12 @@
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Precautions
                                                                                                                                                                                                                                          • Theoretically, migration during container running will interrupt services for a short period of time. Therefore, it is strongly recommended that the services to be migrated have been deployed as multi-instance. In addition, you are advised to test the migration impact in the test environment to minimize potential risks.
                                                                                                                                                                                                                                          • containerd cannot build images. Do not use the docker build command to build images on containerd nodes. For other differences between Docker and containerd, see Container Engines.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Procedure for Migrating Nodes in the Default Node Pool
                                                                                                                                                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                          2. In the navigation pane, choose Nodes. On the displayed page, click the Nodes tab.
                                                                                                                                                                                                                                          3. In the node list, select one or more nodes to be reset and choose More > Reset Node in the Operation column.
                                                                                                                                                                                                                                          4. Set Container Engine to containerd. You can adjust other parameters as required or retain them as set during creation.
                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                            Procedure for Migrating Nodes in the Default Node Pool
                                                                                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                            2. In the navigation pane, choose Nodes. On the displayed page, click the Nodes tab.
                                                                                                                                                                                                                                            3. In the node list, select one or more nodes to be reset and choose More > Reset Node in the Operation column.
                                                                                                                                                                                                                                            4. Set Container Engine to containerd. You can adjust other parameters as required or retain them as set during creation.
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                            5. If the node status is Installing, the node is being reset.
                                                                                                                                                                                                                                              When the node status is Running, you can see that the node version is switched to containerd. You can log in to the node and run containerd commands such as crictl to view information about the containers running on the node.
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                            Procedure for Migrating Nodes in a Custom Node Pool
                                                                                                                                                                                                                                            You can copy a node pool, set the container engine of the new node pool to containerd, and keep other configurations the same as those of the original Docker node pool.
                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                            2. In the navigation pane, choose Nodes. On the Node Pools tab page, locate the Docker node pool to be copied and choose More > Copy in the Operation column.
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                              1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                              2. In the navigation pane, choose Nodes. On the Node Pools tab page, locate the Docker node pool to be copied and choose More > Copy in the Operation column.
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                              3. In the Configurations area, set Container Engine to containerd and modify other parameter settings as needed to create the node pool.
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                              4. Scale the number of created containerd node pools to the number of original Docker node pools and delete nodes from the Docker node pools one by one.
                                                                                                                                                                                                                                                Rolling migration is preferred. That is, add some containerd nodes and then delete some Docker nodes until the number of nodes in the new containerd node pool is the same as that in the original Docker node pool.
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                                If you have configured node affinity for the workloads deployed on the original Docker nodes or node pool, configure affinity policies for the workloads to run on the new containerd nodes or node pool.
                                                                                                                                                                                                                                                
diff --git a/docs/cce/umn/cce_10_0602.html b/docs/cce/umn/cce_10_0602.html
index fa13e3621..7b2855413 100644
--- a/docs/cce/umn/cce_10_0602.html
+++ b/docs/cce/umn/cce_10_0602.html
@@ -2,30 +2,30 @@
 
 
                                                                                                                                                                                                                                                Enabling Overload Control for a Cluster
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                Cluster overload occurs when system load such as request volume or resource usage exceeds the system's processing capacity, leading to degraded performance or system failure. Overload control is a dynamic mechanism that limits concurrent external requests based on the resource pressure of the master node, ensuring the stability and reliability of the master node and the cluster. In a CCE standard or Turbo cluster, you can enable cluster overload control, monitor cluster overload, and configure overload alarms to reduce the risk of cluster overload. For details, see Figure 1.
                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                Figure 1 Process of cluster overload control
                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                Figure 1 Process of cluster overload control
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                Notes and Constraints
                                                                                                                                                                                                                                                The cluster version must be 1.23 or later.
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                Enabling Overload Control
                                                                                                                                                                                                                                                After overload control is enabled, CCE will proportionally reject external traffic based on the overload level when the master node is overloaded. This effectively reduces the load on the master node and ensures the stability and availability of the cluster.
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                Method 1: Enable overload control when creating a cluster.
                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                1. When creating a cluster of v1.23 or later, enable Overload Control in (Optional) Advanced Settings > Cluster Scalability on the Buy Cluster page. After this function is enabled, CCE will dynamically adjust concurrent requests based on the master node's resource pressure to ensure the stability and reliability of the master node and the cluster.
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  1. When creating a cluster of v1.23 or later, enable Overload Control in (Optional) Advanced Settings > Cluster Scalability on the Create Cluster page. After this function is enabled, CCE will dynamically adjust concurrent requests based on the resource demands received by master nodes to ensure the stability and reliability of the master nodes and the cluster.
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                  2. After the cluster is created, click the cluster name. The cluster Overview page is displayed. In the Master Nodes area at the lower right of the page, overload control has been enabled if the following information is displayed: Overload control enabled. An overloaded master node rejects external traffic proportionally based on the overload level.
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  Method 2: Enable overload control in an existing cluster.
                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                  1. Log in to the CCE console and click the name of the cluster of v1.23 or later. The cluster Overview page is displayed.
                                                                                                                                                                                                                                                  2. In the Master Nodes area at the lower right of the page, click Enable.
                                                                                                                                                                                                                                                  3. In the Master Nodes area, overload control has been enabled if the following information is displayed: Overload control enabled. An overloaded master node rejects external traffic proportionally based on the overload level.
                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                    1. Log in to the CCE console and click the name of an existing cluster whose version is v1.23 or later. The cluster Overview page is displayed.
                                                                                                                                                                                                                                                    2. In the Master Nodes area at the lower right of the page, click Enable.
                                                                                                                                                                                                                                                    3. In the Master Nodes area, overload control has been enabled if the following information is displayed: Overload control enabled. An overloaded master node rejects external traffic proportionally based on the overload level.
                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                Overload Monitoring
                                                                                                                                                                                                                                                You can monitor cluster metrics to promptly check the cluster overload status.
                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                1. Log in to the CCE console and click the name of an existing cluster whose version is v1.23 or later.
                                                                                                                                                                                                                                                2. On the Overview page, check the master node information. The overload level metric will be displayed.
                                                                                                                                                                                                                                                  The overload levels are as follows:
                                                                                                                                                                                                                                                  • Circuit breaking: Rejects all external traffic.
                                                                                                                                                                                                                                                  • Severe overload: Rejects 75% external traffic.
                                                                                                                                                                                                                                                  • Moderate overload: Rejects 50% external traffic.
                                                                                                                                                                                                                                                  • Slight overload: Rejects 25% external traffic.
                                                                                                                                                                                                                                                  • Normal: Does not reject external traffic.
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  1. Log in to the CCE console and click the name of an existing cluster whose version is v1.23 or later.
                                                                                                                                                                                                                                                  2. On the Overview page, check the master node information. The overload level metric will be displayed.
                                                                                                                                                                                                                                                    The overload levels are as follows:
                                                                                                                                                                                                                                                    • Circuit breaking: Rejects all external traffic.
                                                                                                                                                                                                                                                    • Severe overload: Rejects 75% external traffic.
                                                                                                                                                                                                                                                    • Moderate overload: Rejects 50% external traffic.
                                                                                                                                                                                                                                                    • Slight overload: Rejects 25% external traffic.
                                                                                                                                                                                                                                                    • Normal: Does not reject external traffic.
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  Disabling Cluster Overload Control
                                                                                                                                                                                                                                                  You can disable overload control when it is no longer needed. After overload control is disabled, the master node will no longer reject external traffic when overloaded. Exercise caution when performing this operation.
                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                  1. Log in to the CCE console and click the name of an existing cluster whose version is v1.23 or later.
                                                                                                                                                                                                                                                  2. In the navigation pane, choose Settings.
                                                                                                                                                                                                                                                  3. On the Cluster Access tab page, disable overload control.
                                                                                                                                                                                                                                                  4. Click OK.
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                  1. Log in to the CCE console and click the name of an existing cluster whose version is v1.23 or later.
                                                                                                                                                                                                                                                  2. In the navigation pane, choose Settings.
                                                                                                                                                                                                                                                  3. On the Cluster Access tab page, disable overload control.
                                                                                                                                                                                                                                                  4. Click OK.
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                Parent topic: Managing a Cluster
                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                Parent topic: Managing Clusters
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                
 
diff --git a/docs/cce/umn/cce_10_0603.html b/docs/cce/umn/cce_10_0603.html
index d0197ae8a..6fbfb0991 100644
--- a/docs/cce/umn/cce_10_0603.html
+++ b/docs/cce/umn/cce_10_0603.html
@@ -1,11 +1,11 @@
 
 
 
                                                                                                                                                                                                                                                Configuring a Static IP Address for a Pod
                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                Application Scenarios
                                                                                                                                                                                                                                                In Cloud Native Network 2.0, each pod is associated with an ENI, providing a static IP address to the StatefulSet pods (container ENI). This is a common practice in access control, service registration, service discovery, and log audit of static IP addresses.
                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                For example, if a StatefulSet service needs to control the access of a cloud database, you can fix the pod IP address of the service and configure the security group of the cloud database to allow only the service IP address to access the database.
                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                Application Scenarios
                                                                                                                                                                                                                                                In Cloud Native Network 2.0, each pod is assigned a VPC network interface with a static IP address. This is particularly applicable to StatefulSet pods. This practice is commonly used for access control, service registration, service discovery, and log auditing.
                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                For example, if a StatefulSet needs to access a cloud database with strict access controls, you can assign static IP addresses to its pods. Then, configure the database's security group to allow access only from those specific pod IP addresses. This ensures that only the StatefulSet can access the database.
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                Notes and Constraints
                                                                                                                                                                                                                                                • You can configure a static IP address for a pod only in CCE Turbo clusters of the following versions:
                                                                                                                                                                                                                                                  • v1.25: v1.25.3-r0 or later
                                                                                                                                                                                                                                                  • v1.25 or later
                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                • Currently, only StatefulSet pods or pods without ownerReferences can be configured with static IP addresses. Deployments, DaemonSets, and other types of workloads cannot be configured with static IP addresses. In addition, pods with hostNetwork configured cannot be configured with static IP addresses.
                                                                                                                                                                                                                                                • Do not configure static IP addresses for services that do not have specific requirements on pod IP addresses. Otherwise, the pod rebuilding takes a longer time and the IP address usage decreases.
                                                                                                                                                                                                                                                • The annotations of the static IP address of the pod object cannot be directly modified. Otherwise, the modification does not take effect in the background. To modify the annotations, modify the annotations configuration in the spec.template field of the corresponding StatefulSet workload.
                                                                                                                                                                                                                                                • If there are no ENIs left on the node where the pod with a static IP address is rebuilt and scheduled (the pre-bound ENIs also occupy the ENI quota), the static IP address ENIs preempt the pre-bound ENIs. In this case, the pod starts slightly slowly. If a node uses a static IP address, properly configure the dynamic pre-binding policy for the node to ensure that not all ENIs are pre-bound.
                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                Notes and Constraints
                                                                                                                                                                                                                                                • You can configure a static IP address for a pod only in CCE Turbo clusters of the following versions:
                                                                                                                                                                                                                                                  • v1.25: v1.25.3-r0 or later
                                                                                                                                                                                                                                                  • Versions later than v1.25
                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                • Currently, only StatefulSet pods or pods without ownerReferences can be configured with static IP addresses. Deployments, DaemonSets, and other types of workloads cannot be configured with static IP addresses. In addition, pods with hostNetwork configured cannot be configured with static IP addresses.
                                                                                                                                                                                                                                                • Do not configure static IP addresses for services that do not have specific requirements on pod IP addresses. Otherwise, the pod rebuilding takes a longer time and the IP address usage decreases.
                                                                                                                                                                                                                                                • The annotations of the static IP address of the pod object cannot be directly modified. Otherwise, the modification does not take effect in the background. To modify the annotations, modify the annotations configuration in the spec.template field of the corresponding StatefulSet workload.
                                                                                                                                                                                                                                                • If there are no available network interfaces left on the node where the rebuilt pod with a static IP address is scheduled (due to pre-bound network interfaces occupying the quota), the network interfaces with static IP addresses will preempt the pre-bound network interfaces. This can cause the pod to start slightly slower. If a node uses a static IP address, properly configure the dynamic pre-binding policy for the node to ensure that not all network interfaces are pre-bound.
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                Using the CCE Console
                                                                                                                                                                                                                                                When creating a workload on the console, you can set the static IP address for a pod in the Advanced Settings > Network Configuration area.
                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                • Whether to enable fixed IP addresses: After the function is enabled, the pod IP address does not change each time the pod is restarted.
                                                                                                                                                                                                                                                • Recycling Interval: Retention period of related IP addresses after the pod is deleted. During this interval, the original pod IP address cannot be used by other pods.
                                                                                                                                                                                                                                                
@@ -68,7 +68,7 @@ spec:
 
 
                                                                                                                                                                                                                                          5m
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Specifies the interval for reclaiming the expired ENI of the static IP address after the pod with a static IP address is deleted.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Specifies the interval for reclaiming the expired network interface with the static IP address after the pod with a static IP address is deleted.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          The time format is Go time type, for example, 1h30m and 5m. For details, see Go time type.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          false
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Specifies whether to disable cascading reclamation of StatefulSet workloads.
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          The default value is false, indicating that the corresponding static IP address ENI will be deleted with the StatefulSet workload. If you want to retain the static IP address for a new StatefulSet with the same name during the interval for reclaiming the expired ENI, set the value to true.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          The default value is false, indicating that the network interface with a static IP address will be deleted with the StatefulSet. If you want to retain the static IP address for a new StatefulSet with the same name during the interval for reclaiming the expired network interface, set the value to true.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          false or true
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Table 1 EVS disk performance specifications
                                                                                                                                                                                                                                          Parameter
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          
-
-
-
-
-
+
-
-
-
-
-
-
+
-
-
-
-
-
-
+
-
-
-
-
-
-
+
-
-
-
-
-
-
+
-
-
-
-
-
-
+
-
-
-
-
-
-
+
-
-
-
-
-
-
+
-
-
-
-
-
-
+
@@ -135,7 +153,7 @@
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Parent topic: Elastic Volume Service
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Parent topic: EVS
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
diff --git a/docs/cce/umn/cce_10_0614.html b/docs/cce/umn/cce_10_0614.html
index 04ea2e7fe..87f985fd5 100644
--- a/docs/cce/umn/cce_10_0614.html
+++ b/docs/cce/umn/cce_10_0614.html
@@ -1,14 +1,14 @@
 
                                                                                                                                                                                                                                          Using an Existing EVS Disk Through a Static PV
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          CCE allows you to create a PV using an existing EVS disk. Then, you can create a PVC and bind it to the PV. This method is suitable for scenarios where underlying storage is available.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          CCE allows you to create a PV using an existing EVS disk. After the PV is created, you can create a PVC and bind it to the PV. This method is suitable for scenarios where underlying storage is available.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Prerequisites
                                                                                                                                                                                                                                          • You have created a cluster and installed the CCE Container Storage (Everest) add-on in the cluster.
                                                                                                                                                                                                                                          • You have created an EVS disk that meets the following requirements:
                                                                                                                                                                                                                                            • The EVS disk cannot be a system disk or shared disk.
                                                                                                                                                                                                                                            • The EVS disk must be of the SCSI type (the default disk type is VBD when you create an EVS disk).
                                                                                                                                                                                                                                            • The EVS disk must be available and not used by other resources.
                                                                                                                                                                                                                                            • The AZ of the EVS disk must be the same as that of the cluster node. Otherwise, the EVS disk cannot be mounted and the pod cannot start.
                                                                                                                                                                                                                                            • If the EVS disk is encrypted, the key must be available.
                                                                                                                                                                                                                                            • EVS disks that have been partitioned are not supported.
                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                          • To create a cluster using commands, ensure kubectl is used. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Notes and Constraints
                                                                                                                                                                                                                                          • EVS disks cannot be attached across AZs and cannot be used by multiple workloads, multiple pods of the same workload, or multiple tasks. Data sharing of a shared disk is not supported between nodes in a CCE cluster. If an EVS disk is attached to multiple nodes, I/O conflicts and data cache conflicts may occur. Therefore, select only one pod when creating a Deployment that uses EVS disks.
                                                                                                                                                                                                                                          • For clusters earlier than v1.19.10, if an HPA policy is used to scale out a workload with EVS volumes mounted, the existing pods cannot be read or written when a new pod is scheduled to another node.
                                                                                                                                                                                                                                            For clusters of v1.19.10 and later, if an HPA policy is used to scale out a workload with EVS volumes mounted, a new pod cannot be started because EVS disks cannot be attached.
                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          Using an Existing EVS Disk on the Console
                                                                                                                                                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                          2. Statically create a PVC and PV.
                                                                                                                                                                                                                                            1. Choose Storage in the navigation pane. In the right pane, click the PVCs tab. Click Create PVC in the upper right corner. In the dialog box displayed, configure PVC parameters.
+
                                                                                                                                                                                                                                              Using an Existing EVS Disk Through the Console
                                                                                                                                                                                                                                              1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                              2. Statically create a PVC and PV.
                                                                                                                                                                                                                                                1. Choose Storage in the navigation pane. In the right pane, click the PVCs tab. Click Create PVC in the upper right corner. In the dialog box displayed, configure PVC parameters.
 
                                                                                                                                                                                                                                          Table 1 EVS disk performance specifications
                                                                                                                                                                                                                                          Parameter
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Extreme SSD
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          General Purpose SSD V2
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          General Purpose SSD
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Extreme SSD
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Ultra-high I/O
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          General Purpose SSD
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          High I/O
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Ultra-high I/O
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Common I/O (Previous Generation Product)
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          High I/O
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Common I/O (Previous Generation Product)
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Max. capacity (GiB)
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Max. capacity (GiB)
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          • System disk: 1,024
                                                                                                                                                                                                                                          • Data disk: 32,768
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          • System disk: 1,024
                                                                                                                                                                                                                                          • Data disk: 32,768
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          • System disk: 1,024
                                                                                                                                                                                                                                          • Data disk: 32,768
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          • System disk: 1,024
                                                                                                                                                                                                                                          • Data disk: 32,768
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          • System disk: 1,024
                                                                                                                                                                                                                                          • Data disk: 32,768
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          • System disk: 1,024
                                                                                                                                                                                                                                          • Data disk: 32,768
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          • System disk: 1,024
                                                                                                                                                                                                                                          • Data disk: 32,768
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          • System disk: 1,024
                                                                                                                                                                                                                                          • Data disk: 32,768
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          • System disk: 1,024
                                                                                                                                                                                                                                          • Data disk: 32,768
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          • System disk: 1,024
                                                                                                                                                                                                                                          • Data disk: 32,768
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          • System disk: 1,024
                                                                                                                                                                                                                                          • Data disk: 32,768
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Max. IOPS
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Max. IOPS
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          128,000
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          128,000
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          20,000
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          128,000
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          50,000
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          20,000
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          5000
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          50,000
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          2200
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          5000
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          2200
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Max. throughput (MiB/s)
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Max. throughput (MiB/s)
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          1000
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          1000
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          250
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          1000
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          350
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          250
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          150
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          350
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          50
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          150
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          50
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Burst IOPS limit
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Burst IOPS limit
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          64,000
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          NA
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          8000
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          64,000
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          16,000
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          8000
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          5000
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          16,000
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          2200
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          5000
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          2200
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Disk IOPS
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Disk IOPS
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Min. (128,000, 1800 + 50 x Capacity)
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Preconfigured ranging from 3000 to 128000 and must be less than or equal to 500 multiplying the capacity (GiB)
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Min. (20,000, 1800 + 12 x Capacity)
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Min. (128,000, 1800 + 50 x Capacity)
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Min. (50,000, 1800 + 50 x Capacity)
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Min. (20,000, 1800 + 12 x Capacity)
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Min. (5000, 1800 + 8 x Capacity)
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Min. (50,000, 1800 + 50 x Capacity)
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Min. (2200, 500 + 2 x Capacity)
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Min. (5000, 1800 + 8 x Capacity)
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Min. (2200, 500 + 2 x Capacity)
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Disk throughput (MiB/s)
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Disk throughput (MiB/s)
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Min. (1000, 120 + 0.5 x Capacity)
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Preconfigured ranging from 125 to 1000 and must be less than or equal to the IOPS divided by 4
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Min. (250, 100 + 0.5 x Capacity)
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Min. (1000, 120 + 0.5 x Capacity)
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Min. (350, 120 + 0.5 x Capacity)
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Min. (250, 100 + 0.5 x Capacity)
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Min. (150, 100 + 0.15 x Capacity)
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Min. (350, 120 + 0.5 x Capacity)
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          50
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Min. (150, 100 + 0.15 x Capacity)
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          50
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Single-queue access latency (ms)
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Single-queue access latency (ms)
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          Sub-millisecond
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          1
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          1
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          Sub-millisecond
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          1
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          1
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          1–3
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          1
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          5–10
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          1–3
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          5–10
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          API name
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          API name
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          ESSD
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          GPSSD2
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          GPSSD
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          ESSD
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          SSD
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          GPSSD
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          SAS
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          SSD
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          SATA
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          SAS
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          SATA
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           
 
 
 
                                                                                                                                                                                                                                          Parameter
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          Description
                                                                                                                                                                                                                                          
@@ -28,7 +28,7 @@
 
                                                                                                                                                                                                                                          Creation Method
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          • If underlying storage is available, create a PV or use an existing PV to statically create a PVC.
                                                                                                                                                                                                                                          • If no underlying storage is available, select Dynamically provision. For details, see Using an EVS Disk Through a Dynamic PV.
                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                          In this example, select Create new to create both a PV and PVC on the console.
                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                          In this example, select Create new to create both a PV and PVC on the console.
                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          PVa
                                                                                                                                                                                                                                          
@@ -65,7 +65,7 @@
 
 
                                                                                                                                                                                                                                        25. Click Create to create a PVC and a PV.
                                                                                                                                                                                                                                          You can choose Storage in the navigation pane and view the created PVC and PV on the PVCs and PVs tab pages, respectively.
                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                          26. 
-
                                                                                                                                                                                                                                        26. Create an application.
                                                                                                                                                                                                                                          1. Choose Workloads in the navigation pane. In the right pane, click the StatefulSets tab.
                                                                                                                                                                                                                                          2. Click Create Workload in the upper right corner. On the displayed page, click Data Storage in the Container Information area under Container Settings and choose Add Volume > PVC.
                                                                                                                                                                                                                                            Mount and use storage volumes, as shown in Table 1. For details about other parameters, see Workloads.
+
                                                                                                                                                                                                                                          3. Create an application.
                                                                                                                                                                                                                                            1. Choose Workloads in the navigation pane. In the right pane, click the StatefulSets tab.
                                                                                                                                                                                                                                            2. Click Create Workload in the upper right corner. On the displayed page, click Data Storage in the Container Information area under Container Settings and choose Add Volume > PVC.
                                                                                                                                                                                                                                              Mount and use storage volumes. For other parameters, see Table 1. For other parameters, see Workloads.
 
                                                                                                                                                                                                                                              Table 1 Mounting a storage volume
                                                                                                                                                                                                                                              Parameter
                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                               		
 
                                                                                                                                                                                                                                              Description
                                                                                                                                                                                                                                              
@@ -132,9 +132,12 @@ spec:
       everest.io/disk-mode: SCSI           # Device type of the EVS disk. Only SCSI is supported.
       everest.io/disk-volume-type: SAS     # EVS disk type
       storage.kubernetes.io/csiProvisionerIdentity: everest-csi-provisioner
-      everest.io/crypt-key-id: <your_key_id>    # (Optional) Encryption key ID. Mandatory for an encrypted disk.
+      everest.io/crypt-key-id: <your_key_id>    # (Optional) Encryption key ID. Mandatory for an encrypted disk.
+      everest.io/disk-iops: '3000'      # (Optional) IOPS of only a GPSSD2 EVS disk
+      everest.io/disk-throughput: '125' # (Optional) Throughput of only a GPSSD2 EVS disk
   persistentVolumeReclaimPolicy: Delete    # Reclaim policy
-  storageClassName: csi-disk              # StorageClass name. The value must be csi-disk for EVS disks.
+  storageClassName: csi-disk              # StorageClass name. The value must be csi-disk for EVS disks.
+  mountOptions: [] # Mount options
 
 
                                                                                                                                                                                                                                              
@@ -190,10 +193,28 @@ spec:
 
-
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                              Table 2 Key parameters
                                                                                                                                                                                                                                              Parameter
                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                               		
 
                                                                                                                                                                                                                                              Yes
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              EVS disk type. All letters are in uppercase.
                                                                                                                                                                                                                                              • SATA: common I/O
                                                                                                                                                                                                                                              • SAS: high I/O
                                                                                                                                                                                                                                              • SSD: ultra-high I/O
                                                                                                                                                                                                                                              • GPSSD: general-purpose SSD
                                                                                                                                                                                                                                              • ESSD: extreme SSD
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                              EVS disk type. All letters are in uppercase.
                                                                                                                                                                                                                                              • SATA: common I/O
                                                                                                                                                                                                                                              • SAS: high I/O
                                                                                                                                                                                                                                              • SSD: ultra-high I/O
                                                                                                                                                                                                                                              • GPSSD: general-purpose SSD
                                                                                                                                                                                                                                              • ESSD: extreme SSD
                                                                                                                                                                                                                                              • GPSSD2: general-purpose SSD v2, which is supported when the Everest version is 2.4.4 or later and the everest.io/disk-iops and everest.io/disk-throughput annotations are configured
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                               		
 
                                                                                                                                                                                                                                              everest.io/disk-iops
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                              No
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                              Preconfigured IOPS, which is supported only by general-purpose SSD v2 EVS disks.
                                                                                                                                                                                                                                              • The IOPS of general-purpose SSD v2 EVS disks ranges from 3000 to 128000, and the maximum value is 500 times of the capacity (GiB).
                                                                                                                                                                                                                                                If the IOPS of general-purpose SSD v2 disks is greater than 3000, extra IOPS will be billed. 
                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                              everest.io/disk-throughput
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                              No
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                              Preconfigured throughput, which is supported only by general-purpose SSD v2 EVS disks.
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                              The value ranges from 125 MiB/s to 1000 MiB/s. The maximum value is a quarter of IOPS.
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                              If the throughput is greater than 125 MiB/s, extra throughput will be billed. 
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              everest.io/crypt-key-id
                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                               		
 
                                                                                                                                                                                                                                              No
                                                                                                                                                                                                                                              
@@ -210,7 +231,7 @@ spec:
 
                                                                                                                                                                                                                                              The Delete and Retain reclaim policies are supported. For details, see PV Reclaim Policy. If high data security is required, select Retain to prevent data from being deleted by mistake.
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              Delete:
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              • If everest.io/reclaim-policy is not specified, both the PV and EVS disk will be deleted when a PVC is deleted.
                                                                                                                                                                                                                                              • If everest.io/reclaim-policy is set to retain-volume-only, when a PVC is deleted, the PV will be deleted but the EVS disk will be retained.
                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                              Retain: When a PVC is deleted, both the PV and underlying storage resources will be retained. You need to manually delete these resources. After the PVC is deleted, the PV is in the Released state and cannot be bound to a PVC again.
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                              Retain: When a PVC is deleted, both the PV and underlying storage resources will be retained. You need to manually delete these resources. After the PVC is deleted, the PV is in the Released state and cannot be bound to a PVC again. If you want to continue to use the underlying storage resources, delete the PV first. Then create another PV and PVC and associate them with the underlying storage resources.
                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                               		
 
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              storageClassName
                                                                                                                                                                                                                                              
@@ -220,6 +241,13 @@ spec:
 
                                                                                                                                                                                                                                              StorageClass name, which is csi-disk for an EVS disk.
                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                               		
 
                                                                                                                                                                                                                                              mountOptions
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                              No
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                              Mount options. For details, see Configuring EVS Mount Options.
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                              
 
 
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              
@@ -232,7 +260,7 @@ metadata:
   namespace: default
   annotations:
       everest.io/disk-volume-type: SAS    # EVS disk type
-    everest.io/crypt-key-id: <your_key_id>    # (Optional) Encryption key ID. Mandatory for an encrypted disk.
+    everest.io/crypt-key-id: <your_key_id>    # (Optional) Encryption key ID. Mandatory for an encrypted disk.
 
   labels:
     failure-domain.beta.kubernetes.io/region: <your_region>   # Region of the node where the application is to be deployed
@@ -421,7 +449,7 @@ spec:
 
 
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                              Parent topic: Elastic Volume Service
                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                              Parent topic: EVS
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                              
 
diff --git a/docs/cce/umn/cce_10_0615.html b/docs/cce/umn/cce_10_0615.html
index 4796352eb..f40257b1b 100644
--- a/docs/cce/umn/cce_10_0615.html
+++ b/docs/cce/umn/cce_10_0615.html
@@ -8,7 +8,7 @@
 
 
                                                                                                                                                                                                                                              • Resource tags can be added to dynamically created EVS disks. After the EVS disks are created, the resource tags cannot be updated on CCE. To update them, go to the EVS console. If you use an existing EVS disk to create a PV, you also need to add or update resource tags on the EVS console.
                                                                                                                                                                                                                                              
 
-
                                                                                                                                                                                                                                              Automatically Creating an EVS Disk on the Console
                                                                                                                                                                                                                                              1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                              2. Dynamically create a PVC and PV.
                                                                                                                                                                                                                                                1. Choose Storage in the navigation pane. In the right pane, click the PVCs tab. Click Create PVC in the upper right corner. In the dialog box displayed, configure PVC parameters.
+
                                                                                                                                                                                                                                                  Dynamically Creating an EVS Disk Using the Console
                                                                                                                                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                  2. Dynamically create a PVC and PV.
                                                                                                                                                                                                                                                    1. Choose Storage in the navigation pane. In the right pane, click the PVCs tab. Click Create PVC in the upper right corner. In the dialog box displayed, configure PVC parameters.
 
                                                                                                                                                                                                                                                      Parameter
                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                      Description
                                                                                                                                                                                                                                                      
@@ -37,7 +37,7 @@
 
                                                                                                                                                                                                                                                       NOTE: 
                                                                                                                                                                                                                                                      If you use the csi-disk (EVS) StorageClass, a PVC and PV will be created immediately. The EVS disk is created with the PV, and then the PVC is bound to the PV.
                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                      If you use the csi-disk-topology (EVS created with a delay) StorageClass, a PV will not be immediately created when a PVC is created. Instead, the pods that will be associated with the PVC are scheduled first, and then the EVS disk and PV are created, and finally the PV is bound to the PVC.
                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                      You can customize a StorageClass and configure its reclaim policy and binding mode. For details, see Creating a StorageClass Using the CCE Console.
                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                      You can customize a StorageClass and configure its reclaim policy and binding mode. For details, see Creating a StorageClass Through the Console.
                                                                                                                                                                                                                                                      
 
 
                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                      (Optional) Storage Volume Name Prefix
                                                                                                                                                                                                                                                      
@@ -57,6 +57,8 @@
 
                                                                                                                                                                                                                                                      Disk Type
                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                      Select an EVS disk type. EVS disk types vary depending on regions. Obtain the available EVS types on the console.
                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                       NOTE: 
                                                                                                                                                                                                                                                      If the Everest version is 2.4.4 or later, general-purpose SSD V2 EVS disks are supported. General-purpose SSD V2 disks allow you to specify the disk IOPS and throughput.
                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                      Capacity (GiB)
                                                                                                                                                                                                                                                      
@@ -77,7 +79,7 @@
 
                                                                                                                                                                                                                                                      Resource Tag
                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                      You can add resource tags to classify resources, which is supported only when the Everest version in the cluster is 2.1.39 or later.
                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                      You can create predefined tags on the TMS console. These tags are available to all resources that support tags. You can use these tags to improve the tag creation and resource migration efficiency. 
                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                      You can create predefined tags on the TMS console. These tags are available to all resources that support tags. You can use these tags to improve the tag creation and resource migration efficiency. 
                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                      CCE automatically creates system tags CCE-Cluster-ID={Cluster ID}, CCE-Cluster-Name={Cluster name}, and CCE-Namespace={Namespace name}. These tags cannot be modified.
                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                       NOTE: 
                                                                                                                                                                                                                                                      After a dynamic PV of the EVS type is created, the resource tags cannot be updated on the CCE console. To update these resource tags, go to the EVS console.
                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                      
@@ -88,7 +90,7 @@
 
 
                                                                                                                                                                                                                                                    2. Click Create.
                                                                                                                                                                                                                                                      You can choose Storage in the navigation pane and view the created PVC and PV on the PVCs and PVs tab pages, respectively.
                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                      3. 
-
                                                                                                                                                                                                                                                    3. Create an application.
                                                                                                                                                                                                                                                      1. Choose Workloads in the navigation pane. In the right pane, click the StatefulSets tab.
                                                                                                                                                                                                                                                      2. Click Create Workload in the upper right corner. On the displayed page, click Data Storage in the Container Information area under Container Settings and choose Add Volume > PVC.
                                                                                                                                                                                                                                                        Mount and use storage volumes, as shown in Table 1. For details about other parameters, see Workloads.
+
                                                                                                                                                                                                                                                      3. Create an application.
                                                                                                                                                                                                                                                        1. Choose Workloads in the navigation pane. In the right pane, click the StatefulSets tab.
                                                                                                                                                                                                                                                        2. Click Create Workload in the upper right corner. On the displayed page, click Data Storage in the Container Information area under Container Settings and choose Add Volume > PVC.
                                                                                                                                                                                                                                                          Mount and use storage volumes. For other parameters, see Table 1. For other parameters, see Workloads.
 
                                                                                                                                                                                                                                                          
-
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                          Table 1 Mounting a storage volume
                                                                                                                                                                                                                                                          Parameter
                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                          Description
                                                                                                                                                                                                                                                          
@@ -132,16 +134,18 @@
 
 
                                                                                                                                                                                                                                                          
 
-
                                                                                                                                                                                                                                                          Automatically Creating an EVS Volume Through kubectl
                                                                                                                                                                                                                                                          1. Use kubectl to access the cluster.
                                                                                                                                                                                                                                                          2. Use StorageClass to dynamically create a PVC and PV.
                                                                                                                                                                                                                                                            1. Create the pvc-evs-auto.yaml file.
                                                                                                                                                                                                                                                              apiVersion: v1
+
                                                                                                                                                                                                                                                              Dynamically Creating an EVS Disk Using kubectl
                                                                                                                                                                                                                                                              1. Use kubectl to access the cluster.
                                                                                                                                                                                                                                                              2. Use StorageClass to dynamically create a PVC and PV.
                                                                                                                                                                                                                                                                1. Create the pvc-evs-auto.yaml file.
                                                                                                                                                                                                                                                                  apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
   name: pvc-evs-auto
   namespace: default
   annotations:
       everest.io/disk-volume-type: SAS    # EVS disk type
-    everest.io/crypt-key-id: <your_key_id>    # (Optional) Encryption key ID. Mandatory for an encrypted disk.
-    everest.io/disk-volume-tags: '{"key1":"value1","key2":"value2"}' # (Optional) Custom resource tags
+    everest.io/crypt-key-id: <your_key_id>    # (Optional) Encryption key ID. Mandatory for an encrypted disk.
+    everest.io/disk-volume-tags: '{"key1":"value1","key2":"value2"}' # (Optional) Custom resource tags
     csi.storage.k8s.io/fstype: xfs    # (Optional) The file system is of the xfs type. If it is left blank, ext4 will be used by default.
+    everest.io/disk-iops: '3000'      # (Optional) IOPS of only a GPSSD2 EVS disk
+    everest.io/disk-throughput: '125' # (Optional) Throughput of only a GPSSD2 EVS disk
     everest.io/csi.volume-name-prefix: test  # (Optional) Storage volume name prefix of the automatically created underlying storage
   labels:
     failure-domain.beta.kubernetes.io/region: <your_region>   # Region of the node where the application is to be deployed
@@ -182,10 +186,28 @@ spec:
 
 
                                                                                                                                                                                                                                                          Yes
                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                          EVS disk type. All letters are in uppercase.
                                                                                                                                                                                                                                                          • SATA: common I/O
                                                                                                                                                                                                                                                          • SAS: high I/O
                                                                                                                                                                                                                                                          • SSD: ultra-high I/O
                                                                                                                                                                                                                                                          • GPSSD: general-purpose SSD
                                                                                                                                                                                                                                                          • ESSD: extreme SSD
                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                          EVS disk type. All letters are in uppercase.
                                                                                                                                                                                                                                                          • SATA: common I/O
                                                                                                                                                                                                                                                          • SAS: high I/O
                                                                                                                                                                                                                                                          • SSD: ultra-high I/O
                                                                                                                                                                                                                                                          • GPSSD: general-purpose SSD
                                                                                                                                                                                                                                                          • ESSD: extreme SSD
                                                                                                                                                                                                                                                          • GPSSD2: general-purpose SSD v2, which is supported when the Everest version is 2.4.4 or later and the everest.io/disk-iops and everest.io/disk-throughput annotations are configured
                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                          everest.io/disk-iops
                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                          No
                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                          Preconfigured IOPS, which is supported only by general-purpose SSD v2 EVS disks.
                                                                                                                                                                                                                                                          • The IOPS of general-purpose SSD v2 EVS disks ranges from 3000 to 128000, and the maximum value is 500 times of the capacity (GiB).
                                                                                                                                                                                                                                                            If the IOPS of general-purpose SSD v2 disks is greater than 3000, extra IOPS will be billed. 
                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                          everest.io/disk-throughput
                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                          No
                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                          Preconfigured throughput, which is supported only by general-purpose SSD v2 EVS disks.
                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                          The value ranges from 125 MiB/s to 1000 MiB/s. The maximum value is a quarter of IOPS.
                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                          If the throughput is greater than 125 MiB/s, extra throughput will be billed.
                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                          everest.io/crypt-key-id
                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                          No
                                                                                                                                                                                                                                                          
@@ -358,7 +380,7 @@ spec:
 
 
                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                          Parent topic: Elastic Volume Service
                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                          Parent topic: EVS
                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                          
 
diff --git a/docs/cce/umn/cce_10_0616.html b/docs/cce/umn/cce_10_0616.html
index 6a48c0478..9bb651bf9 100644
--- a/docs/cce/umn/cce_10_0616.html
+++ b/docs/cce/umn/cce_10_0616.html
@@ -7,7 +7,7 @@
 
 
                                                                                                                                                                                                                                                          Prerequisites
                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                          Dynamically Mounting an EVS Disk on the Console
                                                                                                                                                                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                          2. Choose Workloads in the navigation pane. In the right pane, click the StatefulSets tab.
                                                                                                                                                                                                                                                          3. Click Create Workload in the upper right corner. On the displayed page, click Data Storage in the Container Information area under Container Settings and choose Add Volume > VCT.
                                                                                                                                                                                                                                                          4. Click Create PVC. In the dialog box displayed, configure PVC parameters.
                                                                                                                                                                                                                                                            Click Create.
+
                                                                                                                                                                                                                                                            Dynamically Mounting an EVS Disk Using the Console
                                                                                                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                            2. Choose Workloads in the navigation pane. In the right pane, click the StatefulSets tab.
                                                                                                                                                                                                                                                            3. Click Create Workload in the upper right corner. On the displayed page, click Data Storage in the Container Information area under Container Settings and choose Add Volume > VCT.
                                                                                                                                                                                                                                                            4. Click Create PVC. In the dialog box displayed, configure PVC parameters.
                                                                                                                                                                                                                                                              Click Create.
 
                                                                                                                                                                                                                                                              
-
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                              Parameter
                                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                                               		
 
                                                                                                                                                                                                                                                              Description
                                                                                                                                                                                                                                                              
@@ -35,7 +35,7 @@
 
                                                                                                                                                                                                                                                               NOTE: 
                                                                                                                                                                                                                                                              If you use the csi-disk (EVS) StorageClass, a PVC and PV will be created immediately. The EVS disk is created with the PV, and then the PVC is bound to the PV.
                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                              If you use the csi-disk-topology (EVS created with a delay) StorageClass, a PV will not be immediately created when a PVC is created. Instead, the pods that will be associated with the PVC are scheduled first, and then the EVS disk and PV are created, and finally the PV is bound to the PVC.
                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                              You can customize a StorageClass and configure its reclaim policy and binding mode. For details, see Creating a StorageClass Using the CCE Console.
                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                              You can customize a StorageClass and configure its reclaim policy and binding mode. For details, see Creating a StorageClass Through the Console.
                                                                                                                                                                                                                                                              
 
 
                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                              (Optional) Storage Volume Name Prefix
                                                                                                                                                                                                                                                              
@@ -55,6 +55,8 @@
 
                                                                                                                                                                                                                                                              Disk Type
                                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                                               		
 
                                                                                                                                                                                                                                                              Select an EVS disk type. EVS disk types vary depending on regions. Obtain the available EVS types on the console.
                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                               NOTE: 
                                                                                                                                                                                                                                                              If the Everest version is 2.4.4 or later, general-purpose SSD V2 EVS disks are supported. General-purpose SSD V2 disks allow you to specify the disk IOPS and throughput.
                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                                               		
 
                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                              Capacity (GiB)
                                                                                                                                                                                                                                                              
@@ -75,7 +77,7 @@
 
                                                                                                                                                                                                                                                              Resource Tag
                                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                                               		
 
                                                                                                                                                                                                                                                              You can add resource tags to classify resources, which is supported only when the Everest version in the cluster is 2.1.39 or later.
                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                              You can create predefined tags on the TMS console. These tags are available to all resources that support tags. You can use these tags to improve the tag creation and resource migration efficiency. 
                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                              You can create predefined tags on the TMS console. These tags are available to all resources that support tags. You can use these tags to improve the tag creation and resource migration efficiency. 
                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                              CCE automatically creates system tags CCE-Cluster-ID={Cluster ID}, CCE-Cluster-Name={Cluster name}, and CCE-Namespace={Namespace name}. These tags cannot be modified.
                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                               NOTE: 
                                                                                                                                                                                                                                                              After a dynamic PV of the EVS type is created, the resource tags cannot be updated on the CCE console. To update these resource tags, go to the EVS console.
                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                              
@@ -118,7 +120,7 @@
 
                                                                                                                                                                                                                                                            5. Dynamically mount and use storage volumes. For details about other parameters, see Creating a StatefulSet. After the configuration, click Create Workload.
                                                                                                                                                                                                                                                              After the workload is created, the data in the container mount directory will be persistently stored. Verify the storage by referring to Verifying Data Persistence.
                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                              6. 
 
-
                                                                                                                                                                                                                                                              Dynamically Mounting an EVS Volume Through kubectl
                                                                                                                                                                                                                                                              1. Use kubectl to access the cluster.
                                                                                                                                                                                                                                                              2. Create a file named statefulset-evs.yaml. In this example, the EVS volume is mounted to the /data path.
                                                                                                                                                                                                                                                                apiVersion: apps/v1
+
                                                                                                                                                                                                                                                                Dynamically Mounting an EVS Disk Using kubectl
                                                                                                                                                                                                                                                                1. Use kubectl to access the cluster.
                                                                                                                                                                                                                                                                2. Create a file named statefulset-evs.yaml. In this example, the EVS volume is mounted to the /data path.
                                                                                                                                                                                                                                                                  apiVersion: apps/v1
 kind: StatefulSet
 metadata:
   name: statefulset-evs
@@ -150,9 +152,11 @@ spec:
         namespace: default
         annotations:
           everest.io/disk-volume-type: SAS    # EVS disk type
-          everest.io/crypt-key-id: <your_key_id>    # (Optional) Encryption key ID. Mandatory for an encrypted disk.
-          everest.io/disk-volume-tags: '{"key1":"value1","key2":"value2"}' # (Optional) Custom resource tags
+          everest.io/crypt-key-id: <your_key_id>    # (Optional) Encryption key ID. Mandatory for an encrypted disk.
+          everest.io/disk-volume-tags: '{"key1":"value1","key2":"value2"}' # (Optional) Custom resource tags
           csi.storage.k8s.io/fstype: xfs    # (Optional) The file system is of the xfs type. If it is left blank, ext4 will be used by default.
+          everest.io/disk-iops: '3000'      # (Optional) IOPS of only a GPSSD2 EVS disk
+          everest.io/disk-throughput: '125' # (Optional) Throughput of only a GPSSD2 EVS disk
           everest.io/csi.volume-name-prefix: test  # (Optional) Storage volume name prefix of the automatically created underlying storage
         labels:
           failure-domain.beta.kubernetes.io/region: <your_region>   # Region of the node where the application is to be deployed
@@ -212,10 +216,28 @@ spec:
 
                                                                                                                                                                                                                                                              		
 
                                                                                                                                                                                                                                                              Yes
                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                              EVS disk type. All letters are in uppercase.
                                                                                                                                                                                                                                                              • SATA: common I/O
                                                                                                                                                                                                                                                              • SAS: high I/O
                                                                                                                                                                                                                                                              • SSD: ultra-high I/O
                                                                                                                                                                                                                                                              • GPSSD: general-purpose SSD
                                                                                                                                                                                                                                                              • ESSD: extreme SSD
                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                              EVS disk type. All letters are in uppercase.
                                                                                                                                                                                                                                                              • SATA: common I/O
                                                                                                                                                                                                                                                              • SAS: high I/O
                                                                                                                                                                                                                                                              • SSD: ultra-high I/O
                                                                                                                                                                                                                                                              • GPSSD: general-purpose SSD
                                                                                                                                                                                                                                                              • ESSD: extreme SSD
                                                                                                                                                                                                                                                              • GPSSD2: general-purpose SSD v2, which is supported when the Everest version is 2.4.4 or later and the everest.io/disk-iops and everest.io/disk-throughput annotations are configured
                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                                               		
 
                                                                                                                                                                                                                                                              everest.io/disk-iops
                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                              No
                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                              Preconfigured IOPS, which is supported only by general-purpose SSD v2 EVS disks.
                                                                                                                                                                                                                                                              • The IOPS of general-purpose SSD v2 EVS disks ranges from 3000 to 128000, and the maximum value is 500 times of the capacity (GiB).
                                                                                                                                                                                                                                                                If the IOPS of general-purpose SSD v2 disks is greater than 3000, extra IOPS will be billed. 
                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                              everest.io/disk-throughput
                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                              No
                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                              Preconfigured throughput, which is supported only by general-purpose SSD v2 EVS disks.
                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                              The value ranges from 125 MiB/s to 1000 MiB/s. The maximum value is a quarter of IOPS.
                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                              If the throughput is greater than 125 MiB/s, extra throughput will be billed. For details, see .
                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                              everest.io/crypt-key-id
                                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                                               		
 
                                                                                                                                                                                                                                                              No
                                                                                                                                                                                                                                                              
@@ -339,7 +361,7 @@ statefulset-evs-1          1/1     Running   0             28s
 
 
                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                              Parent topic: Elastic Volume Service
                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                              Parent topic: EVS
                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                              
 
diff --git a/docs/cce/umn/cce_10_0617.html b/docs/cce/umn/cce_10_0617.html
index 081483cbd..f075cae23 100644
--- a/docs/cce/umn/cce_10_0617.html
+++ b/docs/cce/umn/cce_10_0617.html
@@ -1,6 +1,6 @@
 
 
-
                                                                                                                                                                                                                                                              Overview
                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                              SFS Overview
                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                              Introduction
                                                                                                                                                                                                                                                              CCE allows you to mount a volume created from a Scalable File Service (SFS) file system to a container to store data persistently. SFS volumes are commonly used in ReadWriteMany scenarios for large-capacity expansion and cost-sensitive services, such as media processing, content management, big data analysis, and workload process analysis. For services with massive volume of small files, SFS Turbo file systems are recommended.
                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                              Expandable to petabytes, SFS provides fully hosted shared file storage, highly available and stable to handle data- and bandwidth-intensive applications
                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                              • Standard file protocols: You can mount file systems as volumes to servers, the same as using local directories.
                                                                                                                                                                                                                                                              • Data sharing: The same file system can be mounted to multiple servers, so that data can be shared.
                                                                                                                                                                                                                                                              • Private network: Users can access data only in private networks of data centers.
                                                                                                                                                                                                                                                              • Capacity and performance: The capacity of a single file system is high (PB level) and the performance is excellent (ms-level I/O latency).
                                                                                                                                                                                                                                                              • Use cases: Deployments/StatefulSets in the ReadWriteMany mode and jobs created for high-performance computing (HPC), media processing, content management, web services, big data analysis, and workload process analysis
                                                                                                                                                                                                                                                              
@@ -43,7 +43,7 @@
 
                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                              Parent topic: Scalable File Service
                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                              Parent topic: SFS
                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                              
 
diff --git a/docs/cce/umn/cce_10_0619.html b/docs/cce/umn/cce_10_0619.html
index 93cf093e8..d001e3dd3 100644
--- a/docs/cce/umn/cce_10_0619.html
+++ b/docs/cce/umn/cce_10_0619.html
@@ -1,13 +1,13 @@
 
 
 
                                                                                                                                                                                                                                                              Using an Existing SFS File System Through a Static PV
                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                              SFS is a network-attached storage (NAS) that provides shared, scalable, and high-performance file storage. It applies to large-capacity expansion and cost-sensitive services. This section describes how to use an existing SFS file system to statically create PVs and PVCs for data persistence and sharing in workloads.
                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                              SFS is a type of network-attached storage (NAS) that provides shared, scalable, and high-performance file storage. It applies to large-capacity expansion and cost-sensitive services. This section describes how to use an existing SFS file system to statically create PVs and PVCs for data persistence and sharing in workloads.
                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                              Prerequisites
                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                              Notes and Constraints
                                                                                                                                                                                                                                                              • Multiple PVs can use the same SFS or SFS Turbo file system with the following restrictions:
                                                                                                                                                                                                                                                                • Do not mount multiple PVCs or PVs that use the same underlying SFS or SFS Turbo volume to a single pod. Doing so will cause pod startup failures, as not all PVCs can be mounted due to identical volumeHandle value.
                                                                                                                                                                                                                                                                • The persistentVolumeReclaimPolicy parameter in the PVs must be set to Retain. Otherwise, when a PV is deleted, the associated underlying volume may be deleted. In this case, other PVs associated with the underlying volume malfunction.
                                                                                                                                                                                                                                                                • When the underlying volume is repeatedly used, enable isolation and protection for ReadWriteMany at the application layer to prevent data overwriting and loss.
                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                Notes and Constraints
                                                                                                                                                                                                                                                                • Multiple PVs can use the same SFS or SFS Turbo file system with the following restrictions:
                                                                                                                                                                                                                                                                  • If a pod mounts an SFS or SFS Turbo volume used by multiple PVCs/PVs, and the PVs have identical volumeHandle values, the pod may fail to start. To avoid this issue, do not mount the same SFS or SFS Turbo file system to the same pod.
                                                                                                                                                                                                                                                                  • The persistentVolumeReclaimPolicy parameter in the PVs must be set to Retain. Otherwise, when a PV is deleted, the associated underlying volume may be deleted. In this case, other PVs associated with the underlying volume malfunction.
                                                                                                                                                                                                                                                                  • When the underlying volume is repeatedly used, enable isolation and protection for ReadWriteMany at the application layer to prevent data overwriting and loss.
                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                Using an Existing SFS File System on the Console
                                                                                                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                2. Statically create a PVC and PV.
                                                                                                                                                                                                                                                                  1. Choose Storage in the navigation pane. In the right pane, click the PVCs tab. Click Create PVC in the upper right corner. In the dialog box displayed, configure PVC parameters.
+
                                                                                                                                                                                                                                                                    Using an Existing SFS File System on the Console
                                                                                                                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                    2. Statically create a PVC and PV.
                                                                                                                                                                                                                                                                      1. Choose Storage in the navigation pane. In the right pane, click the PVCs tab. Click Create PVC in the upper right corner. In the dialog box displayed, configure PVC parameters.
 
                                                                                                                                                                                                                                                                        Parameter
                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                        Description
                                                                                                                                                                                                                                                                        
@@ -71,7 +71,7 @@
 
 
                                                                                                                                                                                                                                                                      2. Click Create to create a PVC and a PV.
                                                                                                                                                                                                                                                                        You can choose Storage in the navigation pane and view the created PVC and PV on the PVCs and PVs tab pages, respectively.
                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                        3. 
-
                                                                                                                                                                                                                                                                      3. Create an application.
                                                                                                                                                                                                                                                                        1. Choose Workloads in the navigation pane. In the right pane, click the Deployments tab.
                                                                                                                                                                                                                                                                        2. Click Create Workload in the upper right corner. On the displayed page, click Data Storage in the Container Information area under Container Settings and choose Add Volume > PVC.
                                                                                                                                                                                                                                                                          Mount and use storage volumes, as shown in Table 1. For details about other parameters, see Workloads.
+
                                                                                                                                                                                                                                                                        3. Create an application.
                                                                                                                                                                                                                                                                          1. Choose Workloads in the navigation pane. In the right pane, click the Deployments tab.
                                                                                                                                                                                                                                                                          2. Click Create Workload in the upper right corner. On the displayed page, click Data Storage in the Container Information area under Container Settings and choose Add Volume > PVC.
                                                                                                                                                                                                                                                                            Mount and use storage volumes. For details about the parameters, see Table 1. For other parameters, see Workloads.
 
                                                                                                                                                                                                                                                                            
-
-
                                                                                                                                                                                                                                                                            Table 1 Mounting a storage volume
                                                                                                                                                                                                                                                                            Parameter
                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                             		
 
                                                                                                                                                                                                                                                                            Description
                                                                                                                                                                                                                                                                            
@@ -111,24 +111,24 @@
 
 
                                                                                                                                                                                                                                                                            
 
-
                                                                                                                                                                                                                                                                            Using an Existing SFS Capacity-Oriented File System Through kubectl
                                                                                                                                                                                                                                                                            1. Use kubectl to access the cluster.
                                                                                                                                                                                                                                                                            2. Create a PV.
                                                                                                                                                                                                                                                                              1. Create the pv-sfs.yaml file.
                                                                                                                                                                                                                                                                                Example:
                                                                                                                                                                                                                                                                                apiVersion: v1
+
                                                                                                                                                                                                                                                                                Using an Existing SFS Capacity-Oriented File System Through kubectl
                                                                                                                                                                                                                                                                                1. Use kubectl to access the cluster.
                                                                                                                                                                                                                                                                                2. Create a PV.
                                                                                                                                                                                                                                                                                  1. Create the pv-sfs.yaml file.
                                                                                                                                                                                                                                                                                    Example:
                                                                                                                                                                                                                                                                                    apiVersion: v1
 kind: PersistentVolume
 metadata:
   annotations:
     pv.kubernetes.io/provisioned-by: everest-csi-provisioner
     everest.io/reclaim-policy: retain-volume-only      # (Optional) The underlying volume is retained when the PV is deleted.
-  name: pv-sfs    # PV name
+  name: pv-sfs    # PV name
 spec:
   accessModes:
-  - ReadWriteMany      # Access mode. The value must be ReadWriteMany for SFS.
+  - ReadWriteMany      # Access mode. The value must be ReadWriteMany for SFS.
   capacity:
-    storage: 1Gi     # SFS volume capacity
+    storage: 1Gi       # Storage capacity. This parameter is only for verification. It must not be empty or 0, but the specified size will not take effect.
   csi:
     driver: nas.csi.everest.io    # Dependent storage driver for the mounting
     fsType: nfs
     volumeHandle: <your_volume_id>   # SFS Capacity-Oriented volume ID
     volumeAttributes:
-      everest.io/share-export-location: <your_location>  # Shared path of the SFS volume
+      everest.io/share-export-location: <your_location>  # Shared path of the SFS volume
       storage.kubernetes.io/csiProvisionerIdentity: everest-csi-provisioner
   persistentVolumeReclaimPolicy: Retain    # Reclaim policy
   storageClassName: csi-nas               # StorageClass name. csi-nas indicates that SFS Capacity-Oriented is used.
@@ -147,8 +147,8 @@ spec:
 
 
                                                                                                                                                                                                                                                                            No
                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                            Only retain-volume-only is supported.
                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                            This parameter is valid only when the Everest version is 1.2.9 or later and the reclaim policy is Delete. If the reclaim policy is Delete and the current value is retain-volume-only, the associated PV is deleted while the underlying storage volume is retained, when a PVC is deleted.
                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                            Only retain-volume-only is supported.
                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                            This parameter is valid only when the Everest version is 1.2.9 or later and the reclaim policy is Delete. If the reclaim policy is Delete and the current value is retain-volume-only, the associated PV is deleted while the underlying storage volume is retained, when a PVC is deleted.
                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                             		
 
                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                            volumeHandle
                                                                                                                                                                                                                                                                            
@@ -164,7 +164,7 @@ spec:
 
                                                                                                                                                                                                                                                                            Yes
                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                             		
 
                                                                                                                                                                                                                                                                            Shared path of the file system.
                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                            On the management console, choose Service List > Storage > Scalable File Service. You can obtain the shared path of the file system from the Mount Address column.
                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                            On the management console, choose Service List > Storage > Scalable File Service. In the navigation pane, choose SFS Turbo > File Systems. You can obtain the shared path of the file system.
                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                             		
 
                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                            mountOptions
                                                                                                                                                                                                                                                                            
@@ -185,9 +185,9 @@ spec:
 
                                                                                                                                                                                                                                                                            Yes
                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                             		
 
                                                                                                                                                                                                                                                                            A reclaim policy is supported when the cluster version is or later than 1.19.10 and the Everest version is or later than 1.2.9.
                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                            The Delete and Retain reclaim policies are supported. For details, see PV Reclaim Policy. If multiple PVs use the same SFS volume, use Retain to prevent the underlying volume from being deleted with a PV.
                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                            Retain: When a PVC is deleted, both the PV and underlying storage resources will be retained. You need to manually delete these resources. After the PVC is deleted, the PV is in the Released state and cannot be bound to a PVC again.
                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                            Delete: When a PVC is deleted, its PV will also be deleted.
                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                            The Delete and Retain reclaim policies are supported. For details, see PV Reclaim Policy. If multiple PVs use the same SFS volume, use Retain to prevent the underlying volume from being deleted with a PV.
                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                            Retain: When a PVC is deleted, the PV and the associated underlying storage resources are retained. The PV changes to the Released state and cannot be bound to another PVC. If you want to continue using the underlying storage resources, delete the existing PV first. Then, create a new PV and PVC and associate them with the underlying storage resources.
                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                            Delete: When a PVC is deleted, its associated underlying storage resources are deleted and the PV resources are removed. Exercise caution if you select this option.
                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                             		
 
                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                            storage
                                                                                                                                                                                                                                                                            
@@ -209,7 +209,7 @@ spec:
 
 
                                                                                                                                                                                                                                                                          3. Run the following command to create a PV:
                                                                                                                                                                                                                                                                            kubectl apply -f pv-sfs.yaml
                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                            4. 
-
                                                                                                                                                                                                                                                                          4. Create a PVC.
                                                                                                                                                                                                                                                                            1. Create the pvc-sfs.yaml file.
                                                                                                                                                                                                                                                                              apiVersion: v1
+
                                                                                                                                                                                                                                                                            2. Create a PVC.
                                                                                                                                                                                                                                                                              1. Create the pvc-sfs.yaml file.
                                                                                                                                                                                                                                                                                apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
   name: pvc-sfs
@@ -218,7 +218,7 @@ metadata:
     volume.beta.kubernetes.io/storage-provisioner: everest-csi-provisioner
 spec:
   accessModes:
-  - ReadWriteMany               # The value must be ReadWriteMany for SFS.
+  - ReadWriteMany               # The value must be ReadWriteMany for SFS.
   resources:
     requests:
       storage: 1Gi               # SFS volume capacity
@@ -260,7 +260,7 @@ spec:
 
 
                                                                                                                                                                                                                                                                              2. Run the following command to create a PVC:
                                                                                                                                                                                                                                                                                kubectl apply -f pvc-sfs.yaml
                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                            3. Create an application.
                                                                                                                                                                                                                                                                              1. Create a file named web-demo.yaml. In this example, the SFS volume is mounted to the /data path.
                                                                                                                                                                                                                                                                                apiVersion: apps/v1
+
                                                                                                                                                                                                                                                                              2. Create an application.
                                                                                                                                                                                                                                                                                1. Create a file named web-demo.yaml. In this example, the SFS volume is mounted to the /data path.
                                                                                                                                                                                                                                                                                  apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: web-demo
@@ -279,14 +279,14 @@ spec:
       - name: container-1
         image: nginx:latest
         volumeMounts:
-        - name: pvc-sfs-volume    # Volume name, which must be the same as the volume name in the volumes field
+        - name: pvc-sfs-volume    # Volume name, which must be the same as the volume name in the volumes field
           mountPath: /data  # Location where the storage volume is mounted
       imagePullSecrets:
         - name: default-secret
       volumes:
         - name: pvc-sfs-volume    # Volume name, which can be customized
           persistentVolumeClaim:
-            claimName: pvc-sfs    # Name of the created PVC
                                                                                                                                                                                                                                                                                  
+            claimName: pvc-sfs    # Name of the created PVC
 
                                                                                                                                                                                                                                                                                2. Run the following command to create a workload to which the SFS volume is mounted:
                                                                                                                                                                                                                                                                                  kubectl apply -f web-demo.yaml
                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                  After the workload is created, the data in the container mount directory will be persistently stored. Verify the storage by referring to Verifying Data Persistence and Sharing.
                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                
@@ -296,7 +296,7 @@ spec:
 
                                                                                                                                                                                                                                                                                Expected output:
                                                                                                                                                                                                                                                                                web-demo-846b489584-mjhm9   1/1     Running   0             46s
 web-demo-846b489584-wvv5s   1/1     Running   0             46s
                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                              3. Run the following commands in sequence to view the files in the /data path of the pods:
                                                                                                                                                                                                                                                                                kubectl exec web-demo-846b489584-mjhm9 -- ls /data
+
                                                                                                                                                                                                                                                                              4. Run the following commands in sequence to check the files in the /data path of the pods:
                                                                                                                                                                                                                                                                                kubectl exec web-demo-846b489584-mjhm9 -- ls /data
 kubectl exec web-demo-846b489584-wvv5s -- ls /data
                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                If no result is returned for both pods, no file exists in the /data path.
                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                              
@@ -348,7 +348,7 @@ static
 
                                                                                                                                                                                                                                                                            		5. 
 
                                                                                                                                                                                                                                                                            Create a PV on the CCE console.
                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                            1. Choose Storage in the navigation pane. In the right pane, click the PVs tab. Click Create PersistentVolume in the upper right corner. In the dialog box displayed, configure parameters.
                                                                                                                                                                                                                                                                              • Volume Type: Select SFS.
                                                                                                                                                                                                                                                                              • SFS: Click Select SFS. On the displayed page, select the SFS file system that meets your requirements and click OK.
                                                                                                                                                                                                                                                                              • PV Name: Enter the PV name, which must be unique in a cluster.
                                                                                                                                                                                                                                                                              • Access Mode: SFS volumes support only ReadWriteMany, indicating that a storage volume can be mounted to multiple nodes in read/write mode. For details, see Volume Access Modes.
                                                                                                                                                                                                                                                                              • Reclaim Policy: Delete or Retain is supported. For details, see PV Reclaim Policy.
                                                                                                                                                                                                                                                                                 NOTE: 
                                                                                                                                                                                                                                                                                If multiple PVs use the same underlying storage volume, use Retain to prevent the underlying volume from being deleted with a PV.
                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                            1. Choose Storage in the navigation pane. In the right pane, click the PVs tab. Click Create PV in the upper right corner. In the dialog box displayed, configure parameters.
                                                                                                                                                                                                                                                                              • Volume Type: Select SFS.
                                                                                                                                                                                                                                                                              • SFS: Click Select SFS. On the displayed page, select the SFS file system that meets your requirements and click OK.
                                                                                                                                                                                                                                                                              • PV Name: Enter the PV name, which must be unique in a cluster.
                                                                                                                                                                                                                                                                              • Access Mode: SFS volumes support only ReadWriteMany, indicating that a storage volume can be mounted to multiple nodes in read/write mode. For details, see Volume Access Modes.
                                                                                                                                                                                                                                                                              • Reclaim Policy: Delete or Retain is supported. For details, see PV Reclaim Policy.
                                                                                                                                                                                                                                                                                 NOTE: 
                                                                                                                                                                                                                                                                                If multiple PVs use the same underlying storage volume, use Retain to prevent the underlying volume from being deleted with a PV.
                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                              • Mount Options: Enter the mounting parameter key-value pairs. For details, see Configuring SFS Volume Mount Options.
                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                            2. Click Create.
                                                                                                                                                                                                                                                                            
@@ -376,7 +376,7 @@ static
 
 
                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                            Parent topic: Scalable File Service
                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                            Parent topic: SFS
                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                            
 
diff --git a/docs/cce/umn/cce_10_0620.html b/docs/cce/umn/cce_10_0620.html
index d4567d7c1..b7f05153c 100644
--- a/docs/cce/umn/cce_10_0620.html
+++ b/docs/cce/umn/cce_10_0620.html
@@ -1,10 +1,10 @@
 
 
 
                                                                                                                                                                                                                                                                            Using an SFS File System Through a Dynamic PV
                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                            This section describes how to use storage classes to dynamically create PVs and PVCs for data persistence and sharing in workloads.
                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                            This section describes how to use StorageClasses to dynamically create PVs and PVCs for data persistence and sharing in workloads.
                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                            Prerequisites
                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                            Automatically Creating an SFS File System on the Console
                                                                                                                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                            2. Dynamically create a PVC and PV.
                                                                                                                                                                                                                                                                              1. Choose Storage in the navigation pane. In the right pane, click the PVCs tab. Click Create PVC in the upper right corner. In the dialog box displayed, configure PVC parameters.
+
                                                                                                                                                                                                                                                                                Dynamically Creating an SFS file system Using the Console
                                                                                                                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                2. Dynamically create a PVC and PV.
                                                                                                                                                                                                                                                                                  1. Choose Storage in the navigation pane. In the right pane, click the PVCs tab. Click Create PVC in the upper right corner. In the dialog box displayed, configure PVC parameters.
 
                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                    Description
                                                                                                                                                                                                                                                                                    
@@ -29,8 +29,8 @@
 
                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                    Storage Classes
                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                    The default StorageClass of SFS volumes is csi-nas.
                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                    You can customize a StorageClass and configure its reclaim policy and binding mode. For details, see Creating a StorageClass Using the CCE Console.
                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                    The default StorageClass of SFS volumes is csi-nas.
                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                    You can customize a StorageClass and configure its reclaim policy and binding mode. For details, see Creating a StorageClass Through the Console.
                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                    (Optional) Storage Volume Name Prefix
                                                                                                                                                                                                                                                                                    
@@ -50,7 +50,7 @@
 
 
                                                                                                                                                                                                                                                                                  2. Click Create to create a PVC and a PV.
                                                                                                                                                                                                                                                                                    You can choose Storage in the navigation pane and view the created PVC and PV on the PVCs and PVs tab pages, respectively.
                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                    3. 
-
                                                                                                                                                                                                                                                                                  3. Create an application.
                                                                                                                                                                                                                                                                                    1. Choose Workloads in the navigation pane. In the right pane, click the Deployments tab.
                                                                                                                                                                                                                                                                                    2. Click Create Workload in the upper right corner. On the displayed page, click Data Storage in the Container Information area under Container Settings and choose Add Volume > PVC.
                                                                                                                                                                                                                                                                                      Mount and use storage volumes, as shown in Table 1. For details about other parameters, see Workloads.
+
                                                                                                                                                                                                                                                                                    3. Create an application.
                                                                                                                                                                                                                                                                                      1. Choose Workloads in the navigation pane. In the right pane, click the Deployments tab.
                                                                                                                                                                                                                                                                                      2. Click Create Workload in the upper right corner. On the displayed page, click Data Storage in the Container Information area under Container Settings and choose Add Volume > PVC.
                                                                                                                                                                                                                                                                                        Mount and use storage volumes. For details about the parameters, see Table 1. For other parameters, see Workloads.
 
                                                                                                                                                                                                                                                                                        Table 1 Mounting a storage volume
                                                                                                                                                                                                                                                                                        Parameter
                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                        Description
                                                                                                                                                                                                                                                                                        
@@ -90,7 +90,7 @@
 
 
                                                                                                                                                                                                                                                                                        
 
-
                                                                                                                                                                                                                                                                                        Automatically Creating an SFS File System Through kubectl
                                                                                                                                                                                                                                                                                        1. Use kubectl to access the cluster.
                                                                                                                                                                                                                                                                                        2. Use StorageClass to dynamically create a PVC and PV.
                                                                                                                                                                                                                                                                                          1. Create the pvc-sfs-auto.yaml file.
                                                                                                                                                                                                                                                                                            apiVersion: v1
+
                                                                                                                                                                                                                                                                                            Dynamically Creating an SFS File System Using kubectl
                                                                                                                                                                                                                                                                                            1. Use kubectl to access the cluster.
                                                                                                                                                                                                                                                                                            2. Use StorageClass to dynamically create a PVC and PV.
                                                                                                                                                                                                                                                                                              1. Create the pvc-sfs-auto.yaml file.
                                                                                                                                                                                                                                                                                                apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
   name: pvc-sfs-auto
@@ -99,14 +99,14 @@ metadata:
 
 
 
-    everest.io/csi.volume-name-prefix: test  # (Optional) Storage volume name prefix of the automatically created underlying storage
+    everest.io/csi.volume-name-prefix: test  # (Optional) Storage volume name prefix of the automatically created underlying storage
 spec:
   accessModes:
     - ReadWriteMany             # The value must be ReadWriteMany for SFS.
   resources:
     requests:
       storage: 1Gi             # SFS volume capacity
-  storageClassName: csi-nas    # The StorageClass is SFS.
                                                                                                                                                                                                                                                                                                
+  storageClassName: csi-nas    # The StorageClass is SFS.
                                                                                                                                                                                                                                                                                            
 
 
                                                                                                                                                                                                                                                                                            
@@ -121,7 +121,7 @@ spec:
 
                                                                                                                                                                                                                                                                                            Table 2 Key parameters
                                                                                                                                                                                                                                                                                            Parameter
                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                            Yes
                                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                                             		
 
                                                                                                                                                                                                                                                                                            Requested capacity in the PVC, in Gi.
                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                            For SFS, this parameter is used only for verification and cannot be empty or 0. Its value is fixed at 1, and any value set will not take effect for SFS file systems.
                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                            For SFS, this parameter is used only for verification (cannot be empty or 0). Its value is fixed at 1, and any value you set does not take effect for SFS file systems.
                                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                                             		
 
                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                            everest.io/crypt-key-id
                                                                                                                                                                                                                                                                                            
@@ -200,7 +200,7 @@ spec:
 
                                                                                                                                                                                                                                                                                            Expected output:
                                                                                                                                                                                                                                                                                            web-demo-846b489584-mjhm9   1/1     Running   0             46s
 web-demo-846b489584-wvv5s   1/1     Running   0             46s
                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                          2. Run the following commands in sequence to view the files in the /data path of the pods:
                                                                                                                                                                                                                                                                                            kubectl exec web-demo-846b489584-mjhm9 -- ls /data
+
                                                                                                                                                                                                                                                                                          3. Run the following commands in sequence to check the files in the /data path of the pods:
                                                                                                                                                                                                                                                                                            kubectl exec web-demo-846b489584-mjhm9 -- ls /data
 kubectl exec web-demo-846b489584-wvv5s -- ls /data
                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                            If no result is returned for both pods, no file exists in the /data path.
                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                            4. 
@@ -270,7 +270,7 @@ static
 
 
                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                            Parent topic: Scalable File Service
                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                            Parent topic: SFS
                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                            
 
diff --git a/docs/cce/umn/cce_10_0624.html b/docs/cce/umn/cce_10_0624.html
index bf2740c52..275e1ad2a 100644
--- a/docs/cce/umn/cce_10_0624.html
+++ b/docs/cce/umn/cce_10_0624.html
@@ -1,12 +1,12 @@
 
 
-
                                                                                                                                                                                                                                                                                            Overview
                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                            SFS Turbo Overview
                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                            Introduction
                                                                                                                                                                                                                                                                                            CCE allows you to mount storage volumes created by SFS Turbo file systems to a path of a container to meet data persistence requirements. SFS Turbo file systems are fast, on-demand, and scalable, which are suitable for scenarios with a massive number of small files, such as DevOps, containerized microservices, and enterprise office applications.
                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                            Expandable to 320 TB, SFS Turbo provides fully hosted shared file storage, which is highly available and stable, to support small files and applications requiring low latency and high IOPS.
                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                            • Standard file protocols: You can mount file systems as volumes to servers, the same as using local directories.
                                                                                                                                                                                                                                                                                            • Data sharing: The same file system can be mounted to multiple servers, so that data can be shared.
                                                                                                                                                                                                                                                                                            • Private network: Users can access data only in private networks of data centers.
                                                                                                                                                                                                                                                                                            • Data isolation: The on-cloud storage service provides exclusive cloud file storage, which delivers data isolation and ensures IOPS performance.
                                                                                                                                                                                                                                                                                            • Use cases: Deployments/StatefulSets in the ReadWriteMany mode, DaemonSets, and jobs created for high-traffic websites, log storage, DevOps, and enterprise OA applications
                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                            Application Scenarios
                                                                                                                                                                                                                                                                                            SFS Turbo supports the following mounting modes:
                                                                                                                                                                                                                                                                                            
-
+
 
                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                            
diff --git a/docs/cce/umn/cce_10_0625.html b/docs/cce/umn/cce_10_0625.html
index 20716b2df..789b93795 100644
--- a/docs/cce/umn/cce_10_0625.html
+++ b/docs/cce/umn/cce_10_0625.html
@@ -4,10 +4,10 @@
 
                                                                                                                                                                                                                                                                                            SFS Turbo is a shared file system with high availability and durability. It is suitable for applications that contain massive small files and require low latency, and high IOPS. This section describes how to use an existing SFS Turbo file system to statically create PVs and PVCs for data persistence and sharing in workloads.
                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                            Prerequisites
                                                                                                                                                                                                                                                                                            • You have created a cluster and installed the CCE Container Storage (Everest) add-on in the cluster.
                                                                                                                                                                                                                                                                                            • To create a cluster using commands, ensure kubectl is used. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                                                                                            • You have created an available SFS Turbo file system, and the SFS Turbo file system and the cluster are in the same VPC.
                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                            Notes and Constraints
                                                                                                                                                                                                                                                                                            • Multiple PVs can use the same SFS or SFS Turbo file system with the following restrictions:
                                                                                                                                                                                                                                                                                              • Do not mount multiple PVCs or PVs that use the same underlying SFS or SFS Turbo volume to a single pod. Doing so will cause pod startup failures, as not all PVCs can be mounted due to identical volumeHandle value.
                                                                                                                                                                                                                                                                                              • The persistentVolumeReclaimPolicy parameter in the PVs must be set to Retain. Otherwise, when a PV is deleted, the associated underlying volume may be deleted. In this case, other PVs associated with the underlying volume malfunction.
                                                                                                                                                                                                                                                                                              • When the underlying volume is repeatedly used, enable isolation and protection for ReadWriteMany at the application layer to prevent data overwriting and loss.
                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                              Notes and Constraints
                                                                                                                                                                                                                                                                                              • Multiple PVs can use the same SFS or SFS Turbo file system with the following restrictions:
                                                                                                                                                                                                                                                                                                • If a pod mounts an SFS or SFS Turbo volume used by multiple PVCs/PVs, and the PVs have identical volumeHandle values, the pod may fail to start. To avoid this issue, do not mount the same SFS or SFS Turbo file system to the same pod.
                                                                                                                                                                                                                                                                                                • The persistentVolumeReclaimPolicy parameter in the PVs must be set to Retain. Otherwise, when a PV is deleted, the associated underlying volume may be deleted. In this case, other PVs associated with the underlying volume malfunction.
                                                                                                                                                                                                                                                                                                • When the underlying volume is repeatedly used, enable isolation and protection for ReadWriteMany at the application layer to prevent data overwriting and loss.
                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                              Using an Existing SFS Turbo File System on the Console
                                                                                                                                                                                                                                                                                              1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                              2. Statically create a PVC and PV.
                                                                                                                                                                                                                                                                                                1. Choose Storage in the navigation pane. In the right pane, click the PVCs tab. Click Create PVC in the upper right corner. In the dialog box displayed, configure PVC parameters.
+
                                                                                                                                                                                                                                                                                                  Using an Existing SFS Turbo File System on the Console
                                                                                                                                                                                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                  2. Statically create a PVC and PV.
                                                                                                                                                                                                                                                                                                    1. Choose Storage in the navigation pane. In the right pane, click the PVCs tab. Click Create PVC in the upper right corner. In the dialog box displayed, configure PVC parameters.
 
                                                                                                                                                                                                                                                                                                      
-
-
                                                                                                                                                                                                                                                                                                      Parameter
                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                      Description
                                                                                                                                                                                                                                                                                                      
@@ -43,7 +43,7 @@
 
                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                      Subdirectoryb
                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                      Determine whether to use subdirectories to create PVs. Enter the absolute path of a subdirectory, for example, /a/b. Ensure that the subdirectory is available.
                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                      Determine whether to use subdirectories to create PVs. To use this function, enter the absolute path of a subdirectory (for example, /a/b). Ensure that the subdirectory exists and is accessible.
                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                      PV Nameb
                                                                                                                                                                                                                                                                                                      
@@ -58,13 +58,13 @@
 
                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                      Reclaim Policyb
                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                      Only Retain is available if you do not use subdirectories to create PVs. This indicates that the PV is not deleted when the PVC is deleted. For details, see PV Reclaim Policy. If you choose to use a subdirectory to create a PV, the value of this parameter can be Delete.
                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                      Only Retain is available if you do not use subdirectories to create PVs. This indicates that the PV will not be deleted when the PVC is deleted. For details, see PV Reclaim Policy. If you choose to use a subdirectory to create a PV, the value of this parameter can be Delete.
                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                      Subdirectory Reclaim Policyb
                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                      Determine whether to retain subdirectories when a PVC is deleted. This parameter must be used with PV Reclaim Policy and can be configured when PV Reclaim Policy is set to Delete.
                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                      • Retain: If a PVC is deleted, the PV will be deleted, but the subdirectories associated with the PV will be retained.
                                                                                                                                                                                                                                                                                                      • Delete: After a PVC is deleted, the PV and its associated subdirectories will also be deleted.
                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                      • Retain: When a PVC is deleted, the PV is deleted, but its associated subdirectories are retained.
                                                                                                                                                                                                                                                                                                      • Delete: When a PVC is deleted, the PV and its associated subdirectories are also deleted.
                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                      Mount Optionsb
                                                                                                                                                                                                                                                                                                      
@@ -80,7 +80,7 @@
 
 
                                                                                                                                                                                                                                                                                                    2. Click Create to create a PVC and a PV.
                                                                                                                                                                                                                                                                                                      You can choose Storage in the navigation pane and view the created PVC and PV on the PVCs and PVs tab pages, respectively.
                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                      3. 
-
                                                                                                                                                                                                                                                                                                    3. Create an application.
                                                                                                                                                                                                                                                                                                      1. Choose Workloads in the navigation pane. In the right pane, click the Deployments tab.
                                                                                                                                                                                                                                                                                                      2. Click Create Workload in the upper right corner. On the displayed page, click Data Storage in the Container Information area under Container Settings and choose Add Volume > PVC.
                                                                                                                                                                                                                                                                                                        Mount and use storage volumes, as shown in Table 1. For details about other parameters, see Workloads.
+
                                                                                                                                                                                                                                                                                                      3. Create an application.
                                                                                                                                                                                                                                                                                                        1. Choose Workloads in the navigation pane. In the right pane, click the Deployments tab.
                                                                                                                                                                                                                                                                                                        2. Click Create Workload in the upper right corner. On the displayed page, click Data Storage in the Container Information area under Container Settings and choose Add Volume > PVC.
                                                                                                                                                                                                                                                                                                          Mount and use storage volumes. For details about the parameters, see Table 1. For other parameters, see Workloads.
 
                                                                                                                                                                                                                                                                                                          Table 1 Mounting a storage volume
                                                                                                                                                                                                                                                                                                          Parameter
                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                          Description
                                                                                                                                                                                                                                                                                                          
@@ -131,7 +131,7 @@ spec:
   accessModes:
   - ReadWriteMany      # Access mode. The value must be ReadWriteMany for SFS Turbo.
   capacity:
-    storage: 500Gi       # SFS Turbo volume capacity
+    storage: 500Gi       # Storage capacity. This parameter is only for verification. It must not be empty or 0, but the specified size will not take effect.
   csi:
     driver: sfsturbo.csi.everest.io    # Dependent storage driver for the mounting
     fsType: nfs
@@ -164,7 +164,7 @@ spec:
 
                                                                                                                                                                                                                                                                                                          Yes
                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                          Shared path of the SFS Turbo volume.
                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                          Log in to the CCE console, choose Service List > Storage > Scalable File Service, and select SFS Turbo. You can obtain the shared path of the file system.
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          Log in to the CCE console and choose Service List > Storage > Scalable File Service. In the navigation pane, choose SFS Turbo > File Systems. You can obtain the shared path of the file system.
                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                          mountOptions
                                                                                                                                                                                                                                                                                                          
@@ -185,7 +185,7 @@ spec:
 
                                                                                                                                                                                                                                                                                                          Yes
                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                          A reclaim policy is supported when the cluster version is or later than 1.19.10 and the Everest version is or later than 1.2.9. For details, see PV Reclaim Policy.
                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                          Retain: When a PVC is deleted, both the PV and underlying storage resources will be retained. You need to manually delete these resources. After the PVC is deleted, the PV is in the Released state and cannot be bound to a PVC again.
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          Retain: When a PVC is deleted, both the PV and underlying storage resources will be retained. You need to manually delete these resources. After the PVC is deleted, the PV is in the Released state and cannot be bound to a PVC again. If you want to continue using the underlying storage resources, delete the existing PV first. Then, create a new PV and PVC and associate them with the underlying storage resources.
                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                          storage
                                                                                                                                                                                                                                                                                                          
@@ -223,35 +223,35 @@ spec:
   storageClassName: csi-sfsturbo       # StorageClass name of the SFS Turbo file system, which must be the same as that of the PV
   volumeName: pv-sfsturbo    # PV name
 
-
                                                                                                                                                                                                                                                                                                          Table 3 Key parameters
                                                                                                                                                                                                                                                                                                          Parameter
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          
-
-
-
-
-
-
-
-
-
-
-
@@ -291,31 +291,31 @@ spec:
 
                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                          Using Subdirectories of an Existing SFS Turbo File System Through kubectl
                                                                                                                                                                                                                                                                                                          1. Use kubectl to access the cluster.
                                                                                                                                                                                                                                                                                                          2. Create a PV.
                                                                                                                                                                                                                                                                                                            1. Create the pv-sfsturbo.yaml file.
                                                                                                                                                                                                                                                                                                              Example:
                                                                                                                                                                                                                                                                                                              apiVersion: v1
+
                                                                                                                                                                                                                                                                                                              Using Subdirectories of an Existing SFS Turbo File System Through kubectl
                                                                                                                                                                                                                                                                                                              1. Use kubectl to access the cluster.
                                                                                                                                                                                                                                                                                                              2. Create a PV.
                                                                                                                                                                                                                                                                                                                1. Create the pv-sfsturbo.yaml file.
                                                                                                                                                                                                                                                                                                                  Example:
                                                                                                                                                                                                                                                                                                                  apiVersion: v1
 kind: PersistentVolume
 metadata:
   annotations:
     pv.kubernetes.io/provisioned-by: everest-csi-provisioner
-    everest.io/reclaim-policy: retain-volume-only    # When a PVC is deleted, the PV will be deleted but the subdirectories associated with the PV will be retained. This parameter is available only when subdirectories are used and the reclaim policy is Delete.
+    everest.io/reclaim-policy: retain-volume-only    # (Optional) When a PVC is deleted, the PV will be deleted, but the associated subdirectories will be retained. This parameter is available only when subdirectories are used and the reclaim policy is Delete.
   name: pv-sfsturbo    # PV name
 spec:
   accessModes:
-  - ReadWriteMany      # Access mode. The value must be ReadWriteMany for SFS Turbo.
+  - ReadWriteMany      # Access mode. The value must be ReadWriteMany for SFS Turbo.
   capacity:
-    storage: 500Gi       # SFS Turbo volume capacity
+    storage: 500Gi       # Storage capacity. This parameter is only for verification. It must not be empty or 0, but the specified size will not take effect.
   csi:
     driver: sfsturbo.csi.everest.io    # Dependent storage driver for the mounting
     fsType: nfs
     volumeHandle: pv-sfsturbo   # PV name
     volumeAttributes:
-      everest.io/share-export-location: <sfsturbo_path>:/<absolute_path>   # Shared path and subdirectory of the SFS Turbo file system
-
       storage.kubernetes.io/csiProvisionerIdentity: everest-csi-provisioner
-      everest.io/volume-as: absolute-path   # An SFS Turbo subdirectory is used.
-      everest.io/sfsturbo-share-id: <sfsturbo_id>    # SFS Turbo ID
-  persistentVolumeReclaimPolicy: Retain    # Reclaim policy, which can be set to Delete when subdirectories are automatically created
+
+      everest.io/volume-as: absolute-path   # The PV is associated with an SFS Turbo subdirectory.
+      everest.io/share-export-location: <sfsturbo_path>:/<absolute_path>   # The value consists of the shared path of the SFS Turbo file system and the absolute path of the subdirectory.
+      everest.io/sfsturbo-share-id: <sfsturbo_id>    # SFS Turbo ID
+  persistentVolumeReclaimPolicy: Retain    # PV reclaim policy
   storageClassName: csi-sfsturbo          # StorageClass name of the SFS Turbo file system
-  mountOptions: []                         # Mount options
                                                                                                                                                                                                                                                                                                                  
+  mountOptions: []                         # Mount options
                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                              
 
 
                                                                                                                                                                                                                                                                                                          Table 3 Key parameters
                                                                                                                                                                                                                                                                                                          Parameter
                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                          Mandatory
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          Mandatory
                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                          Description
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          Description
                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                          storage
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          storage
                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                          Yes
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          Yes
                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                          Requested capacity in the PVC, in Gi.
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          Requested capacity in the PVC, in Gi.
                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                          The value must be the same as the storage size of the existing PV.
                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                          storageClassName
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          storageClassName
                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                          Yes
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          Yes
                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                          StorageClass name, which must be the same as the StorageClass of the PV in 1.
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          StorageClass name, which must be the same as the StorageClass of the PV in 1.
                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                          The StorageClass name of SFS Turbo volumes is csi-sfsturbo.
                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                          volumeName
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          volumeName
                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                          Yes
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          Yes
                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                          PV name, which must be the same as the PV name in 1.
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          PV name, which must be the same as the PV name in 1.
                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                           
 
 
                                                                                                                                                                                                                                                                                                          
-
+
+
+
+
+
+
+
+
+
+
+
+
-
+
+
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                                                                                                                                                                                                                                                                          Table 4 Key parameters
                                                                                                                                                                                                                                                                                                          Parameter
                                                                                                                                                                                                                                                                                                          
@@ -326,22 +326,71 @@ spec:
                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                          volumeHandle
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          everest.io/reclaim-policy
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          No
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          Whether to retain subdirectories when deleting a PVC. This parameter must be used with PV Reclaim Policy. This parameter is available only when the PV reclaim policy is Delete.
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          • retain-volume-only: When a PVC is deleted, the PV is deleted, but its associated subdirectories are retained.
                                                                                                                                                                                                                                                                                                          • delete: When a PVC is deleted, the PV and its associated subdirectories are also deleted.
                                                                                                                                                                                                                                                                                                             NOTE: 
                                                                                                                                                                                                                                                                                                            When a subdirectory is deleted, only the absolute path of the subdirectory specified in the PVC is deleted. The parent directory is retained.
                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          storage
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          Yes
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          Requested capacity in the PVC, in Gi. If a subdirectory is used, this parameter serves no purpose other than for verification and must have a non-empty, non-zero value.
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          volumeHandle
                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                          Yes
                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                          PV name when an SFS Turbo subdirectory is used to create the PV.
                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                          everest.io/volume-as
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          Yes
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          The value is fixed at absolute-path, indicating that the current PV associates with a subdirectory of the SFS Turbo file system.
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          Ensure Everest of v2.3.23 or later has been installed in the cluster.
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                          everest.io/share-export-location
                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                          Yes
                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                          Shared path of the SFS Turbo subdirectory.
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          Shared path of the SFS Turbo file system subdirectory. The value consists of the shared path of the SFS Turbo file system and the absolute path of the subdirectory. Customize the absolute path of the subdirectory, for example, /a/b. Ensure that the subdirectory exists and is accessible.
                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                          Format:
                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                          {sfsturbo_path}:/{absolute_path}
                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                          How to obtain:
                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                          Log in to the CCE console, choose Service List > Storage > Scalable File Service, and select SFS Turbo. You can obtain the shared path of the file system.
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          To obtain the shared path of the SFS Turbo file system, do as follows:
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          Log in to the CCE console and choose Service List > Storage > Scalable File Service. In the navigation pane, choose SFS Turbo > File Systems. In the file system list displayed on the right of the page, find your desired path in the Shared Path column.
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          everest.io/sfsturbo-share-id
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          Yes
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          ID of an SFS Turbo file system.
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          How to obtain: On the CCE console, choose Service List > Storage > Scalable File Service. In the navigation pane, choose SFS Turbo > File Systems. Copy the file system ID under the file system name on the right.
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          persistentVolumeReclaimPolicy
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          Yes
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          A reclaim policy is supported when the cluster version is or later than 1.19.10 and the Everest version is or later than 1.2.9. For details, see PV Reclaim Policy.
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          Retain: When a PVC is deleted, both the PV and underlying storage resources will be retained. You need to manually delete these resources. After the PVC is deleted, the PV is in the Released state and cannot be bound to a PVC again.
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          Delete: This parameter can be configured when subdirectories are automatically created, indicating that the PV is deleted when a PVC is deleted.
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          storageClassName
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          Yes
                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                          The StorageClass of SFS Turbo is csi-sfsturbo.
                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                          mountOptions
                                                                                                                                                                                                                                                                                                          
@@ -357,61 +406,12 @@ spec:
 - hard
                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                          persistentVolumeReclaimPolicy
                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                          Yes
                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                          A reclaim policy is supported when the cluster version is or later than 1.19.10 and the Everest version is or later than 1.2.9. For details, see PV Reclaim Policy.
                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                          Retain: When a PVC is deleted, both the PV and underlying storage resources will be retained. You need to manually delete these resources. After the PVC is deleted, the PV is in the Released state and cannot be bound to a PVC again.
                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                          Delete: This parameter can be configured when subdirectories are automatically created, indicating that the PV is deleted when a PVC is deleted.
                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                          everest.io/reclaim-policy
                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                          No
                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                          Whether to retain subdirectories when deleting a PVC. This parameter must be used with PV Reclaim Policy. This parameter is available only when the PV reclaim policy is Delete. Options:
                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                          • retain-volume-only: If a PVC is deleted, the PV will be deleted, but the subdirectories associated with the PV will be retained.
                                                                                                                                                                                                                                                                                                          • delete: After a PVC is deleted, the PV and its associated subdirectories will also be deleted.
                                                                                                                                                                                                                                                                                                             NOTE: 
                                                                                                                                                                                                                                                                                                            When a subdirectory is deleted, only the absolute path of the subdirectory configured in the PVC will be deleted. The upper-layer directory will not be deleted.
                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                          everest.io/volume-as
                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                          Yes
                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                          The value is fixed at absolute-path, indicating that a dynamically created SFS Turbo subdirectory is used.
                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                          Ensure Everest of v2.3.23 or later has been installed in the cluster.
                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                          everest.io/sfsturbo-share-id
                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                          Yes
                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                          Shared path of the SFS Turbo volume.
                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                          Log in to the CCE console, choose Service List > Storage > Scalable File Service, and select SFS Turbo. You can obtain the shared path of the file system.
                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                          storage
                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                          Yes
                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                          Requested capacity in the PVC, in Gi. If a subdirectory is used, this parameter serves no purpose other than for verification and must have a non-empty, non-zero value.
                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                          storageClassName
                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                          Yes
                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                          The StorageClass name of SFS Turbo volumes is csi-sfsturbo.
                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                           
 
                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                        3. Run the following command to create a PV:
                                                                                                                                                                                                                                                                                                          kubectl apply -f pv-sfsturbo.yaml
                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                          4. 
-
                                                                                                                                                                                                                                                                                                        4. Create a PVC.
                                                                                                                                                                                                                                                                                                          1. Create the pvc-sfsturbo.yaml file.
                                                                                                                                                                                                                                                                                                            apiVersion: v1
+
                                                                                                                                                                                                                                                                                                          2. Create a PVC.
                                                                                                                                                                                                                                                                                                            1. Create the pvc-sfsturbo.yaml file.
                                                                                                                                                                                                                                                                                                              apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
   name: pvc-sfsturbo
@@ -421,12 +421,12 @@ metadata:
 
 spec:
   accessModes:
-  - ReadWriteMany                  # The value must be ReadWriteMany for SFS Turbo.
+  - ReadWriteMany                  # The value must be ReadWriteMany for SFS Turbo.
   resources:
     requests:
-      storage: 500Gi               # SFS Turbo volume capacity.
-  storageClassName: csi-sfsturbo       # StorageClass name of the SFS Turbo file system, which must be the same as that of the PV
-  volumeName: pv-sfsturbo    # PV name
                                                                                                                                                                                                                                                                                                              
+      storage: 500Gi               # SFS Turbo volume capacity.
+  storageClassName: csi-sfsturbo       # StorageClass name of the SFS Turbo file system, which must be the same as that of the PV
+  volumeName: pv-sfsturbo    # PV name
 
 
                                                                                                                                                                                                                                                                                                              
@@ -500,7 +500,7 @@ spec:
 
                                                                                                                                                                                                                                                                                                              Expected output:
                                                                                                                                                                                                                                                                                                              web-demo-846b489584-mjhm9   1/1     Running   0             46s
 web-demo-846b489584-wvv5s   1/1     Running   0             46s
                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                            2. Run the following commands in sequence to view the files in the /data path of the pods:
                                                                                                                                                                                                                                                                                                              kubectl exec web-demo-846b489584-mjhm9 -- ls /data
+
                                                                                                                                                                                                                                                                                                            3. Run the following commands in sequence to check the files in the /data path of the pods:
                                                                                                                                                                                                                                                                                                              kubectl exec web-demo-846b489584-mjhm9 -- ls /data
 kubectl exec web-demo-846b489584-wvv5s -- ls /data
                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                              If no result is returned for both pods, no file exists in the /data path.
                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                              4. 
@@ -552,8 +552,8 @@ static
-
@@ -576,7 +576,7 @@ static
-
diff --git a/docs/cce/umn/cce_10_0626.html b/docs/cce/umn/cce_10_0626.html
index cbb479538..dd62bb2f3 100644
--- a/docs/cce/umn/cce_10_0626.html
+++ b/docs/cce/umn/cce_10_0626.html
@@ -4,7 +4,7 @@
 
                                                                                                                                                                                                                                                                                                              This section describes how to configure SFS Turbo mount options. For SFS Turbo, you can only set mount options in a PV and bind the PV by creating a PVC.
                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                              Prerequisites
                                                                                                                                                                                                                                                                                                              The CCE Container Storage (Everest) version must be 1.2.8 or later. This add-on identifies the mount options and transfers them to the underlying storage resources. The parameter settings take effect only if the underlying storage resources support the specified options.
                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                              Notes and Constraints
                                                                                                                                                                                                                                                                                                              • Mount options cannot be configured for Kata containers.
                                                                                                                                                                                                                                                                                                              • Due to the restrictions of the NFS protocol, if an SFS volume is mounted to a node for multiple times, link-related mounting parameters (such as timeo) take effect only when the SFS volume is mounted for the first time by default. For example, if the same SFS file system is mounted to multiple pods running on a node, the mounting parameter set later does not overwrite the existing parameter value. If you want to configure different mounting parameters in the preceding scenario, additionally configure the nosharecache parameter.
                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                              Notes and Constraints
                                                                                                                                                                                                                                                                                                              • Mount options cannot be configured for secure containers.
                                                                                                                                                                                                                                                                                                              • Due to the restrictions of the NFS protocol, if an SFS volume is mounted to a node for multiple times, link-related mounting parameters (such as timeo) take effect only when the SFS volume is mounted for the first time by default. For example, if the same SFS file system is mounted to multiple pods running on a node, the mounting parameter set later does not overwrite the existing parameter value. If you want to configure different mounting parameters in the preceding scenario, additionally configure the nosharecache parameter.
                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                              SFS Turbo Mount Options
                                                                                                                                                                                                                                                                                                              The Everest add-on in CCE presets the options described in Table 1 for mounting SFS Turbo volumes.
                                                                                                                                                                                                                                                                                                              
 
@@ -71,7 +71,7 @@ spec:
   accessModes:
   - ReadWriteMany      # Access mode. The value must be ReadWriteMany for SFS Turbo.
   capacity:
-    storage: 500Gi       # SFS Turbo volume capacity
+    storage: 500Gi       # Storage capacity. This parameter is only for verification. It must not be empty or 0, but the specified size will not take effect.
   csi:
     driver: sfsturbo.csi.everest.io    # Dependent storage driver for the mounting
     fsType: nfs
@@ -87,7 +87,7 @@ spec:
   - nolock
   - timeo=600
   - hard
-
                                                                                                                                                                                                                                                                                                            4. After a PV is created, you can create a PVC and bind it to the PV, and then mount the PV to the container in the workload. For details, see Using an Existing SFS Turbo File System Through a Static PV.
                                                                                                                                                                                                                                                                                                            5. Check whether the mount options take effect.
                                                                                                                                                                                                                                                                                                              In this example, the PVC is mounted to the workload that uses the nginx:latest image. You can run the mount -l command to check whether the mount options take effect.
                                                                                                                                                                                                                                                                                                              1. View the pod to which the SFS Turbo volume has been mounted. In this example, the workload name is web-sfsturbo.
                                                                                                                                                                                                                                                                                                                kubectl get pod | grep web-sfsturbo
                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                              2. After creating a PV, you can create a PVC, bind it to the PV, and mount the PV to the container in the workload. For details, see Using an Existing SFS Turbo File System Through a Static PV.
                                                                                                                                                                                                                                                                                                              3. Check whether the mount options are effective.
                                                                                                                                                                                                                                                                                                                In this example, the PVC is mounted to the workload that uses the nginx:latest image. You can run the mount -l command to check whether the mount options take effect.
                                                                                                                                                                                                                                                                                                                1. View the pod to which the SFS Turbo volume has been mounted. In this example, the workload name is web-sfsturbo. Replace it with the actual workload name.
                                                                                                                                                                                                                                                                                                                  kubectl get pod | grep web-sfsturbo
                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                  Command output:
                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                  web-sfsturbo-***   1/1     Running   0             23m
                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                2. Run the following command to check the mount options (web-sfsturbo-*** is an example pod):
                                                                                                                                                                                                                                                                                                                  kubectl exec -it web-sfsturbo-*** -- mount -l | grep nfs
                                                                                                                                                                                                                                                                                                                  
diff --git a/docs/cce/umn/cce_10_0628.html b/docs/cce/umn/cce_10_0628.html
index 69b212ca9..4a55e7f4c 100644
--- a/docs/cce/umn/cce_10_0628.html
+++ b/docs/cce/umn/cce_10_0628.html
@@ -1,8 +1,8 @@
 
 
-
                                                                                                                                                                                                                                                                                                                  Overview
                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                  OBS Overview
                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                  Introduction
                                                                                                                                                                                                                                                                                                                  Object Storage Service (OBS) provides massive, secure, and cost-effective data storage for you to store data of any type and size. You can use it in enterprise backup/archiving, video on demand (VoD), video surveillance, and many other scenarios.
                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                  • Standard APIs: With HTTP RESTful APIs, OBS allows you to use client tools or third-party tools to access object storage.
                                                                                                                                                                                                                                                                                                                  • Data sharing: Servers, embedded devices, and IoT devices can use the same path to access shared object data in OBS.
                                                                                                                                                                                                                                                                                                                  • Public/Private networks: OBS allows data to be accessed from public networks to meet Internet application requirements.
                                                                                                                                                                                                                                                                                                                  • Capacity and performance: No capacity limit; high performance (I/O latency within 10 ms).
                                                                                                                                                                                                                                                                                                                  • Use cases: Deployments/StatefulSets in the ReadOnlyMany mode and jobs created for big data analysis, static website hosting, online VOD, gene sequencing, intelligent video surveillance, backup and archiving, and enterprise cloud boxes (web disks). You can create object storage by using the OBS console, tools, and SDKs.
                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                  • Standard APIs: With HTTP RESTful APIs, OBS allows you to use client tools or third-party tools to access object storage.
                                                                                                                                                                                                                                                                                                                  • Data sharing: Servers, embedded devices, and IoT devices can use the same path to access shared object data in OBS.
                                                                                                                                                                                                                                                                                                                  • Public/Private networks: OBS allows data to be accessed from public networks to meet Internet application requirements.
                                                                                                                                                                                                                                                                                                                  • Capacity and performance: No capacity limit; high performance (I/O latency within 10 ms).
                                                                                                                                                                                                                                                                                                                  • Use cases: Deployments/StatefulSets in the ReadOnlyMany mode and jobs created for big data analysis, static website hosting, online VoD, gene sequencing, intelligent video surveillance, backup and archiving, and enterprise cloud boxes (web disks). You can create object storage by using the OBS console, tools, and SDKs.
                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                  OBS Specifications
                                                                                                                                                                                                                                                                                                                  OBS provides multiple storage classes to meet customers' requirements on storage performance and costs.
                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                  • Object buckets provide reliable, high-performance, secure, and budget-friendly storage for data. They have no restrictions on the quantity of files or storage capacity.
                                                                                                                                                                                                                                                                                                                    • Standard: features low latency and high throughput. It is therefore good for storing frequently (multiple times per month) accessed files or small files (less than 1 MB). Its application scenarios include big data analytics, mobile apps, hot videos, and social apps.
                                                                                                                                                                                                                                                                                                                    • OBS Infrequent Access: applicable to storing semi-frequently accessed (less than 12 times a year) data requiring quick response. Its application scenarios include file synchronization or sharing, and enterprise-level backup. This storage class has the same durability, low latency, and high throughput as the Standard storage class, with a lower cost, but its availability is slightly lower than the Standard storage class.
                                                                                                                                                                                                                                                                                                                    
@@ -21,17 +21,17 @@
 
                                                                                                                                                                                                                                                                                                              6. 
-
-
-
@@ -46,7 +46,7 @@
 
                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                              Parent topic: Object Storage Service
                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                              Parent topic: OBS
                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                              
 
diff --git a/docs/cce/umn/cce_10_0630.html b/docs/cce/umn/cce_10_0630.html
index cee624802..1d9bfe53e 100644
--- a/docs/cce/umn/cce_10_0630.html
+++ b/docs/cce/umn/cce_10_0630.html
@@ -2,10 +2,10 @@
 
 
                                                                                                                                                                                                                                                                                                              Using an OBS Bucket Through a Dynamic PV
                                                                                                                                                                                                                                                                                                              This section describes how to automatically create an OBS bucket. It is applicable when no underlying storage volume is available.
                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                              Notes and Constraints
                                                                                                                                                                                                                                                                                                              • If OBS volumes are used, the owner group and permission of the mount point cannot be modified.
                                                                                                                                                                                                                                                                                                              • Every time an OBS volume is mounted to a workload through a PVC, a resident process is created in the backend. When a workload uses too many OBS volumes or reads and writes a large number of object storage files, resident processes will consume a significant amount of memory. To ensure stable running of the workload, make sure that the number of OBS volumes used does not exceed the requested memory. For example, if the workload requests for 4 GiB of memory, the number of OBS volumes should be no more than 4.
                                                                                                                                                                                                                                                                                                              • Secure containers do not support OBS volumes.
                                                                                                                                                                                                                                                                                                              • Hard links are not supported when common buckets are mounted.
                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                              Notes and Constraints
                                                                                                                                                                                                                                                                                                              • If OBS volumes are used, the owner group and permission of the mount point cannot be modified.
                                                                                                                                                                                                                                                                                                              • Every time an OBS volume is mounted to a workload through a PVC, a resident process is created in the backend. When a workload uses too many OBS volumes or reads and writes a large number of object storage files, resident processes will consume a significant amount of memory. To ensure stable running of the workload, make sure that the number of OBS volumes used does not exceed the requested memory. For example, if the workload requests for 4 GiB of memory, the number of OBS volumes should be no more than 4.
                                                                                                                                                                                                                                                                                                              • Secure containers do not support OBS volumes.
                                                                                                                                                                                                                                                                                                              • Hard links are not supported when common buckets are mounted.
                                                                                                                                                                                                                                                                                                              • Read-only is not supported when an OBS PVC is mounted to a workload.
                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                              • OBS allows a single user to create a maximum of 100 buckets. If a large number of dynamic PVCs are created, the number of buckets may exceed the upper limit, and no more OBS buckets can be created. In this case, use OBS by calling its API or SDK and do not mount OBS buckets to workloads.
                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                              Automatically Creating an OBS Volume on the Console
                                                                                                                                                                                                                                                                                                              1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                              2. Dynamically create a PVC and PV.
                                                                                                                                                                                                                                                                                                                1. Choose Storage in the navigation pane. In the right pane, click the PVCs tab. Click Create PVC in the upper right corner. In the dialog box displayed, configure PVC parameters.
+
                                                                                                                                                                                                                                                                                                                  Automatically Creating an OBS Bucket Using the Console
                                                                                                                                                                                                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                  2. Dynamically create a PVC and PV.
                                                                                                                                                                                                                                                                                                                    1. Choose Storage in the navigation pane. In the right pane, click the PVCs tab. Click Create PVC in the upper right corner. In the dialog box displayed, configure PVC parameters.
 
                                                                                                                                                                                                                                                                                                              Table 5 Key parameters
                                                                                                                                                                                                                                                                                                              Parameter
                                                                                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                                                                                               		
 
 
                                                                                                                                                                                                                                                                                                              Create a PV on the CCE console.
                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                              1. Choose Storage in the navigation pane. In the right pane, click the PVs tab. Click Create PersistentVolume in the upper right corner. In the dialog box displayed, configure parameters.
                                                                                                                                                                                                                                                                                                                • Volume Type: Select SFS Turbo.
                                                                                                                                                                                                                                                                                                                • SFS Turbo: Click Select SFS Turbo. On the page displayed, select the SFS Turbo file system that meets your requirements and click OK.
                                                                                                                                                                                                                                                                                                                • Subdirectory: Determine whether to use subdirectories to create PVs. Enter the absolute path of a subdirectory, for example, /a/b. Ensure that the subdirectory is available.
                                                                                                                                                                                                                                                                                                                • PV Name: Enter the PV name, which must be unique in a cluster.
                                                                                                                                                                                                                                                                                                                • Access Mode: SFS volumes support only ReadWriteMany, indicating that a storage volume can be mounted to multiple nodes in read/write mode. For details, see Volume Access Modes.
                                                                                                                                                                                                                                                                                                                • Reclaim Policy: Only Retain is supported if you do not use subdirectories to create PVs. For details, see PV Reclaim Policy. If you choose to use a subdirectory to create a PV, the value of this parameter can be Delete.
                                                                                                                                                                                                                                                                                                                • Subdirectory Reclaim Policy: Determine whether to retain subdirectories when a PVC is deleted. This parameter must be used with PV Reclaim Policy and can be configured when PV Reclaim Policy is set to Delete.
                                                                                                                                                                                                                                                                                                                  Retain: If a PVC is deleted, the PV will be deleted, but the subdirectories associated with the PV will be retained.
                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                  Delete: After a PVC is deleted, the PV and its associated subdirectories will also be deleted.
                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                              1. Choose Storage in the navigation pane. In the right pane, click the PVs tab. Click Create PV in the upper right corner. In the dialog box displayed, configure parameters.
                                                                                                                                                                                                                                                                                                                • Volume Type: Select SFS Turbo.
                                                                                                                                                                                                                                                                                                                • SFS Turbo: Click Select SFS Turbo. On the displayed page, select the SFS Turbo file system that meets your requirements and click OK.
                                                                                                                                                                                                                                                                                                                • Subdirectory: Determine whether to use subdirectories to create PVs. To use this function, enter the absolute path of a subdirectory (for example, /a/b). Ensure that the subdirectory exists and is accessible.
                                                                                                                                                                                                                                                                                                                • PV Name: Enter the PV name, which must be unique in a cluster.
                                                                                                                                                                                                                                                                                                                • Access Mode: SFS volumes support only ReadWriteMany, indicating that a storage volume can be mounted to multiple nodes in read/write mode. For details, see Volume Access Modes.
                                                                                                                                                                                                                                                                                                                • Reclaim Policy: Only Retain is available if you do not use subdirectories to create PVs. For details, see PV Reclaim Policy. If you choose to use a subdirectory to create a PV, the value of this parameter can be Delete.
                                                                                                                                                                                                                                                                                                                • Subdirectory Reclaim Policy: Determine whether to retain subdirectories when a PVC is deleted. This parameter must be used with PV Reclaim Policy and can be configured when PV Reclaim Policy is set to Delete.
                                                                                                                                                                                                                                                                                                                  Retain: When a PVC is deleted, the PV is deleted, but its associated subdirectories are retained.
                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                  Delete: When a PVC is deleted, the PV and its associated subdirectories are also deleted.
                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                • Mount Options: Enter the mounting parameter key-value pairs. For details, see Configuring SFS Turbo Mount Options.
                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                              2. Click Create.
                                                                                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                                                                                               		
 
 
                                                                                                                                                                                                                                                                                                              View, copy, or download the YAML file of a PVC or PV.
                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                              1. Choose Storage in the navigation pane. In the right pane, click the PVCs or PVs tab.
                                                                                                                                                                                                                                                                                                              2. Click View YAML in the Operation column of the target PVC or PV to view or download the YAML.
                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                              1. Choose Storage in the navigation pane. In the right pane, click the PVCs or PVs tab.
                                                                                                                                                                                                                                                                                                              2. Click View YAML in the Operation column of the target PVC or PV to view, copy, or download the YAML.
                                                                                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                                                                                               		
 
                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                              About 50 MiB
                                                                                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                                                                                               		
 
                                                                                                                                                                                                                                                                                                              Concurrent write to a 10 MB file from two processes
                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                              Concurrent write to a 10-MB file from two processes
                                                                                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                                                                                               		
 
                                                                                                                                                                                                                                                                                                              About 110 MiB
                                                                                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                                                                                               		
 
                                                                                                                                                                                                                                                                                                              Concurrent write to a 10 MB file from four processes
                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                              Concurrent write to a 10-MB file from four processes
                                                                                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                                                                                               		
 
                                                                                                                                                                                                                                                                                                              About 220 MiB
                                                                                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                                                                                               		
 
                                                                                                                                                                                                                                                                                                              Write to a 100 GB file from a single process
                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                              Write to a 100-GB file from a single process
                                                                                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                                                                                               		
 
                                                                                                                                                                                                                                                                                                              About 300 MiB
                                                                                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                                                                                               		
 
 
                                                                                                                                                                                                                                                                                                              Parameter
                                                                                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                                                                                               		
 
                                                                                                                                                                                                                                                                                                              Description
                                                                                                                                                                                                                                                                                                              
@@ -31,7 +31,7 @@
 
                                                                                                                                                                                                                                                                                                              Storage Classes
                                                                                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                                                                                               		
 
                                                                                                                                                                                                                                                                                                              The default StorageClass of OBS volumes is csi-obs.
                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                              You can customize a StorageClass and configure its reclaim policy and binding mode. For details, see Creating a StorageClass Using the CCE Console.
                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                              You can customize a StorageClass and configure its reclaim policy and binding mode. For details, see Creating a StorageClass Through the Console.
                                                                                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                                                                                               		
 
                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                              (Optional) Storage Volume Name Prefix
                                                                                                                                                                                                                                                                                                              
@@ -69,7 +69,7 @@
 
 
                                                                                                                                                                                                                                                                                                            6. Click Create to create a PVC and a PV.
                                                                                                                                                                                                                                                                                                              You can choose Storage in the navigation pane and view the created PVC and PV on the PVCs and PVs tab pages, respectively.
                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                              7. 
-
                                                                                                                                                                                                                                                                                                            7. Create an application.
                                                                                                                                                                                                                                                                                                              1. Choose Workloads in the navigation pane. In the right pane, click the Deployments tab.
                                                                                                                                                                                                                                                                                                              2. Click Create Workload in the upper right corner. On the displayed page, click Data Storage in the Container Information area under Container Settings and choose Add Volume > PVC.
                                                                                                                                                                                                                                                                                                                Mount and use storage volumes, as shown in Table 1. For details about other parameters, see Workloads.
+
                                                                                                                                                                                                                                                                                                              3. Create an application.
                                                                                                                                                                                                                                                                                                                1. Choose Workloads in the navigation pane. In the right pane, click the Deployments tab.
                                                                                                                                                                                                                                                                                                                2. Click Create Workload in the upper right corner. On the displayed page, click Data Storage in the Container Information area under Container Settings and choose Add Volume > PVC.
                                                                                                                                                                                                                                                                                                                  Mount and use storage volumes. For details about the parameters, see Table 1. For other parameters, see Workloads.
 
                                                                                                                                                                                                                                                                                                                  
-
@@ -312,7 +312,7 @@ static
                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                  Parent topic: Object Storage Service
                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                  Parent topic: OBS
                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                  
 
diff --git a/docs/cce/umn/cce_10_0631.html b/docs/cce/umn/cce_10_0631.html
index a749100c1..4e64a12ca 100644
--- a/docs/cce/umn/cce_10_0631.html
+++ b/docs/cce/umn/cce_10_0631.html
@@ -4,13 +4,13 @@
 
                                                                                                                                                                                                                                                                                                                  This section describes how to configure OBS volume mount options. You can configure mount options in a PV and bind the PV to a PVC. Alternatively, configure mount options in a StorageClass and use the StorageClass to create a PVC. In this way, PVs can be dynamically created and inherit mount options configured in the StorageClass by default.
                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                  Prerequisites
                                                                                                                                                                                                                                                                                                                  The CCE Container Storage (Everest) version must be 1.2.8 or later. This add-on identifies the mount options and transfers them to the underlying storage resources. The parameter settings take effect only if the underlying storage resources support the specified options.
                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                  Notes and Constraints
                                                                                                                                                                                                                                                                                                                  Mount options cannot be configured for Kata containers.
                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                  Notes and Constraints
                                                                                                                                                                                                                                                                                                                  Mount options cannot be configured for secure containers.
                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                  OBS Mount Options
                                                                                                                                                                                                                                                                                                                  When mounting an OBS volume, the Everest add-on presets the options described in Table 1 and Table 2 by default. The options in Table 1 are mandatory. 
                                                                                                                                                                                                                                                                                                                  
 
 
                                                                                                                                                                                                                                                                                                                  Table 1 Mounting a storage volume
                                                                                                                                                                                                                                                                                                                  Parameter
                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                  Description
                                                                                                                                                                                                                                                                                                                  
@@ -109,7 +109,7 @@
 
 
                                                                                                                                                                                                                                                                                                                  
 
-
                                                                                                                                                                                                                                                                                                                  Automatically Creating an OBS Volume Through kubectl
                                                                                                                                                                                                                                                                                                                  1. Use kubectl to access the cluster.
                                                                                                                                                                                                                                                                                                                  2. Use StorageClass to dynamically create a PVC and PV.
                                                                                                                                                                                                                                                                                                                    1. Create the pvc-obs-auto.yaml file.
                                                                                                                                                                                                                                                                                                                      apiVersion: v1
+
                                                                                                                                                                                                                                                                                                                      Automatically Creating an OBS Bucket Using kubectl
                                                                                                                                                                                                                                                                                                                      1. Use kubectl to access the cluster.
                                                                                                                                                                                                                                                                                                                      2. Use StorageClass to dynamically create a PVC and PV.
                                                                                                                                                                                                                                                                                                                        1. Create the pvc-obs-auto.yaml file.
                                                                                                                                                                                                                                                                                                                          apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
   name: pvc-obs-auto
@@ -119,7 +119,7 @@ metadata:
     csi.storage.k8s.io/fstype: obsfs        # Instance type
     csi.storage.k8s.io/node-publish-secret-name: <your_secret_name>       # Custom secret name
     csi.storage.k8s.io/node-publish-secret-namespace: <your_namespace>    # Namespace of the custom secret
-    everest.io/csi.volume-name-prefix: test  # (Optional) Storage volume name prefix of the automatically created underlying storage
+    everest.io/csi.volume-name-prefix: test  # (Optional) Storage volume name prefix of the automatically created underlying storage
 spec:
   accessModes:
     - ReadWriteMany             # The value must be ReadWriteMany for OBS.
@@ -182,7 +182,7 @@ spec:
 
                                                                                                                                                                                                                                                                                                                  Yes
                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                  Requested capacity in the PVC, in Gi.
                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                  For OBS, this field is used only for verification (cannot be empty or 0). Its value is fixed at 1, and any value you set does not take effect for OBS.
                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                  For OBS, this parameter is only for verification. It must not be empty or 0, and its value is fixed at 1Gi. Any value you set will not take effect.
                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                  storageClassName
                                                                                                                                                                                                                                                                                                                  
@@ -233,7 +233,7 @@ spec:
 
                                                                                                                                                                                                                                                                                                                  Expected output:
                                                                                                                                                                                                                                                                                                                  web-demo-846b489584-mjhm9   1/1     Running   0             46s
 web-demo-846b489584-wvv5s   1/1     Running   0             46s
                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                3. Run the following commands in sequence to view the files in the /data path of the pods:
                                                                                                                                                                                                                                                                                                                  kubectl exec web-demo-846b489584-mjhm9 -- ls /data
+
                                                                                                                                                                                                                                                                                                                4. Run the following commands in sequence to check the files in the /data path of the pods:
                                                                                                                                                                                                                                                                                                                  kubectl exec web-demo-846b489584-mjhm9 -- ls /data
 kubectl exec web-demo-846b489584-wvv5s -- ls /data
                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                  If no result is returned for both pods, no file exists in the /data path.
                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                  5. 
@@ -301,7 +301,7 @@ static
                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                  View, copy, or download the YAML file of a PVC or PV.
                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                  1. Choose Storage in the navigation pane. In the right pane, click the PVCs or PVs tab.
                                                                                                                                                                                                                                                                                                                  2. Click View YAML in the Operation column of the target PVC or PV to view or download the YAML.
                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                  1. Choose Storage in the navigation pane. In the right pane, click the PVCs or PVs tab.
                                                                                                                                                                                                                                                                                                                  2. Click View YAML in the Operation column of the target PVC or PV to view, copy, or download the YAML.
                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                  
 
 
 
                                                                                                                                                                                                                                                                                                                  
-
@@ -110,7 +110,7 @@
 
 
                                                                                                                                                                                                                                                                                                                  Table 1 Mandatory mount options configured by default
                                                                                                                                                                                                                                                                                                                  Parameter
                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                  Supported Object Storage Type
                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                  Supported Object StorageClass
                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                  Value
                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                  
-
@@ -184,7 +184,7 @@ spec:
   accessModes:
   - ReadWriteMany    # Access mode. The value must be ReadWriteMany for OBS.
   capacity:
-    storage: 1Gi     # OBS volume capacity
+    storage: 1Gi     # Storage capacity. This parameter is only for verification. It must not be empty or 0, but the specified size will not take effect.
   csi:
     driver: obs.csi.everest.io        # Dependent storage driver for the mounting
     fsType: obsfs                     # Instance type
@@ -200,14 +200,14 @@ spec:
   storageClassName: csi-obs               # StorageClass name
   mountOptions:                            # Mount options
   - umask=027
-
                                                                                                                                                                                                                                                                                                                5. After a PV is created, you can create a PVC and bind it to the PV, and then mount the PV to the container in the workload. For details, see Using an Existing OBS Bucket Through a Static PV.
                                                                                                                                                                                                                                                                                                                6. Check whether the mount options take effect.
                                                                                                                                                                                                                                                                                                                  In this example, the PVC is mounted to the workload that uses the nginx:latest image. You can log in to the node where the pod to which the OBS volume is mounted resides and view the progress details.
                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                7. After creating a PV, you can create a PVC, bind it to the PV, and mount the PV to the containers in the workload. For details, see Using an Existing OBS Bucket Through a Static PV.
                                                                                                                                                                                                                                                                                                                8. Check whether the mount options are effective.
                                                                                                                                                                                                                                                                                                                  In this example, the PVC is mounted to the workload that uses the nginx:latest image. You can log in to the node where the pod to which the OBS volume is mounted resides and view the progress details.
                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                  Run the following command:
                                                                                                                                                                                                                                                                                                                  • Object bucket: ps -ef | grep s3fs
                                                                                                                                                                                                                                                                                                                    root     22142     1  0 Jun03 ?        00:00:00 /usr/bin/s3fs {your_obs_name} /mnt/paas/kubernetes/kubelet/pods/{pod_uid}/volumes/kubernetes.io~csi/{your_pv_name}/mount -o url=https://{endpoint}:443 -o endpoint={region} -o passwd_file=/opt/everest-host-connector/***_obstmpcred/{your_obs_name} -o nonempty -o big_writes -o sigv2 -o allow_other -o no_check_certificate -o ssl_verify_hostname=0 -o umask=027 -o max_write=131072 -o multipart_size=20
                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                  • Parallel file system: ps -ef | grep obsfs
                                                                                                                                                                                                                                                                                                                    root      1355     1  0 Jun03 ?        00:03:16 /usr/bin/obsfs {your_obs_name} /mnt/paas/kubernetes/kubelet/pods/{pod_uid}/volumes/kubernetes.io~csi/{your_pv_name}/mount -o url=https://{endpoint}:443 -o endpoint={region} -o passwd_file=/opt/everest-host-connector/***_obstmpcred/{your_obs_name} -o allow_other -o nonempty -o big_writes -o use_ino -o no_check_certificate -o ssl_verify_hostname=0 -o max_background=100 -o umask=027 -o max_write=131072
                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                  9. 
-
                                                                                                                                                                                                                                                                                                                  Configuring Mount Options in a StorageClass
                                                                                                                                                                                                                                                                                                                  You can use the mountOptions field to configure mount options in a StorageClass. The options you can configure in mountOptions are listed in OBS Mount Options.
                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                  Configuring Mount Options in a StorageClass
                                                                                                                                                                                                                                                                                                                  You can use mountOptions to configure mount options in a StorageClass. The options you can configure in mountOptions are listed in OBS Mount Options.
                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                  1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                                                                                                                  2. Create a custom StorageClass. Example:
                                                                                                                                                                                                                                                                                                                    kind: StorageClass
 apiVersion: storage.k8s.io/v1
 metadata:
@@ -221,7 +221,7 @@ reclaimPolicy: Delete
 volumeBindingMode: Immediate
 mountOptions:                            # Mount options
 - umask=027
                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                  3. After the StorageClass is configured, you can use it to create a PVC. By default, the dynamically created PVs inherit the mount options configured in the StorageClass. For details, see Using an OBS Bucket Through a Dynamic PV.
                                                                                                                                                                                                                                                                                                                  4. Check whether the mount options take effect.
                                                                                                                                                                                                                                                                                                                    In this example, the PVC is mounted to the workload that uses the nginx:latest image. You can log in to the node where the pod to which the OBS volume is mounted resides and view the progress details.
                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                  5. After the StorageClass is configured, you can use it to create a PVC. By default, dynamically created PVs inherit the mount options configured in the StorageClass. For details, see Using an OBS Bucket Through a Dynamic PV.
                                                                                                                                                                                                                                                                                                                  6. Check whether the mount options are effective.
                                                                                                                                                                                                                                                                                                                    In this example, the PVC is mounted to the workload that uses the nginx:latest image. You can log in to the node where the pod to which the OBS volume is mounted resides and view the progress details.
                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                    Run the following command:
                                                                                                                                                                                                                                                                                                                    • Object bucket: ps -ef | grep s3fs
                                                                                                                                                                                                                                                                                                                      root     22142     1  0 Jun03 ?        00:00:00 /usr/bin/s3fs {your_obs_name} /mnt/paas/kubernetes/kubelet/pods/{pod_uid}/volumes/kubernetes.io~csi/{your_pv_name}/mount -o url=https://{endpoint}:443 -o endpoint={region} -o passwd_file=/opt/everest-host-connector/***_obstmpcred/{your_obs_name} -o nonempty -o big_writes -o sigv2 -o allow_other -o no_check_certificate -o ssl_verify_hostname=0 -o umask=027 -o max_write=131072 -o multipart_size=20
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                    • Parallel file system: ps -ef | grep obsfs
                                                                                                                                                                                                                                                                                                                      root      1355     1  0 Jun03 ?        00:03:16 /usr/bin/obsfs {your_obs_name} /mnt/paas/kubernetes/kubelet/pods/{pod_uid}/volumes/kubernetes.io~csi/{your_pv_name}/mount -o url=https://{endpoint}:443 -o endpoint={region} -o passwd_file=/opt/everest-host-connector/***_obstmpcred/{your_obs_name} -o allow_other -o nonempty -o big_writes -o use_ino -o no_check_certificate -o ssl_verify_hostname=0 -o max_background=100 -o umask=027 -o max_write=131072
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                    
@@ -231,7 +231,7 @@ volumeBindingMode: Immediate
 
                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                    Parent topic: Object Storage Service
                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                    Parent topic: OBS
                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                    
 
diff --git a/docs/cce/umn/cce_10_0633.html b/docs/cce/umn/cce_10_0633.html
index be64f576e..8a183706f 100644
--- a/docs/cce/umn/cce_10_0633.html
+++ b/docs/cce/umn/cce_10_0633.html
@@ -1,6 +1,6 @@
 
 
-
                                                                                                                                                                                                                                                                                                                    Overview
                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                    Local PV Overview
                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                    Introduction
                                                                                                                                                                                                                                                                                                                    CCE allows you to use LVM to combine data volumes on nodes into a storage pool (VolumeGroup) and create LVs for containers to mount. A PV that uses a local persistent volume as the medium is considered local PV.
                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                    Compared with the hostPath volume, the local PV can be used in a persistent and portable manner. In addition, the PV of the local PV has the node affinity configuration. The pod mounted to the local PV is automatically scheduled based on the affinity configuration. You do not need to manually schedule the pod to a specific node.
                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                    
diff --git a/docs/cce/umn/cce_10_0634.html b/docs/cce/umn/cce_10_0634.html
index e209acf58..8a1c1f93c 100644
--- a/docs/cce/umn/cce_10_0634.html
+++ b/docs/cce/umn/cce_10_0634.html
@@ -5,7 +5,7 @@
 
                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                    Notes and Constraints
                                                                                                                                                                                                                                                                                                                    • Local PVs are supported only when the cluster version is v1.21.2-r0 or later and the Everest add-on version is 2.1.23 or later. Version 2.1.23 or later is recommended.
                                                                                                                                                                                                                                                                                                                    • Removing, deleting, resetting, or scaling a node will cause the loss of the PVC/PV data of the local PV associated with the node. The lost data cannot be restored, and the affected PVC/PV cannot be used again. In these scenarios, the pod that uses the local PV is evicted from the node. A new pod will be created and stay in the pending state. This is because the PVC used by the pod has a node label, due to which the pod cannot be scheduled. After the node is reset, the pod may be scheduled to the reset node. In this case, the pod remains in the creating state because the underlying logical volume corresponding to the PVC does not exist.
                                                                                                                                                                                                                                                                                                                    • Do not manually delete the corresponding storage pool or detach data disks from the node. Otherwise, exceptions such as data loss may occur.
                                                                                                                                                                                                                                                                                                                    • Local PVs are in non-shared mode and cannot be mounted to multiple workloads or tasks concurrently. Additionally, local PVs cannot be mounted to multiple pods of a workload concurrently.
                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                    Automatically Creating a Local PV on the Console
                                                                                                                                                                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                    2. Dynamically create a PVC and PV.
                                                                                                                                                                                                                                                                                                                      1. Choose Storage in the navigation pane. In the right pane, click the PVCs tab. Click Create PVC in the upper right corner. In the dialog box displayed, configure PVC parameters.
+
                                                                                                                                                                                                                                                                                                                        Dynamically Creating a Local PV Using the Console
                                                                                                                                                                                                                                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                        2. Dynamically create a PVC and PV.
                                                                                                                                                                                                                                                                                                                          1. Choose Storage in the navigation pane. In the right pane, click the PVCs tab. Click Create PVC in the upper right corner. In the dialog box displayed, configure PVC parameters.
 
                                                                                                                                                                                                                                                                                                                  Table 2 Optional mount options configured by default
                                                                                                                                                                                                                                                                                                                  Parameter
                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                  Supported Object Storage Type
                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                  Supported Object StorageClass
                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                  Value
                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                  Parameter
                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                  Description
                                                                                                                                                                                                                                                                                                                  
@@ -30,7 +30,7 @@
 
                                                                                                                                                                                                                                                                                                                  Storage Classes
                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                  The default StorageClass of local PVs is csi-local-topology.
                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                  You can customize a StorageClass and configure its reclaim policy and binding mode. For details, see Creating a StorageClass Using the CCE Console.
                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                  You can customize a StorageClass and configure its reclaim policy and binding mode. For details, see Creating a StorageClass Through the Console.
                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                  (Optional) Storage Volume Name Prefix
                                                                                                                                                                                                                                                                                                                  
@@ -65,7 +65,7 @@
 
                                                                                                                                                                                                                                                                                                                   
                                                                                                                                                                                                                                                                                                                  The volume binding mode of the local storage class (named csi-local-topology) is late binding (that is, the value of volumeBindingMode is WaitForFirstConsumer). In this mode, PV creation and binding are delayed. The corresponding PV is created and bound only when the PVC is used during workload creation.
                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                  
 
-
                                                                                                                                                                                                                                                                                                                9. Create an application.
                                                                                                                                                                                                                                                                                                                  1. Choose Workloads in the navigation pane. In the right pane, click the Deployments tab.
                                                                                                                                                                                                                                                                                                                  2. Click Create Workload in the upper right corner. On the displayed page, click Data Storage in the Container Information area under Container Settings and choose Add Volume > PVC.
                                                                                                                                                                                                                                                                                                                    Mount and use storage volumes, as shown in Table 1. For details about other parameters, see Workloads.
+
                                                                                                                                                                                                                                                                                                                  3. Create an application.
                                                                                                                                                                                                                                                                                                                    1. Choose Workloads in the navigation pane. In the right pane, click the Deployments tab.
                                                                                                                                                                                                                                                                                                                    2. Click Create Workload in the upper right corner. On the displayed page, click Data Storage in the Container Information area under Container Settings and choose Add Volume > PVC.
                                                                                                                                                                                                                                                                                                                      Mount and use storage volumes. For details about the parameters, see Table 1. For other parameters, see Workloads.
 
                                                                                                                                                                                                                                                                                                                      
-
diff --git a/docs/cce/umn/cce_10_0635.html b/docs/cce/umn/cce_10_0635.html
index b05663dd2..0e66d66b3 100644
--- a/docs/cce/umn/cce_10_0635.html
+++ b/docs/cce/umn/cce_10_0635.html
@@ -7,7 +7,7 @@
 
                                                                                                                                                                                                                                                                                                                      Prerequisites
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      Dynamically Mounting a Local PV on the Console
                                                                                                                                                                                                                                                                                                                      1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                      2. Choose Workloads in the navigation pane. In the right pane, click the StatefulSets tab.
                                                                                                                                                                                                                                                                                                                      3. Click Create Workload in the upper right corner. On the displayed page, click Data Storage in the Container Information area under Container Settings and choose Add Volume > VCT.
                                                                                                                                                                                                                                                                                                                      4. Click Create PVC. In the dialog box displayed, configure the volume claim template parameters.
                                                                                                                                                                                                                                                                                                                        Click Create.
+
                                                                                                                                                                                                                                                                                                                        Dynamically Mounting a Local PV Using the Console
                                                                                                                                                                                                                                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                        2. Choose Workloads in the navigation pane. In the right pane, click the StatefulSets tab.
                                                                                                                                                                                                                                                                                                                        3. Click Create Workload in the upper right corner. On the displayed page, click Data Storage in the Container Information area under Container Settings and choose Add Volume > VCT.
                                                                                                                                                                                                                                                                                                                        4. Click Create PVC. In the dialog box displayed, configure the volume claim template parameters.
                                                                                                                                                                                                                                                                                                                          Click Create.
 
                                                                                                                                                                                                                                                                                                                      Table 1 Mounting a storage volume
                                                                                                                                                                                                                                                                                                                      Parameter
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      Description
                                                                                                                                                                                                                                                                                                                      
@@ -106,13 +106,13 @@
 
 
                                                                                                                                                                                                                                                                                                                      
 
-
                                                                                                                                                                                                                                                                                                                      Automatically Creating a Local PV Through kubectl
                                                                                                                                                                                                                                                                                                                      1. Use kubectl to access the cluster.
                                                                                                                                                                                                                                                                                                                      2. Use StorageClass to dynamically create a PVC and PV.
                                                                                                                                                                                                                                                                                                                        1. Create the pvc-local.yaml file.
                                                                                                                                                                                                                                                                                                                          apiVersion: v1
+
                                                                                                                                                                                                                                                                                                                          Dynamically Creating a Local PV Using kubectl
                                                                                                                                                                                                                                                                                                                          1. Use kubectl to access the cluster.
                                                                                                                                                                                                                                                                                                                          2. Use StorageClass to dynamically create a PVC and PV.
                                                                                                                                                                                                                                                                                                                            1. Create the pvc-local.yaml file.
                                                                                                                                                                                                                                                                                                                              apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
   name: pvc-local
   namespace: default
   annotations:
-    everest.io/csi.volume-name-prefix: test  # (Optional) Storage volume name prefix of the automatically created underlying storage
+    everest.io/csi.volume-name-prefix: test  # (Optional) Storage volume name prefix of the automatically created underlying storage
 spec:
   accessModes:
     - ReadWriteOnce             # The value must be ReadWriteOnce for local PVs.
@@ -182,7 +182,7 @@ spec:
       - name: container-1
         image: nginx:latest
         volumeMounts:
-        - name: pvc-disk    # Volume name, which must be the same as the volume name in the volumes field.
+        - name: pvc-disk    # Volume name, which must be the same as the volume name in the volumes field
           mountPath: /data  # Location where the storage volume is mounted
       imagePullSecrets:
         - name: default-secret
@@ -259,7 +259,7 @@ spec:
 
 
                                                                                                                                                                                                                                                                                                                      View, copy, or download the YAML file of a PVC or PV.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      1. Choose Storage in the navigation pane. In the right pane, click the PVCs or PVs tab.
                                                                                                                                                                                                                                                                                                                      2. Click View YAML in the Operation column of the target PVC or PV to view or download the YAML.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      1. Choose Storage in the navigation pane. In the right pane, click the PVCs or PVs tab.
                                                                                                                                                                                                                                                                                                                      2. Click View YAML in the Operation column of the target PVC or PV to view, copy, or download the YAML.
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      
 
 
                                                                                                                                                                                                                                                                                                                      
-
diff --git a/docs/cce/umn/cce_10_0636.html b/docs/cce/umn/cce_10_0636.html
index 16034c5f1..e341bd2b1 100644
--- a/docs/cce/umn/cce_10_0636.html
+++ b/docs/cce/umn/cce_10_0636.html
@@ -1,11 +1,11 @@
 
 
-
                                                                                                                                                                                                                                                                                                                      Ephemeral Volumes
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      emptyDir
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                      • Overview
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                      • emptyDir Overview
                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                        • 
 
                                                                                                                                                                                                                                                                                                                      • Importing an EV to a Storage Pool
                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                        • 
diff --git a/docs/cce/umn/cce_10_0637.html b/docs/cce/umn/cce_10_0637.html
index 9ade09d9b..09171b830 100644
--- a/docs/cce/umn/cce_10_0637.html
+++ b/docs/cce/umn/cce_10_0637.html
@@ -1,6 +1,6 @@
 
 
-
                                                                                                                                                                                                                                                                                                                        Overview
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        emptyDir Overview
                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                        Introduction
                                                                                                                                                                                                                                                                                                                        Some applications require additional storage, but whether the data is still available after a restart is not important. For example, although cache services are limited by memory size, cache services can move infrequently used data to storage slower than memory. As a result, overall performance is not impacted significantly. Other applications require read-only data injected as files, such as configuration data or secrets.
                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                        Ephemeral volumes (EVs) in Kubernetes are designed for the above scenario. EVs are created and deleted together with pods following the pod lifecycle.
                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                        Common EVs in Kubernetes:
                                                                                                                                                                                                                                                                                                                        • emptyDir: empty at pod startup, with storage coming locally from the kubelet base directory (usually the root disk) or memory. emptyDir is allocated from the EV of the node. If data from other sources (such as log files or image tiering data) occupies the ephemeral storage, the storage capacity may be insufficient.
                                                                                                                                                                                                                                                                                                                        • ConfigMap: Kubernetes data of the ConfigMap type is mounted to pods as data volumes.
                                                                                                                                                                                                                                                                                                                        • Secret: Kubernetes data of the Secret type is mounted to pods as data volumes.
                                                                                                                                                                                                                                                                                                                        
@@ -14,7 +14,7 @@
 
                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                        Parent topic: Ephemeral Volumes
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        Parent topic: emptyDir
                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                        
 
diff --git a/docs/cce/umn/cce_10_0638.html b/docs/cce/umn/cce_10_0638.html
index 26ed9de90..c31ef6ff7 100644
--- a/docs/cce/umn/cce_10_0638.html
+++ b/docs/cce/umn/cce_10_0638.html
@@ -2,7 +2,7 @@
 
 
                                                                                                                                                                                                                                                                                                                        Temporary Path
                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                        A temporary path is of the Kubernetes-native emptyDir type. Its lifecycle is the same as that of a pod. Memory can be specified as the storage medium. When the pod is deleted, the emptyDir volume is deleted and its data is lost.
                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                        Using a Temporary Path on the Console
                                                                                                                                                                                                                                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                        2. Choose Workloads in the navigation pane. In the right pane, click the Deployments tab.
                                                                                                                                                                                                                                                                                                                        3. Click Create Workload in the upper right corner. On the displayed page, click Data Storage in the Container Information area under Container Settings and choose Add Volume > emptyDir.
                                                                                                                                                                                                                                                                                                                        4. Mount and use storage volumes, as shown in Table 1. For details about other parameters, see Workloads.
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                          Using a Temporary Path Through the Console
                                                                                                                                                                                                                                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                          2. Choose Workloads in the navigation pane. In the right pane, click the Deployments tab.
                                                                                                                                                                                                                                                                                                                          3. Click Create Workload in the upper right corner. On the displayed page, click Data Storage in the Container Information area under Container Settings and choose Add Volume > emptyDir.
                                                                                                                                                                                                                                                                                                                          4. Mount and use storage volumes. For details about the parameters, see Table 1. For other parameters, see Workloads.
                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                      Parameter
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      Description
                                                                                                                                                                                                                                                                                                                      
@@ -32,7 +32,7 @@
 
                                                                                                                                                                                                                                                                                                                      Storage Classes
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      The default StorageClass of local PVs is csi-local-topology.
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      You can customize a StorageClass and configure its reclaim policy and binding mode. For details, see Creating a StorageClass Using the CCE Console.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      You can customize a StorageClass and configure its reclaim policy and binding mode. For details, see Creating a StorageClass Through the Console.
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      (Optional) Storage Volume Name Prefix
                                                                                                                                                                                                                                                                                                                      
@@ -97,7 +97,7 @@
 
                                                                                                                                                                                                                                                                                                                    3. Dynamically mount and use storage volumes. For details about other parameters, see Creating a StatefulSet. After the configuration, click Create Workload.
                                                                                                                                                                                                                                                                                                                      After the workload is created, the data in the container mount directory will be persistently stored. Verify the storage by referring to Verifying Data Persistence.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      4. 
 
-
                                                                                                                                                                                                                                                                                                                      Dynamically Mounting a Local PV Through kubectl
                                                                                                                                                                                                                                                                                                                      1. Use kubectl to access the cluster.
                                                                                                                                                                                                                                                                                                                      2. Create a file named statefulset-local.yaml. In this example, the local PV is mounted to the /data path.
                                                                                                                                                                                                                                                                                                                        apiVersion: apps/v1
+
                                                                                                                                                                                                                                                                                                                        Dynamically Mounting a Local PV Using kubectl
                                                                                                                                                                                                                                                                                                                        1. Use kubectl to access the cluster.
                                                                                                                                                                                                                                                                                                                        2. Create a file named statefulset-local.yaml. In this example, the local PV is mounted to the /data path.
                                                                                                                                                                                                                                                                                                                          apiVersion: apps/v1
 kind: StatefulSet
 metadata:
   name: statefulset-local
@@ -245,7 +245,7 @@ statefulset-local-1          1/1     Running   0             28s
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                      		
 
                                                                                                                                                                                                                                                                                                                      View, copy, or download the YAML file of a PVC or PV.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      1. Choose Storage in the navigation pane. In the right pane, click the PVCs or PVs tab.
                                                                                                                                                                                                                                                                                                                      2. Click View YAML in the Operation column of the target PVC or PV to view or download the YAML.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      1. Choose Storage in the navigation pane. In the right pane, click the PVCs or PVs tab.
                                                                                                                                                                                                                                                                                                                      2. Click View YAML in the Operation column of the target PVC or PV to view, copy, or download the YAML.
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      
 
 
 
                                                                                                                                                                                                                                                                                                                      
-
-
@@ -221,7 +221,7 @@ spec:
 
-
                                                                                                                                                                                                                                                                                                                      Table 1 Mounting a temporary path
                                                                                                                                                                                                                                                                                                                      Parameter
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      Description
                                                                                                                                                                                                                                                                                                                      
@@ -76,7 +76,7 @@ spec:
 
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      Parent topic: Ephemeral Volumes
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Parent topic: emptyDir
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      
 
diff --git a/docs/cce/umn/cce_10_0642.html b/docs/cce/umn/cce_10_0642.html
index ae757d398..b9d4267cf 100644
--- a/docs/cce/umn/cce_10_0642.html
+++ b/docs/cce/umn/cce_10_0642.html
@@ -3,14 +3,14 @@
 
                                                                                                                                                                                                                                                                                                                      Importing a PV to a Storage Pool
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      CCE allows you to use LVM to combine data volumes on nodes into a storage pool (VolumeGroup) and create LVs for containers to mount. Before creating a local PV, import the data disk of the node to the storage pool.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Notes and Constraints
                                                                                                                                                                                                                                                                                                                      • Local PVs are supported only when the cluster version is v1.21.2-r0 or later and the Everest add-on version is 2.1.23 or later. Version 2.1.23 or later is recommended.
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      • The first data disk (used by container runtime and the kubelet component) on a node cannot be imported as a storage pool.
                                                                                                                                                                                                                                                                                                                      • Storage pools in striped mode do not support scale-out. After scale-out, fragmented space may be generated and the storage pool cannot be used.
                                                                                                                                                                                                                                                                                                                      • Storage pools cannot be scaled in or deleted.
                                                                                                                                                                                                                                                                                                                      • If disks in a storage pool on a node are deleted, the storage pool will malfunction.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      • Data disks used by the container runtime and Kubernetes components cannot be imported into a storage pool.
                                                                                                                                                                                                                                                                                                                      • Storage pools in striped mode do not support scale-out. After scale-out, fragmented space may be generated and the storage pool cannot be used.
                                                                                                                                                                                                                                                                                                                      • Storage pools cannot be scaled in or deleted.
                                                                                                                                                                                                                                                                                                                      • If disks in a storage pool on a node are deleted, the storage pool will malfunction.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Importing a Storage Pool
                                                                                                                                                                                                                                                                                                                      Imported during node creation
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      When creating a node, you can add a data disk to the node in Storage Settings and import the data disk to the storage pool as a PV. For details, see Creating a Node.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Imported manually
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      If no PV is imported during node creation, or the capacity of the current PV is insufficient, you can manually import a PV.
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      1. Go to the ECS console and add a SCSI disk to the node. 
                                                                                                                                                                                                                                                                                                                      2. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                      3. Choose Storage in the navigation pane. In the right pane, click the Storage Pool tab.
                                                                                                                                                                                                                                                                                                                      4. View the node to which the disk has been added and select Import as PV. You can select a write mode during the import.
                                                                                                                                                                                                                                                                                                                         
                                                                                                                                                                                                                                                                                                                        If the manually attached disk is not displayed in the storage pool, wait for 1 minute and refresh the list.
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        1. Go to the ECS console and add a SCSI disk to the node. 
                                                                                                                                                                                                                                                                                                                        2. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                        3. Choose Storage in the navigation pane. In the right pane, click the Storage Pool tab.
                                                                                                                                                                                                                                                                                                                        4. View the node to which the disk has been added and select Import as PV. You can select a write mode during the import.
                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                          If the manually attached disk is not displayed in the storage pool, wait for 1 minute and refresh the list.
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          • Linear: A linear logical volume integrates one or more physical volumes. Data is written to the next physical volume when the previous one is used up.
                                                                                                                                                                                                                                                                                                                          • Striped: A striped logical volume stripes data into blocks of the same size and stores them in multiple physical volumes in sequence. This allows data to be concurrently read and written. Select this option only when there are multiple volumes.
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_10_0643.html b/docs/cce/umn/cce_10_0643.html
new file mode 100644
index 000000000..e3c1b5803
--- /dev/null
+++ b/docs/cce/umn/cce_10_0643.html
@@ -0,0 +1,24 @@
+
+
+
                                                                                                                                                                                                                                                                                                                        GPU Virtualization
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
+
diff --git a/docs/cce/umn/cce_10_0644.html b/docs/cce/umn/cce_10_0644.html
new file mode 100644
index 000000000..d07375d16
--- /dev/null
+++ b/docs/cce/umn/cce_10_0644.html
@@ -0,0 +1,65 @@
+
+
+
                                                                                                                                                                                                                                                                                                                        Overview
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        CCE uses xGPU virtualization technologies to dynamically divide the GPU memory and computing power. A single GPU can be virtualized into a maximum of 20 virtual GPU devices. Virtualization is more flexible than static allocation. You can specify the number of GPUs on the basis of stable service running to improve GPU utilization.
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        Advantages
                                                                                                                                                                                                                                                                                                                        The GPU virtualization function of CCE has the following advantages:
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        • Flexible: The GPU computing ratio and memory size are finely tuned. The allocation granularity for computing is 5% of GPUs, while the memory allocation is in MiB.
                                                                                                                                                                                                                                                                                                                        • Isolated: The memory of a single GPU can be isolated, and both GPU computing and memory can be isolated concurrently.
                                                                                                                                                                                                                                                                                                                        • Compatible: There is no need to recompile services or replace the CUDA library.
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        Prerequisites
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                        Item
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        Supported Version
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        Cluster version
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        v1.23.8-r0, v1.25.3-r0, or later
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        OS
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        HCE OS 2.0 with the kernel version of 5.10 or later
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        GPU type
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        Tesla T4 and Tesla V100
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        Driver version
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        535.216.03, 535.54.03, 510.47.03, and 470.57.02
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        CUDA version
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        CUDA 12.2.0 to 12.8.0
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        Runtime
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        containerd
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        Add-on
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        The following add-ons must be installed in the cluster:
+
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        Notes and Constraints
                                                                                                                                                                                                                                                                                                                        • A single GPU can be virtualized into a maximum of 20 virtual GPU devices.
                                                                                                                                                                                                                                                                                                                        • Virtual GPUs cannot be used in init containers.
                                                                                                                                                                                                                                                                                                                        • GPU virtualization supports GPU memory isolation and isolation between GPU memory and computing power. A single GPU can schedule only workloads in the same isolation mode.
                                                                                                                                                                                                                                                                                                                        • Autoscaler does not support automatic scaling of virtual GPU nodes in clusters of v1.26 or earlier.
                                                                                                                                                                                                                                                                                                                        • When isolation is required, virtual GPUs do not support requesting GPU memory using the CUDA API cudaMallocManaged(), which is also known as Unified Virtual Memory (UVM). For more information, see NVIDIA official documents. Use other methods to request for GPU memory, for example, by calling cudaMalloc().
                                                                                                                                                                                                                                                                                                                        • When a containerized application is initializing, the real-time compute monitored by the nvidia-smi may exceed the upper limit of the available compute of the container.
                                                                                                                                                                                                                                                                                                                        • Due to GPU virtualization limitations, compute and GPU memory isolation backed by GPU virtualization is not applicable in rendering scenarios. For rendering, use either whole GPUs or GPU memory isolation.
                                                                                                                                                                                                                                                                                                                        • When GPU virtualization is enabled on a node with multiple GPUs, insufficient GPU resources will not result in the preempting of GPU resources from other pods.
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        Process of GPU Virtualization
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        Parent topic: GPU Virtualization
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
diff --git a/docs/cce/umn/cce_10_0645.html b/docs/cce/umn/cce_10_0645.html
new file mode 100644
index 000000000..6f742fd32
--- /dev/null
+++ b/docs/cce/umn/cce_10_0645.html
@@ -0,0 +1,69 @@
+
+
+
                                                                                                                                                                                                                                                                                                                        Preparing Virtualized GPU Resources
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        CCE uses xGPU virtualization technologies to dynamically divide the GPU memory and computing power. A single GPU can be virtualized into a maximum of 20 virtual GPU devices. This section describes how to implement GPU scheduling and isolation capabilities on GPU nodes.
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        Prerequisites
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                        Item
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        Supported Version
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        Cluster version
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        v1.23.8-r0, v1.25.3-r0, or later
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        OS
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        HCE OS 2.0 with the kernel version of 5.10 or later
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        GPU type
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        Tesla T4 and Tesla V100
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        Driver version
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        535.216.03, 535.54.03, 510.47.03, and 470.57.02
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        CUDA version
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        CUDA 12.2.0 to 12.8.0
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        Runtime
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        containerd
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        Add-on
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        The following add-ons must be installed in the cluster:
+
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        Step 1: Enable GPU Virtualization
                                                                                                                                                                                                                                                                                                                        Both CCE AI Suite (NVIDIA GPU) and Volcano Scheduler must be installed in the cluster.
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Settings.
                                                                                                                                                                                                                                                                                                                        2. Switch to the Heterogeneous Resources tab and enable GPU Virtualization. 
                                                                                                                                                                                                                                                                                                                          • Node pool-level GPU virtualization: If CCE AI Suite (NVIDIA GPU) of version 2.7.2 or later is installed, GPU virtualization can be configured by node pool.
                                                                                                                                                                                                                                                                                                                            1. In Node Pool Configurations under GPU Settings, click Add.
                                                                                                                                                                                                                                                                                                                            2. In the Node Pools list, select the node pool where you want to enable GPU virtualization and choose a driver that supports GPU virtualization from Driver. After you customize a GPU driver for a node pool, nodes in that pool will preferentially use the custom driver. Nodes for which no driver is specified will use the cluster's default driver.
                                                                                                                                                                                                                                                                                                                               
                                                                                                                                                                                                                                                                                                                              • The specified driver version will be installed for new nodes added to the pool. This configuration does not affect existing nodes in the pool.
                                                                                                                                                                                                                                                                                                                              • An updated driver version applies only to new nodes added to the node pool. Existing nodes must be restarted to apply the changes.
                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                            3. Click  under GPU Virtualization to enable GPU virtualization for the node pool. To configure GPU virtualization for multiple node pools, click Add.
                                                                                                                                                                                                                                                                                                                            4. In the lower right corner of the page, click Confirm Settings.
                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                        3. After configuring GPU virtualization, verify the settings.
                                                                                                                                                                                                                                                                                                                          In the navigation pane, choose Cluster > Nodes. In the right pane, click the Nodes tab and find the node where GPU virtualization has been configured. In the Operation column of the target node, choose More > View YAML. If the node-status.volcano.sh/nvidia value in the YAML file is {"enableXGPU":true}, GPU virtualization has been configured on the node.
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        Step 2: Create a GPU Node
                                                                                                                                                                                                                                                                                                                        Create nodes that support GPU virtualization in the cluster to use the GPU virtualization function. For details, see Creating a Node or Creating a Node Pool. If there are GPU nodes in your cluster that meet the prerequisites requirements, skip this step.
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        Parent topic: GPU Virtualization
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
diff --git a/docs/cce/umn/cce_10_0646.html b/docs/cce/umn/cce_10_0646.html
new file mode 100644
index 000000000..ae1078f46
--- /dev/null
+++ b/docs/cce/umn/cce_10_0646.html
@@ -0,0 +1,202 @@
+
+
+
                                                                                                                                                                                                                                                                                                                        Using GPU Virtualization
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        This section describes how to use the GPU virtualization capability to isolate the computing power from the GPU memory and efficiently use GPU device resources.
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        Prerequisites
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        Notes and Constraints
                                                                                                                                                                                                                                                                                                                        • A single GPU can be virtualized into a maximum of 20 virtual GPU devices.
                                                                                                                                                                                                                                                                                                                        • Virtual GPUs cannot be used in init containers.
                                                                                                                                                                                                                                                                                                                        • GPU virtualization supports GPU memory isolation and isolation between GPU memory and computing power. A single GPU can schedule only workloads in the same isolation mode.
                                                                                                                                                                                                                                                                                                                        • Autoscaler does not support automatic scaling of virtual GPU nodes in clusters of v1.26 or earlier.
                                                                                                                                                                                                                                                                                                                        • When isolation is required, virtual GPUs do not support requesting GPU memory using the CUDA API cudaMallocManaged(), which is also known as Unified Virtual Memory (UVM). For more information, see NVIDIA official documents. Use other methods to request for GPU memory, for example, by calling cudaMalloc().
                                                                                                                                                                                                                                                                                                                        • When a containerized application is initializing, the real-time compute monitored by the nvidia-smi may exceed the upper limit of the available compute of the container.
                                                                                                                                                                                                                                                                                                                        • Due to GPU virtualization limitations, compute and GPU memory isolation backed by GPU virtualization is not applicable in rendering scenarios. For rendering, use either whole GPUs or GPU memory isolation.
                                                                                                                                                                                                                                                                                                                        • When GPU virtualization is enabled on a node with multiple GPUs, insufficient GPU resources will not result in the preempting of GPU resources from other pods.
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        Creating a GPU Virtualization Application
                                                                                                                                                                                                                                                                                                                        Using the CCE Console
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                        2. In the navigation pane, choose Workloads. In the upper right corner, click Create Workload.
                                                                                                                                                                                                                                                                                                                        3. Configure basic information of the workload.
                                                                                                                                                                                                                                                                                                                          In Basic Info under Container Settings, configure the GPU quota.
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                          • GPU memory: The unit is MiB. The value must be a positive integer that is a multiple of 128. If the value exceeds the memory of a single GPU, scheduling cannot be performed.
                                                                                                                                                                                                                                                                                                                          • Computing Power: The unit is %. The value must be a multiple of 5 and cannot exceed 100.
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                          • If the GPU memory is set to the capacity upper limit of a single GPU or the computing power is set to 100%, the entire GPU will be used.
                                                                                                                                                                                                                                                                                                                          • When GPU virtualization is used, the workload scheduler defaults to Volcano and cannot be changed.
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                          This section describes how to use GPU virtualization. For details about other parameters, see Workloads.
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                          After the configuration, click Create Workload.
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                        4. After a workload is created, you can try to verify the isolation capability of GPU virtualization.
                                                                                                                                                                                                                                                                                                                          1. Log in to the pod and check the total GPU memory allocated to the pod.
                                                                                                                                                                                                                                                                                                                            kubectl exec -it gpu-app -- nvidia-smi
                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                            Expected output:
                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                            Wed Apr 12 07:54:59 2023       
++-----------------------------------------------------------------------------+
+| NVIDIA-SMI 470.57.02   Driver Version: 470.57.02   CUDA Version: 11.4     |
+|-------------------------------+----------------------+----------------------+
+| GPU  Name        Persistence-M| Bus-Id        Disp.A | Volatile Uncorr. ECC |
+| Fan  Temp  Perf  Pwr:Usage/Cap|         Memory-Usage | GPU-Util  Compute M. |
+|                               |                      |               MIG M. |
+|===============================+======================+======================|
+|   0  Tesla V100-SXM2...  Off  | 00000000:21:01.0 Off |                    0 |
+| N/A   27C    P0    37W / 300W |   0MiB /  5120MiB |      0%      Default |
+|                               |                      |                  N/A |
++-------------------------------+----------------------+----------------------+
+
++-----------------------------------------------------------------------------+
+| Processes:                                                                  |
+|  GPU   GI   CI        PID   Type   Process name                  GPU Memory |
+|        ID   ID                                                   Usage      |
+|=============================================================================|
++-----------------------------------------------------------------------------+
                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                            The pod does not use GPU resources. Therefore, although the total GPU memory allocated to the container is 5120 MiB, the actual usage is 0 MiB. After GPU programs are deployed in the pod, the actual GPU usage will no longer be 0 MiB.
                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                          2. Run the following command on the node to check the isolation status of the GPU memory:
                                                                                                                                                                                                                                                                                                                            nvidia-smi
                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                            Expected output:
                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                            Wed Apr 12 09:31:10 2023        
++-----------------------------------------------------------------------------+
+| NVIDIA-SMI 470.57.02   Driver Version: 470.57.02   CUDA Version: 11.4     |
+|-------------------------------+----------------------+----------------------+
+| GPU  Name        Persistence-M| Bus-Id        Disp.A | Volatile Uncorr. ECC |
+| Fan  Temp  Perf  Pwr:Usage/Cap|         Memory-Usage | GPU-Util  Compute M. |
+|                               |                      |               MIG M. |
+|===============================+======================+======================|
+|   0  Tesla V100-SXM2...  Off  | 00000000:21:01.0 Off |                    0 |
+| N/A   27C    P0    37W / 300W |   0MiB / 16160MiB |      0%      Default |
+|                               |                      |                  N/A |
++-------------------------------+----------------------+----------------------+
+
++-----------------------------------------------------------------------------+
+| Processes:                                                                  |
+|  GPU   GI   CI        PID   Type   Process name                  GPU Memory |
+|        ID   ID                                                   Usage      |
+|=============================================================================|
+|  No running processes found                                                 |
++-----------------------------------------------------------------------------+
                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                            The expected output indicates that the total GPU memory on the GPU node is 16160 MiB. Since the sample pod does not run any GPU program, the used GPU memory is 0 MiB.
                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        Using kubectl
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        1. Use kubectl to access the cluster.
                                                                                                                                                                                                                                                                                                                        2. Create an application that uses GPU virtualization.
                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                          The GPU memory isolation and isolation between GPU memory and computing power are supported. The computing power cannot be isolated only. volcano.sh and gpu-core.percentage cannot be set separately.
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                          Create a gpu-app.yaml file. The following is an example:
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                          • Isolate GPU memory only:
                                                                                                                                                                                                                                                                                                                            apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: gpu-app
+  labels:
+    app: gpu-app
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: gpu-app
+  template: 
+    metadata:
+      labels:
+        app: gpu-app
+    spec:
+      containers:
+      - name: container-1
+        image: <your_image_address>     # Replace it with your image address.
+        resources:
+          limits:
+            volcano.sh/gpu-mem.128Mi: 40  # The GPU memory allocated to the pod. This value represents 5120 MiB (40 x 128 MiB).
+      imagePullSecrets:
+        - name: default-secret
+      schedulerName: volcano
                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                          • Isolate the GPU memory from computing power:
                                                                                                                                                                                                                                                                                                                            apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: gpu-app
+  labels:
+    app: gpu-app
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: gpu-app
+  template: 
+    metadata:
+      labels:
+        app: gpu-app
+    spec:
+      containers:
+      - name: container-1
+        image: <your_image_address>     # Replace it with your image address.
+        resources:
+          limits:
+            volcano.sh/gpu-mem.128Mi: 40  # The GPU memory allocated to the pod. This value represents 5120 MiB (40 x 128 MiB).
+            volcano.sh/gpu-core.percentage: 25    # The compute power allocated to the pod
+      imagePullSecrets:
+        - name: default-secret
+      schedulerName: volcano
                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                          
+
+
                                                                                                                                                                                                                                                                                                                          
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                          Table 1 Key parameters
                                                                                                                                                                                                                                                                                                                          Parameter
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                          Mandatory
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                          Description
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                          volcano.sh/gpu-mem.128Mi
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                          No
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                          The value is a positive integer that is a multiple of 128 in the unit of MiB. If the value exceeds the memory of a single GPU, scheduling cannot be performed.
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                          volcano.sh/gpu-core.percentage
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                          No
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                          The unit of the computing power is %. The value must be a multiple of 5 and cannot exceed 100.
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                          • If the GPU memory is set to the capacity upper limit of a single GPU or the computing power is set to 100%, the entire GPU will be used.
                                                                                                                                                                                                                                                                                                                          • When GPU virtualization is used, the workload scheduler defaults to Volcano and cannot be changed.
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                        3. Run the following command to create an application:
                                                                                                                                                                                                                                                                                                                          kubectl apply -f gpu-app.yaml
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                        4. Verify the isolation capability of GPU virtualization.
                                                                                                                                                                                                                                                                                                                          1. Log in to the pod and check the total GPU memory allocated to the pod.
                                                                                                                                                                                                                                                                                                                            kubectl exec -it gpu-app -- nvidia-smi
                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                            Expected output:
                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                            Wed Apr 12 07:54:59 2023       
++-----------------------------------------------------------------------------+
+| NVIDIA-SMI 470.57.02   Driver Version: 470.57.02   CUDA Version: 11.4     |
+|-------------------------------+----------------------+----------------------+
+| GPU  Name        Persistence-M| Bus-Id        Disp.A | Volatile Uncorr. ECC |
+| Fan  Temp  Perf  Pwr:Usage/Cap|         Memory-Usage | GPU-Util  Compute M. |
+|                               |                      |               MIG M. |
+|===============================+======================+======================|
+|   0  Tesla V100-SXM2...  Off  | 00000000:21:01.0 Off |                    0 |
+| N/A   27C    P0    37W / 300W |   0MiB /  5120MiB |      0%      Default |
+|                               |                      |                  N/A |
++-------------------------------+----------------------+----------------------+
+
++-----------------------------------------------------------------------------+
+| Processes:                                                                  |
+|  GPU   GI   CI        PID   Type   Process name                  GPU Memory |
+|        ID   ID                                                   Usage      |
+|=============================================================================|
++-----------------------------------------------------------------------------+
                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                            The pod does not use GPU resources. Therefore, although the total GPU memory allocated to the container is 5120 MiB, the actual usage is 0 MiB. After GPU programs are deployed in the pod, the actual GPU usage will no longer be 0 MiB.
                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                          2. Run the following command on the node to check the isolation status of the GPU memory:
                                                                                                                                                                                                                                                                                                                            nvidia-smi
                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                            Expected output:
                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                            Wed Apr 12 09:31:10 2023        
++-----------------------------------------------------------------------------+
+| NVIDIA-SMI 470.57.02   Driver Version: 470.57.02   CUDA Version: 11.4     |
+|-------------------------------+----------------------+----------------------+
+| GPU  Name        Persistence-M| Bus-Id        Disp.A | Volatile Uncorr. ECC |
+| Fan  Temp  Perf  Pwr:Usage/Cap|         Memory-Usage | GPU-Util  Compute M. |
+|                               |                      |               MIG M. |
+|===============================+======================+======================|
+|   0  Tesla V100-SXM2...  Off  | 00000000:21:01.0 Off |                    0 |
+| N/A   27C    P0    37W / 300W |   0MiB / 16160MiB |      0%      Default |
+|                               |                      |                  N/A |
++-------------------------------+----------------------+----------------------+
+
++-----------------------------------------------------------------------------+
+| Processes:                                                                  |
+|  GPU   GI   CI        PID   Type   Process name                  GPU Memory |
+|        ID   ID                                                   Usage      |
+|=============================================================================|
+|  No running processes found                                                 |
++-----------------------------------------------------------------------------+
                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                            The expected output indicates that the total GPU memory on the GPU node is 16160 MiB. Since the sample pod does not run any GPU program, the used GPU memory is 0 MiB.
                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        Parent topic: GPU Virtualization
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
diff --git a/docs/cce/umn/cce_10_0649.html b/docs/cce/umn/cce_10_0649.html
index 3601a3f59..b636844d1 100644
--- a/docs/cce/umn/cce_10_0649.html
+++ b/docs/cce/umn/cce_10_0649.html
@@ -4,7 +4,7 @@
 
                                                                                                                                                                                                                                                                                                                        Prerequisites
                                                                                                                                                                                                                                                                                                                        To use node flavor priorities, the Autoscaler version must be 1.19.35, 1.21.28, 1.23.30, 1.25.20, or later. To balance load among AZs, the version must be 1.23.122, 1.25.117, 1.27.85, 1.28.52, or later.
                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                        Elastic Capacity Expansion Policies
                                                                                                                                                                                                                                                                                                                        Node pools are scaled according to their priorities and flavor priorities.
                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                        1. Predictive flavor filtering:
                                                                                                                                                                                                                                                                                                                          • The predictive algorithm chooses proper flavors that meet the scheduling needs of pending pods from all node pools.
                                                                                                                                                                                                                                                                                                                          • When pods are scheduled, several factors are taken into account. These include checking if the node resources meet the requested resources of the pods, and verifying if the nodeSelector, nodeAffinity, and taints meet the conditions for pod scheduling.
                                                                                                                                                                                                                                                                                                                          • If certain node pool flavors experience scale-out failures, for example, due to insufficient resources, they will enter a 5-minute cooldown period. During this time, the scale-out algorithm will automatically exclude them from being considered.
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                        2. Node pool sorting by priority
                                                                                                                                                                                                                                                                                                                          Node pools are assigned priorities and sorted accordingly. The node pool with the highest priority is preferentially selected.
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                        3. Flavor selection by priority
                                                                                                                                                                                                                                                                                                                          When multiple node pools have the same highest priority, the flavor with the highest priority is selected according to the following rules:
                                                                                                                                                                                                                                                                                                                          
@@ -20,7 +20,7 @@
 
                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                        Parent topic: Scaling a Node
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        Parent topic: Node Scaling
                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                        
 
diff --git a/docs/cce/umn/cce_10_0651.html b/docs/cce/umn/cce_10_0651.html
index f1e6f9000..093456259 100644
--- a/docs/cce/umn/cce_10_0651.html
+++ b/docs/cce/umn/cce_10_0651.html
@@ -159,7 +159,7 @@ spec:
 
 
                                                                                                                                                                                                                                                                                                                      Bandwidth, in Mbit/s
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      The value range varies depending on the region and bandwidth billing mode. For details, see the page on the EIP console.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      The value range varies depending on the region and bandwidth billing mode. For details, see the EIP console.
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      yangtse.io/eip-network-type
                                                                                                                                                                                                                                                                                                                      
@@ -170,7 +170,7 @@ spec:
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      EIP type
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      The type varies depending on the region. For details, see the page on the EIP console.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      The type varies depending on the region. For details, see the EIP console.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Whether to allocate an EIP with a pod and bind the EIP to the pod
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      false or true
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      false or true
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      yangtse.io/eip-network-type
                                                                                                                                                                                                                                                                                                                      
@@ -233,7 +233,7 @@ spec:
 
                                                                                                                                                                                                                                                                                                                      EIP type
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      • 5_bgp
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      The specific type varies with regions. For details, see the EIP console.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      The types vary by region. For details, see the EIP console.
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      yangtse.io/eip-bandwidth-id
                                                                                                                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_10_0652.html b/docs/cce/umn/cce_10_0652.html
index 1e4a900e5..ae139f391 100644
--- a/docs/cce/umn/cce_10_0652.html
+++ b/docs/cce/umn/cce_10_0652.html
@@ -1,279 +1,376 @@
 
 
 
                                                                                                                                                                                                                                                                                                                      Modifying Node Pool Configurations
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      Notes and Constraints
                                                                                                                                                                                                                                                                                                                      The default node pool does not support the management operations described in this section.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      If the default node configurations of in cluster do not meet service requirements, you can customize parameters for core components, such as kubelet, kube-proxy, and the container engine, within the node pool. Fine-tuning these parameters allows for in-depth configuration, ensuring efficient resource utilization while meeting workload demands.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      The following parameters can be configured for a node pool:
 
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      Configuration Management
                                                                                                                                                                                                                                                                                                                      CCE allows you to highly customize Kubernetes parameter settings on core components in a cluster. For more information, see kubelet.
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      This function is supported only in clusters of v1.15 or later. It is not displayed for versions earlier than v1.15.
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                      2. Click the cluster name to access the cluster console. Choose Nodes in the navigation pane. In the right pane, click the Node Pools tab.
                                                                                                                                                                                                                                                                                                                      3. Click Manage in the Operation column of the target node pool
                                                                                                                                                                                                                                                                                                                      4. On the Manage Configurations page on the right, modify node pool parameter setting.
                                                                                                                                                                                                                                                                                                                        The following parameters can be configured for a node pool:
+
                                                                                                                                                                                                                                                                                                                        Notes and Constraints
                                                                                                                                                                                                                                                                                                                        • The configuration parameters of the default node pool (DefaultPool) cannot be modified.
                                                                                                                                                                                                                                                                                                                        • This function is supported only in clusters of v1.15 or later. It is not displayed for versions earlier than v1.15.
                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                      5. Click OK.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Using the Console
                                                                                                                                                                                                                                                                                                                      1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                      2. In the navigation pane, choose Nodes and click the Node Pools tab.
                                                                                                                                                                                                                                                                                                                      3. Locate the row containing the target node pool and choose More > Manage.
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                      4. In the Manage Component window, modify the node pool parameter values based on service requirements. For details about the parameters, see Cluster Configuration Parameters.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      kubelet
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      Item
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Using an API
                                                                                                                                                                                                                                                                                                                      You can modify the CCE cluster parameter settings using an API. 
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      PUT /api/v3/projects/{project_id}/clusters/{cluster_id}/nodepools/{nodepool_id}/configuration
                                                                                                                                                                                                                                                                                                                      
+
+
                                                                                                                                                                                                                                                                                                                      
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                      Parameter
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Parameter
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      Description
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      Value
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      Modification
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Description
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      CPU management policy
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      project_id
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      cpu-manager-policy
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Project ID. For details about how to obtain the project ID, see .
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      CPU management policy configuration. For details, see CPU Scheduling.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      cluster_id
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Cluster ID. For details about how to obtain the cluster ID, see .
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      nodepool_id
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Node pool ID. For details about how to obtain the node pool ID, see .
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      The request body is as follows:
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      {
+  "kind" : "Configuration",
+  "apiVersion" : "v3",
+  "metadata" : {
+    "name" : "configuration"
+  },
+  "spec" : {
+    "packages" : [ {
+      "name" : "kubelet",
+      "configurations" : [ {
+        "name" : "system-reserved-mem",
+        "value" : 600
+      }, {
+        "name" : "kube-reserved-mem",
+        "value" : 800
+      } ]
+    } ]
+  }
+}
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      The following parameters are modified:
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      • system-reserved-mem: Set it to 600 MiB.
                                                                                                                                                                                                                                                                                                                      • kube-reserved-mem: Set it to 800 MiB.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      kubelet
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      
+
+
+
+
+
+
+
+
+
+
-
-
+
-
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
-
-
-
-
+
+
+
+
-
-
-
-
+
-
-
-
+
-
-
-
+
-
-
-
+
-
-
-
+
-
-
-
+
-
-
-
-
+
-
-
-
-
-
-
+
+
-
-
-
-
+
+
-
-
-
-
+
+
-
-
-
-
+
+
-
+
                                                                                                                                                                                                                                                                                                                      Item
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Parameter
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Description
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Value
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Modification
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Configuration Mode
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      CPU management policy
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      cpu-manager-policy
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      CPU management policy configuration. For details, see CPU Scheduling.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      • none: disables pods from exclusively occupying CPUs. Select this value if you want a large pool of shareable CPU cores.
                                                                                                                                                                                                                                                                                                                      • static: enables pods to exclusively occupy CPUs. Select this value if your workload is sensitive to latency in CPU cache and scheduling.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      • enhanced-static: allows burstable pods to preferentially use CPU cores. Select this value if your workload has huge peak-trough difference and is in the trough state most of the time.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: none
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: none
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      The CPU management policy does not apply to ECS (PM) node pools in CCE Turbo clusters.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      The CPU management policy does not apply to ECS (PM) node pools in CCE Turbo clusters.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      QPS for requests to kube-apiserver
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      QPS for requests to kube-apiserver
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      kube-api-qps
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      kube-api-qps
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Number of queries per second for communication with the API server.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Number of queries per second for communication with the API server.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: 100
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: 100
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      Burst for requests to kube-apiserver
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Burst for requests to kube-apiserver
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      kube-api-burst
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      kube-api-burst
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Maximum number of burst requests sent to the API server per second.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Maximum number of burst requests sent to the API server per second.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: 100
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: 100
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      Limit on the pods managed by kubelet
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Limit on the pods managed by kubelet
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      max-pods
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      max-pods
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Maximum number of pods that can run on a node.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Maximum number of pods that can run on a node.
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
+
 
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      Limited number of processes in a pod
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Limited number of processes in a pod
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      pod-pids-limit
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      pod-pids-limit
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Maximum number of PIDs that can be used in each pod.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Maximum number of PIDs that can be used in each pod.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: -1, which indicates that the number of PIDs is not limited
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: -1, which indicates that the number of PIDs is not limited
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      Whether to use a local IP address as a node's ClusterDNS
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Whether to use a local IP address as a node's ClusterDNS
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      with-local-dns
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      with-local-dns
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      The default ENI IP address of the node will be automatically added to the node's kubelet configuration as the preferred DNS address.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      The node's kubelet configuration will automatically use the default network interface's IP address as the preferred DNS address.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: false
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: false
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      QPS limit on creating events
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      QPS limit on creating events
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      event-qps
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      event-qps
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Number of events that can be generated per second.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Number of events that can be generated per second.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: 5
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: 5
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      Upper Limit for Burst Events
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Upper Limit for Burst Events
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      event-burst
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      event-burst
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Upper limit for burst event creation. The number of burst events can be temporarily increased to the specified value.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Upper limit for burst event creation. The number of burst events can be temporarily increased to the specified value.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: 10
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: 10
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      Allowed unsafe sysctls
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Allowed unsafe sysctls
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      allowed-unsafe-sysctls
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      allowed-unsafe-sysctls
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Insecure system configuration allowed.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Insecure system configuration allowed.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Starting from v1.17.17, CCE enables pod security policies for kube-apiserver. Add corresponding configurations to allowedUnsafeSysctls of a pod security policy to make the policy take effect. (This configuration is not required for clusters earlier than v1.17.17.) For details, see Example of Enabling Unsafe sysctls in a PSP.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: []
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: []
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      Topology management policy
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Topology management policy
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      topology-manager-policy
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      topology-manager-policy
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Set the topology management policy.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Set the topology management policy.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Valid values are as follows:
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      • restricted: kubelet accepts only pods that achieve optimal NUMA alignment on the requested resources.
                                                                                                                                                                                                                                                                                                                      • best-effort: kubelet preferentially selects pods that implement NUMA alignment on CPU and device resources.
                                                                                                                                                                                                                                                                                                                      • none (default): The topology management policy is disabled.
                                                                                                                                                                                                                                                                                                                      • single-numa-node: kubelet allows only pods that are aligned to the same NUMA node in terms of CPU and device resources.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: none
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: none
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                       NOTICE: 
                                                                                                                                                                                                                                                                                                                      Modifying topology-manager-policy and topology-manager-scope will restart kubelet, and the resource allocation of pods will be recalculated based on the modified policy. In this case, running pods may restart or even fail to receive any resources.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                       NOTICE: 
                                                                                                                                                                                                                                                                                                                      Modifying topology-manager-policy and topology-manager-scope will restart kubelet, and the resource allocation of pods will be recalculated based on the modified policy. In this case, running pods may restart or even fail to receive any resources.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
+                                                                                                                                                                                                                                                                                                                      		
 
                                                                                                                                                                                                                                                                                                                      Topology management scope
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Topology management scope
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      topology-manager-scope
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      topology-manager-scope
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Configure the resource alignment granularity of the topology management policy. Valid values are as follows:
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Configure the resource alignment granularity of the topology management policy. Valid values are as follows:
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      • container (default)
                                                                                                                                                                                                                                                                                                                      • pod
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: container
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: container
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      Specified DNS configuration file
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Specified DNS configuration file
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      resolv-conf
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      resolv-conf
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      DNS resolution configuration file specified by the container
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      DNS resolution configuration file specified by the container
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: null
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: null
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      Timeout for all runtime requests except long-running requests
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Timeout for all runtime requests except long-running requests
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      runtime-request-timeout
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      runtime-request-timeout
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Timeout interval of all runtime requests except long-running requests (pull, logs, exec, and attach).
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Timeout interval of all runtime requests except long-running requests (pull, logs, exec, and attach).
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: 2m0s
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: 2m0s
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      This parameter is available only in clusters of v1.21.10-r0, v1.23.8-r0, v1.25.3-r0, or later versions.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      This parameter is available only in clusters of v1.21.10-r0, v1.23.8-r0, v1.25.3-r0, or later versions.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      Whether to allow kubelet to pull only one image at a time
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Whether to allow kubelet to pull only one image at a time
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      serialize-image-pulls
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      serialize-image-pulls
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Pull an image in serial mode.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Pull an image in serial mode.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      • false: recommended configuration so that an image can be pulled in parallel mode to improve pod startup.
                                                                                                                                                                                                                                                                                                                      • true: allows images to be pulled in serial mode.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      • Enabled by default if the cluster version is earlier than v1.21.12-r0, v1.23.11-r0, v1.27.3-r0, v1.28.1-r0 or v1.25.6-r0
                                                                                                                                                                                                                                                                                                                      • Disabled by default if the cluster version is v1.21.12-r0, v1.23.11-r0, v1.25.6-r0, v1.27.3-r0, v1.28.1-r0, or later
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      • Enabled by default if the cluster version is earlier than v1.21.12-r0, v1.23.11-r0, v1.27.3-r0, v1.28.1-r0, or v1.25.6-r0
                                                                                                                                                                                                                                                                                                                      • Disabled by default if the cluster version is v1.21.12-r0, v1.23.11-r0, v1.25.6-r0, v1.27.3-r0, v1.28.1-r0, or later
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      This parameter is available only in clusters of v1.21.10-r0, v1.23.8-r0, v1.25.3-r0, or later versions.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      This parameter is available only in clusters of v1.21.10-r0, v1.23.8-r0, v1.25.3-r0, or later versions.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      Image repository pull limit per second
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Image repository pull limit per second
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      registry-pull-qps
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      registry-pull-qps
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      QPS upper limit of an image repository.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      QPS upper limit of an image repository.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: 5
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: 5
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Value range: 1 to 50
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      This parameter is available only in clusters of v1.21.10-r0, v1.23.8-r0, v1.25.3-r0, or later versions.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      This parameter is available only in clusters of v1.21.10-r0, v1.23.8-r0, v1.25.3-r0, or later versions.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      Upper limit of burst image pull
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Upper limit of burst image pull
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      registry-burst
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      registry-burst
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Maximum number of burst image pulls.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Maximum number of burst image pulls.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: 10
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: 10
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      The value ranges from 1 to 100 and must be greater than or equal to the value of registry-pull-qps.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      This parameter is available only in clusters of v1.21.10-r0, v1.23.8-r0, v1.25.3-r0, or later versions.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      This parameter is available only in clusters of v1.21.10-r0, v1.23.8-r0, v1.25.3-r0, or later versions.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      Maximum Number of Container Log Files
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Maximum Number of Container Log Files
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      container-log-max-files
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      container-log-max-files
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Maximum number of container log files. When the number of existing log files exceeds this value, the earliest log file will be deleted to release space for new log files.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Maximum number of container log files. When the number of existing log files exceeds this value, the earliest log file will be deleted to release space for new log files.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: 10
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: 10
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Value range: 2 to 100
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later versions.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later versions.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      Maximum Container Log File Size
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Maximum Container Log File Size
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      container-log-max-size
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      container-log-max-size
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Maximum size of a single container log file. When the size of a log file reaches this value, the current log file will be closed and a new log file will be created to continue logging.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Maximum size of a single container log file. When the size of a log file reaches this value, the current log file will be closed and a new log file will be created to continue logging.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: 50
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      Value range: 1 to 4096
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: 50 (in MiB)
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Value range: 1 to 4096 (in MiB)
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later versions.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later versions.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      Upper Limit for Image Garbage Collection
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Upper Limit for Image Garbage Collection
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      image-gc-high-threshold
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      image-gc-high-threshold
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      When the kubelet disk usage reaches this value, kubelet starts to collect image garbage.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      When the kubelet disk usage reaches this value, kubelet starts to collect image garbage.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: 80
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: 80
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Value range: 1 to 100
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      To disable image garbage collection, set this parameter to 100.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      To disable image garbage collection, set this parameter to 100.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later versions.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
+                                                                                                                                                                                                                                                                                                                      		
 
                                                                                                                                                                                                                                                                                                                      Lower Limit for Image Garbage Collection
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Lower Limit for Image Garbage Collection
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      image-gc-low-threshold
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      image-gc-low-threshold
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Image garbage collection stops when the disk usage drops below the specified threshold.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Image garbage collection stops when the disk usage drops below the specified threshold.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: 70
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: 70
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Value range: 1 to 100
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      The value of this parameter cannot be greater than the upper limit for image garbage collection.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      The value of this parameter cannot be greater than the upper limit for image garbage collection.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later versions.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
+                                                                                                                                                                                                                                                                                                                      		
 
                                                                                                                                                                                                                                                                                                                      Node memory reservation
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Node memory reservation
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      system-reserved-mem
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      system-reserved-mem
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      System memory reservation reserves memory resources for OS system daemons such as sshd and udev.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      System memory reservation reserves memory resources for OS system daemons such as sshd and udev.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default value: automatically calculated, which varies depending on node flavors. For details, see Node Resource Reservation Policy.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default value: automatically calculated, which varies depending on node flavors. For details, see Node Resource Reservation Rules.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      The sum of kube-reserved-mem and system-reserved-mem must be less than 50% of the minimum memory of nodes in the node pool.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      The sum of kube-reserved-mem and system-reserved-mem must be less than 50% of the minimum memory of nodes in the node pool.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      kube-reserved-mem
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      Kubernetes memory reservation reserves memory resources for Kubernetes daemons such kubelet and container runtime.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      Hard eviction
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      kube-reserved-mem
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Kubernetes memory reservation reserves memory resources for Kubernetes daemons such kubelet and container runtime.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Hard eviction
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      
@@ -281,13 +378,13 @@
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      memory.available
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      memory.available
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Available memory on a node.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Available memory on a node.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      The value is fixed at 100 MiB.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      The value is fixed at 100 MiB.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      For details, see Node-pressure Eviction.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      For details, see Node-pressure Eviction.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                       NOTICE: 
                                                                                                                                                                                                                                                                                                                      Exercise caution when modifying an eviction configuration item. Improper configuration may cause pods to be frequently evicted or fail to be evicted when the node is overloaded.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      kubelet can identify the following specific file system identifiers:
                                                                                                                                                                                                                                                                                                                      
@@ -315,48 +412,60 @@
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
+                                                                                                                                                                                                                                                                                                                      		
 
                                                                                                                                                                                                                                                                                                                      nodefs.available
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      nodefs.available
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Percentage of the available capacity in the filesystem used by kubelet.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Percentage of the available capacity in the filesystem used by kubelet.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: 10%
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: 10%
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Value range: 1% to 99%
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
+                                                                                                                                                                                                                                                                                                                      		
 
                                                                                                                                                                                                                                                                                                                      nodefs.inodesFree
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      nodefs.inodesFree
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Percentage of available inodes in the filesystem used by kubelet.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Percentage of available inodes in the filesystem used by kubelet.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: 5%
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: 5%
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Value range: 1% to 99%
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
+                                                                                                                                                                                                                                                                                                                      		
 
                                                                                                                                                                                                                                                                                                                      imagefs.available
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      imagefs.available
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Percentage of the available capacity in the filesystem used by container runtimes to store resources such as images.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Percentage of the available capacity in the filesystem used by container runtimes to store resources such as images.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: 10%
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: 10%
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Value range: 1% to 99%
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
+                                                                                                                                                                                                                                                                                                                      		
 
                                                                                                                                                                                                                                                                                                                      imagefs.inodesFree
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      imagefs.inodesFree
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Percentage of available inodes in the filesystem used by container runtimes to store resources such as images.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Percentage of available inodes in the filesystem used by container runtimes to store resources such as images.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      This parameter is left blank by default.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      This parameter is left blank by default.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Value range: 1% to 99%
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
+                                                                                                                                                                                                                                                                                                                      		
 
                                                                                                                                                                                                                                                                                                                      pid.available
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      pid.available
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Percentage of allocatable PIDs reserved for pods.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Percentage of allocatable PIDs reserved for pods.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: 10%
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: 10%
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Value range: 1% to 99%
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
+                                                                                                                                                                                                                                                                                                                      		
 
                                                                                                                                                                                                                                                                                                                      Soft eviction
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Soft eviction
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      
@@ -365,444 +474,514 @@
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      memory.available
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      memory.available
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Available memory on a node.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Available memory on a node.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      The value must be greater than the hard eviction value of the same parameter, and the eviction grace period (evictionSoftGracePeriod) must be configured accordingly.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      This parameter is left blank by default.
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      Value range: 100 to 1000000
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      This parameter is left blank by default.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Value range: 100 to 1000000 (in MiB)
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      nodefs.available
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      nodefs.available
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Percentage of the available capacity in the filesystem used by kubelet.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Percentage of the available capacity in the filesystem used by kubelet.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      The value must be greater than the hard eviction value of the same parameter, and the eviction grace period (evictionSoftGracePeriod) must be configured accordingly.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      This parameter is left blank by default.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      This parameter is left blank by default.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Value range: 1% to 99%
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      nodefs.inodesFree
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Percentage of available inodes in the filesystem used by kubelet.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      nodefs.inodesFree
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Percentage of available inodes in the filesystem used by kubelet.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      The value must be greater than the hard eviction value of the same parameter, and the eviction grace period (evictionSoftGracePeriod) must be configured accordingly.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      This parameter is left blank by default.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      This parameter is left blank by default.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Value range: 1% to 99%
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      imagefs.available
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Percentage of the available capacity in the filesystem used by container runtimes to store resources such as images.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      imagefs.available
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Percentage of the available capacity in the filesystem used by container runtimes to store resources such as images.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      The value must be greater than the hard eviction value of the same parameter, and the eviction grace period (evictionSoftGracePeriod) must be configured accordingly.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      This parameter is left blank by default.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      This parameter is left blank by default.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Value range: 1% to 99%
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      imagefs.inodesFree
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Percentage of available inodes in the filesystem used by container runtimes to store resources such as images.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      imagefs.inodesFree
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Percentage of available inodes in the filesystem used by container runtimes to store resources such as images.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      The value must be greater than the hard eviction value of the same parameter, and the eviction grace period (evictionSoftGracePeriod) must be configured accordingly.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      This parameter is left blank by default.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      This parameter is left blank by default.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Value range: 1% to 99%
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      pid.available
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Percentage of allocatable PIDs reserved for pods.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      pid.available
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Percentage of allocatable PIDs reserved for pods.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      The value must be greater than the hard eviction value of the same parameter, and the eviction grace period (evictionSoftGracePeriod) must be configured accordingly.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      This parameter is left blank by default.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      This parameter is left blank by default.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Value range: 1% to 99%
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
+                                                                                                                                                                                                                                                                                                                      		
 
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      kube-proxy
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      Item
                                                                                                                                                                                                                                                                                                                      
+
+
                                                                                                                                                                                                                                                                                                                      kube-proxy
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
+
                                                                                                                                                                                                                                                                                                                      Item
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Parameter
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Parameter
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Description
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Description
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Value
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Value
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Modification
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Modification
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Configuration Mode
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Maximum number of connection tracking entries
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Minimum Connection Tracking Entries
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      conntrack-min
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      conntrack-min
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Maximum number of connection tracking entries
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      The minimum number of connection tracking entries that can be reserved in a Linux conntrack table. It guarantees that the system maintains a fixed number of connection tracking entries at all times, even when the actual number of connections is low. This prevents performance overhead associated with dynamically allocating or releasing resources.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      To obtain the value, run the following command:
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      sysctl net.nf_conntrack_max
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: 131072
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: 131072
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      Wait time of a closed TCP connection
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Wait time of a closed TCP connection
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      conntrack-tcp-timeout-close-wait
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      conntrack-tcp-timeout-close-wait
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Wait time of a closed TCP connection
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Wait time of a closed TCP connection
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      To obtain the value, run the following command:
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      sysctl net.netfilter.nf_conntrack_tcp_timeout_close_wait
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: 1h0m0s
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: 1h0m0s
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      Docker (Available Only for Docker Node Pools)
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      Item
                                                                                                                                                                                                                                                                                                                      
+
+
                                                                                                                                                                                                                                                                                                                      Docker (Available Only for Docker Node Pools)
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
+
                                                                                                                                                                                                                                                                                                                      Item
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Parameter
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Parameter
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Description
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Description
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Value
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Value
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Modification
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Modification
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Configuration Mode
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Container umask
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Container umask
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      native-umask
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      native-umask
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      The default value normal indicates that the umask value of the started container is 0022.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      The default value normal indicates that the umask value of the started container is 0022.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: normal
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: normal
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      The parameter value cannot be changed.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      The parameter value cannot be changed.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      Available data space for a single container
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Available data space for a single container
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      docker-base-size
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      docker-base-size
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Maximum data space that can be used by each container.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Maximum data space that can be used by each container.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: 0
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: 0
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      The parameter value cannot be changed.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      The parameter value cannot be changed.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      Insecure image source address
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Insecure image source address
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      insecure-registry
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      insecure-registry
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Whether an insecure image source address can be used.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Whether an insecure image source address can be used.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      false
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      false
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      The parameter value cannot be changed.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      The parameter value cannot be changed.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      Maximum size of a container core file
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Maximum size of a container core file
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      limitcore
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      limitcore
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Maximum size of a core file in a container. The unit is byte.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Maximum size of a core file in a container. The unit is byte.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      If not specified, the value is infinity.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: 5368709120
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: 5368709120
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      Limit on the number of handles in a container
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Limit on the number of handles in a container
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      default-ulimit-nofile
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      default-ulimit-nofile
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Maximum number of handles that can be used in a container.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Maximum number of handles that can be used in a container.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: {soft}:{hard}
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: {soft}:{hard}
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      The value cannot exceed the value of the kernel parameter nr_open and cannot be a negative number.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      The value cannot exceed the value of the kernel parameter nr_open and cannot be a negative number.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      You can run the following command to obtain the kernel parameter nr_open:
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      sysctl -a | grep nr_open
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
+                                                                                                                                                                                                                                                                                                                      		
 
                                                                                                                                                                                                                                                                                                                      Image pull timeout
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Image pull timeout
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      image-pull-progress-timeout
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      image-pull-progress-timeout
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      If the image fails to be pulled before time outs, the image pull will be canceled.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      If the image fails to be pulled before the timeout, the image pull will be canceled.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: 1m0s
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: 1m0s
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      This parameter is supported in v1.25.3-r0 and later.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      This parameter is supported in v1.25.3-r0 and later.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      containerd (Available Only for containerd Node Pools)
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      Item
                                                                                                                                                                                                                                                                                                                      
+
+
                                                                                                                                                                                                                                                                                                                      containerd (Available Only for containerd Node Pools)
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
-
-
-
-
+
+
+
+
+
+
+
-
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
-
+
-
-
-
-
-
+
                                                                                                                                                                                                                                                                                                                      Item
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Parameter
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Parameter
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Description
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Description
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Value
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Value
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Modification
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Modification
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Configuration Mode
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Maximum size of a container core file
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Maximum size of a container core file
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      limitcore
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      limitcore
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Maximum size of a core file in a container. The unit is byte.
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      If not specified, the value is infinity.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Maximum size of a core file in a container. The unit is byte.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      If not specified, the value is infinity.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: 5368709120
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: 5368709120
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      Limit on the number of handles in a container
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Limit on the number of handles in a container
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      default-ulimit-nofile
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      default-ulimit-nofile
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Maximum number of handles that can be used in a container.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Maximum number of handles that can be used in a container.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: 1048576
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: 1048576
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      The value cannot exceed the value of the kernel parameter nr_open and cannot be a negative number.
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      You can run the following command to obtain the kernel parameter nr_open:
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      The value cannot exceed the value of the kernel parameter nr_open and cannot be a negative number.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      You can run the following command to obtain the kernel parameter nr_open:
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      sysctl -a | grep nr_open
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Image pull timeout
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      image-pull-progress-timeout
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      If the image fails to be pulled before time outs, the image pull will be canceled.
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      Default: 1m0s
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      This parameter is supported in v1.25.3-r0 and later.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      Verification on insure skips
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Image pull timeout
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      insecure_skip_verify
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      image-pull-progress-timeout
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Whether to skip repository certificate verification.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      If the image fails to be pulled before the timeout, the image pull will be canceled.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: false
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: 1m0s
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      The parameter value cannot be changed.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      This parameter is supported in v1.25.3-r0 and later.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      Maximum Number of Concurrent Requests for Downloading an Image at a Time
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Verification on insure skips
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      max-concurrent-downloads
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Verification on insure skips
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      This parameter specifies the maximum number of concurrent requests for downloading an image at a time.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Whether to skip repository certificate verification.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: 3
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: false
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      The parameter value cannot be changed.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Maximum Number of Concurrent Requests for Downloading an Image at a Time
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      max-concurrent-downloads
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      This parameter specifies the maximum number of concurrent requests for downloading an image at a time.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: 3
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Value range: 1 to 20
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      If this parameter is set to a large value, the network performance of other services on the node may be affected or the disk I/O and CPU usage may increase.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      If this parameter is set to a large value, the network performance of other services on the node may be affected or the disk I/O and CPU usage may increase.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later versions.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
+                                                                                                                                                                                                                                                                                                                      		
 
                                                                                                                                                                                                                                                                                                                      Maximum Container Log Line Size
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Maximum Container Log Line Size
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      max-container-log-line-size
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      max-container-log-line-size
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Maximum log line size of a container, in the unit of bytes. The log lines exceeding the limit will be split into multiple lines.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Maximum log line size of a container, in the unit of bytes. The log lines exceeding the limit will be split into multiple lines.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: 16384
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: 16384
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Value range: 1 to 2097152
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      A larger value will lead to more containerd memory consumption.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      A larger value will lead to more containerd memory consumption.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later versions.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Available data space for a single container
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      container-base-size
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      Maximum data space that can be used by each container.
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      Default: 0
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      The parameter value cannot be changed.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      Modify Image Repository Configuration
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Available data space for a single container
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      registry-mirrors
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      container-base-size
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      You can configure one or multiple substitute image repositories to be selected when obtaining images from the container runtime.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Maximum data space that can be used by each container.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      If you do not specify this parameter, the docker.io image repository will be used by default, and the SWR image repository will be used as a substitute.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: 0
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      The parameter value cannot be changed.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Modify Image Repository Configuration
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      registry-mirrors
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      You can configure one or multiple substitute image repositories to be selected when obtaining images from the container runtime.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      If you do not specify this parameter, the docker.io image repository will be used by default, and the SWR image repository will be used as a substitute.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      An image repository must be an IP address or domain name. A substitute image repository must be an IP address or domain name starting with http:// or https://.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      • Add local image repositories for faster image pulling.
                                                                                                                                                                                                                                                                                                                      • Configure multiple image repositories for higher fault tolerance and availability.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      • Add local image repositories for faster image pulling.
                                                                                                                                                                                                                                                                                                                      • Configure multiple image repositories for higher fault tolerance and availability.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      This parameter is available only in clusters of v1.23.17-r0, v1.25.12-r0, v1.27.9-r0, v1.28.7-r0, v1.29.3-r0, or later versions.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                       NOTICE: 
                                                                                                                                                                                                                                                                                                                      If the image repository or its substitute is configured incorrectly, containers may not be able to pull the necessary image.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
+                                                                                                                                                                                                                                                                                                                      		
 
                                                                                                                                                                                                                                                                                                                      Certificate Authentication Skipped Image Repository
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Certificate Authentication Skipped Image Repository
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      insecure-registries
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      insecure-registries
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      When you specify image repositories, you can bypass security certificate-based authentication. This is typically done to connect to an insecure or self-signed image repository.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      When you specify image repositories, you can bypass security certificate-based authentication. This is typically done to connect to an insecure or self-signed image repository.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      This parameter is left blank by default.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      This parameter is left blank by default.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Enter an IP address or domain name.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      • Use this function only in development or test environments, not in production environments.
                                                                                                                                                                                                                                                                                                                      • Enable this option only when using a self-signed certificate or when attempting to access a private image repository that cannot obtain an authorized certificate.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      • Use this function only in development or test environments, not in production environments.
                                                                                                                                                                                                                                                                                                                      • Enable this option only when using a self-signed certificate or when attempting to access a private image repository that cannot obtain an authorized certificate.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      This parameter is available only in clusters of v1.23.17-r0, v1.25.12-r0, v1.27.9-r0, v1.28.7-r0, v1.29.3-r0, or later versions.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
+                                                                                                                                                                                                                                                                                                                      		
 
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      Networking Components (Available Only for CCE Turbo Clusters)
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      Item
                                                                                                                                                                                                                                                                                                                      
+
+
                                                                                                                                                                                                                                                                                                                      Networking Components (Available Only for CCE Turbo Clusters)
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                      Item
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Parameter
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Parameter
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Description
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Description
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Value
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Value
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Modification
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Modification
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Configuration Mode
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Node pool ENI pre-binding
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Node pool network interface pre-binding
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      enable-node-nic-configuration
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      enable-node-nic-configuration
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Whether to enable ENI pre-binding in a node pool.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Whether to enable network interface pre-binding in a node pool.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: false
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: false
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      After network component configuration is disabled in a node pool, the dynamic container ENI pre-binding parameter settings of the node pool are the same as those of cluster-level parameter settings.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      After network component configuration is disabled in a node pool, the dynamic container network interface pre-binding parameter settings of the node pool are the same as those of cluster-level parameter settings.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      ENI threshold
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Network interface threshold
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      nic-threshold
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Network interface threshold
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Low threshold of the number of bound ENIs: High threshold of the number of bound ENIs
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Low threshold of the number of bound network interfaces: High threshold of the number of bound network interfaces
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: 0:0
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: 0:0
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                       NOTE: 
                                                                                                                                                                                                                                                                                                                      This parameter is being discarded. Use the dynamic pre-binding parameters of the other four ENIs.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                       NOTE: 
                                                                                                                                                                                                                                                                                                                      This parameter is being discarded. Use the dynamic pre-binding parameters of the other four network interfaces.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Minimum number of ENIs bound to a node in a node pool
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      nic-minimum-target
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      Minimum number of container ENIs bound to a node.
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      The parameter value must be a positive integer. The value 10 indicates that at least 10 container ENIs must be bound to a node. If the number you specified exceeds the container ENI quota of the node, the ENI quota will be used.
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      Default: 10
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      Configure these parameters based on the number of pods typically running on most nodes.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      Maximum number of ENIs pre-bound to a node in a node pool
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Minimum number of network interfaces bound to a node in a node pool
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      nic-maximum-target
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      nic-minimum-target
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      After the number of ENIs bound to a node exceeds the nic-maximum-target value, CCE will not proactively pre-bind ENIs.
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      Checking the upper limit of pre-bound container ENIs is enabled only when the value of this parameter is greater than or equal to the minimum number of container ENIs (nic-minimum-target) bound to a node.
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      The parameter value must be a positive integer. The value 0 indicates that checking the upper limit of pre-bound container ENIs is disabled. If the number you specified exceeds the container ENI quota of the node, the ENI quota will be used.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Minimum number of container network interfaces bound to a node.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      The parameter value must be a positive integer. The value 10 indicates that at least 10 container network interfaces must be bound to a node. If the number you specified exceeds the container network interface quota of the node, the network interface quota will be used.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: 0
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: 10
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Configure these parameters based on the maximum number of pods running on most nodes.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Configure these parameters based on the number of pods typically running on most nodes.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      Number of ENIs dynamically pre-bound to a node in a node pool
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Maximum number of network interfaces pre-bound to a node in a node pool
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      nic-warm-target
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      nic-maximum-target
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Extra ENIs will be pre-bound after the nic-minimum-target is used up in a pod. The value can only be a number.
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      When the sum of the nic-warm-target value and the number of ENIs bound to the node is greater than the nic-maximum-target value, CCE will pre-bind the number of ENIs specified by the difference between the nic-maximum-target value and the current number of ENIs bound to the node.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      After the number of network interfaces bound to a node exceeds the nic-maximum-target value, CCE will not proactively pre-bind network interfaces.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Checking the upper limit of pre-bound container network interfaces is enabled only when the value of this parameter is greater than or equal to the minimum number of container network interfaces (nic-minimum-target) bound to a node.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      The parameter value must be a positive integer. The value 0 indicates that checking the upper limit of pre-bound container network interfaces is disabled. If the number you specified exceeds the container network interface quota of the node, the network interface quota will be used.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: 2
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: 0
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Set the parameter value to the number of pods that can be scaled out instantaneously within 10 seconds on most nodes.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Configure these parameters based on the maximum number of pods running on most nodes.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      Threshold for reclaiming the ENIs pre-bound to a node in a node pool
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Number of network interfaces dynamically pre-bound to a node in a node pool
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      nic-max-above-warm-target
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      nic-warm-target
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Only when the difference between the number of idle ENIs on a node and the nic-warm-target value is greater than the threshold, the pre-bound ENIs will be unbound and reclaimed. The value can only be a number.
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      • A large value will accelerate pod startup but slow down the unbinding of idle container ENIs and decrease the IP address usage. Exercise caution when performing this operation.
                                                                                                                                                                                                                                                                                                                      • A small value will speed up the unbinding of idle container ENIs and increase the IP address usage but will slow down pod startup, especially when a large number of pods increase instantaneously.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Extra network interfaces will be pre-bound after the nic-minimum-target is used up in a pod. The value can only be a number.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      When the sum of the nic-warm-target value and the number of network interfaces already bound to the node exceeds the nic-maximum-target value, CCE will pre-bind the number of network interfaces specified by the difference between the nic-maximum-target value and the current number of network interfaces bound to the node.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default: 2
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: 2
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Set the parameter value to the difference between the number of pods that are frequently scaled on most nodes within minutes and the number of pods that are instantly scaled out on most nodes within 10 seconds.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Set the parameter value to the number of pods that can be scaled out instantaneously within 10 seconds on most nodes.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Threshold for reclaiming the network interfaces pre-bound to a node in a node pool
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      nic-max-above-warm-target
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Only when the difference between the number of idle network interfaces on a node and the nic-warm-target value is greater than the threshold, the pre-bound network interfaces will be unbound and reclaimed. The value can only be a number.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      • A large value will accelerate pod startup but slow down the unbinding of idle container network interfaces and decrease the IP address usage. Exercise caution when performing this operation.
                                                                                                                                                                                                                                                                                                                      • A small value will speed up the unbinding of idle container network interfaces and increase the IP address usage but will slow down pod startup, especially when a large number of pods increase instantaneously.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default: 2
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Set the parameter value to the difference between the number of pods that are frequently scaled on most nodes within minutes and the number of pods that are instantly scaled out on most nodes within 10 seconds.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      Pod Security Groups (Available Only for CCE Turbo Clusters)
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      Item
                                                                                                                                                                                                                                                                                                                      
+
+
                                                                                                                                                                                                                                                                                                                      Pod Security Groups (Available Only for CCE Turbo Clusters)
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      
-
-
-
-
+
-
-
-
-
-
+
                                                                                                                                                                                                                                                                                                                      Item
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Parameter
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Parameter
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Description
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Description
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Value
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Value
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Modification
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Modification
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Configuration Mode
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      Default security group used by pods in a node pool
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Default security group used by pods in a node pool
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      security_groups_for_nodepool
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      security_groups_for_nodepool
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      You can enter the security group ID. If this parameter is not configured, the default security group of the cluster container network will be used, and a maximum of five security group IDs that are separated by semicolons (;) can be specified at a time.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      You can enter the security group ID. If this parameter is not configured, the default security group of the cluster container network will be used, and a maximum of five security group IDs that are separated by semicolons (;) can be specified at a time.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      The priority of the security group is lower than that of the security group configured for SecurityGroups.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Console/API
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                       
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      
 
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      Parent topic: Managing a Node Pool
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Parent topic: Managing Node Pools
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      
 
diff --git a/docs/cce/umn/cce_10_0653.html b/docs/cce/umn/cce_10_0653.html
index e14c030e6..08bc2bd7e 100644
--- a/docs/cce/umn/cce_10_0653.html
+++ b/docs/cce/umn/cce_10_0653.html
@@ -1,9 +1,9 @@
 
 
 
                                                                                                                                                                                                                                                                                                                      Updating a Node Pool
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      Precautions
                                                                                                                                                                                                                                                                                                                      • Changes to the container engine, OS, or pre-/post-installation script in a node pool take effect only on new nodes. To synchronize the modification onto existing nodes, manually reset these nodes.
                                                                                                                                                                                                                                                                                                                      • Changes to resource tags and Kubernetes labels/taints in a node pool will be automatically synchronized to existing nodes. You do not need to reset these nodes.
                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                      Precautions
                                                                                                                                                                                                                                                                                                                      • Changes to the container engine, OS, or pre-/post-installation script in a node pool take effect only on new nodes. To synchronize the modification onto existing nodes, manually reset these nodes.
                                                                                                                                                                                                                                                                                                                      • The modification of the system disk or data disk size and data disk space allocation rule of a node pool applies only to new nodes. The settings cannot be synchronized for existing nodes even if they are reset.
                                                                                                                                                                                                                                                                                                                      • Changes to resource tags and Kubernetes labels/taints in a node pool will be automatically synchronized to existing nodes. You do not need to reset these nodes.
                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                      Updating a Node Pool
                                                                                                                                                                                                                                                                                                                      1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                      2. Click the cluster name to access the cluster console. Choose Nodes in the navigation pane. In the right pane, click the Node Pools tab.
                                                                                                                                                                                                                                                                                                                      3. Click Update next to the name of the node pool you will edit. Configure the parameters in the displayed Update Node Pool page.
                                                                                                                                                                                                                                                                                                                        Basic Settings
+
                                                                                                                                                                                                                                                                                                                        Updating a Node Pool
                                                                                                                                                                                                                                                                                                                        1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                        2. Click the cluster name to access the cluster console. Choose Nodes in the navigation pane. In the right pane, click the Node Pools tab.
                                                                                                                                                                                                                                                                                                                        3. Click Update next to the name of the node pool you will edit. Configure the parameters in the displayed Update Node Pool page.
                                                                                                                                                                                                                                                                                                                          Basic Settings
 
                                                                                                                                                                                                                                                                                                                          
-
@@ -29,29 +29,29 @@
 
-
@@ -61,7 +61,7 @@
 
                                                                                                                                                                                                                                                                                                                          • Key Pair
                                                                                                                                                                                                                                                                                                                            Select the key pair used to log in to the node. You can select a shared key.
                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                            A key pair is used for identity authentication when you remotely log in to a node. If no key pair is available, click Create Key Pair.
                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                           NOTE: 
                                                                                                                                                                                                                                                                                                                          The changes made to the key pair will be applied automatically to any new nodes added. However, for existing nodes, you will need to manually reset them for the modifications to take effect.
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                           NOTE: 
                                                                                                                                                                                                                                                                                                                          The modified login setting automatically applies to any new nodes added. Manually reset existing nodes for the modification to take effect.
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          
 
 
@@ -82,7 +82,7 @@
 
                                                                                                                                                                                                                                                                                                                           NOTE: 
                                                                                                                                                                                                                                                                                                                          After the system disk configuration is modified, the modification takes effect only on newly added nodes. The configuration cannot be synchronized to existing nodes even if they are reset.
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          System Disk Encryption: System disk encryption safeguards your data. Snapshots generated from encrypted disks and disks created using these snapshots automatically inherit the encryption setting. Only the nodes of the Elastic Cloud Server (VM) type in certain regions support system disk encryption. For details, see the console.
                                                                                                                                                                                                                                                                                                                          • Not encrypted is selected by default.
                                                                                                                                                                                                                                                                                                                          • After setting System Disk Encryption to Enabled (key), choose an existing key. If no key is available, click View Key List and create a key. After the key is created, click the refresh icon next to the text box.
                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                           NOTE: 
                                                                                                                                                                                                                                                                                                                          The modified system disk encryption automatically takes effect on new nodes. For existing nodes, manually reset the nodes for the modification to take effect.
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                           NOTE: 
                                                                                                                                                                                                                                                                                                                          The modified system disk encryption automatically applies to new nodes. Manually reset existing nodes for the modification to take effect.
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          
 
@@ -91,28 +91,29 @@
 
 
                                                                                                                                                                                                                                                                                                                          
-
@@ -145,7 +146,7 @@
 
@@ -154,7 +155,7 @@
 
@@ -188,24 +189,26 @@
 
-
-
-
@@ -228,7 +231,7 @@
 
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                          Parent topic: Managing a Node Pool
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                          Parent topic: Managing Node Pools
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          
 
diff --git a/docs/cce/umn/cce_10_0654.html b/docs/cce/umn/cce_10_0654.html
index 1a0ec2128..3812855e5 100644
--- a/docs/cce/umn/cce_10_0654.html
+++ b/docs/cce/umn/cce_10_0654.html
@@ -2,18 +2,19 @@
 
 
                                                                                                                                                                                                                                                                                                                          Synchronizing Node Pools
                                                                                                                                                                                                                                                                                                                          After the configuration of a node pool is updated, some configurations cannot be automatically synchronized for existing nodes. You can manually synchronize configurations for these nodes.
                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                          • Do not delete or reset nodes during batch synchronization. Otherwise, the synchronization of node pool configuration may fail.
                                                                                                                                                                                                                                                                                                                          • This operation involves resetting nodes. Workloads running on a node may be interrupted due to standalone deployment or insufficient schedulable resources. Evaluate the upgrade risks and perform the upgrade during off-peak hours. Alternatively, specify a disruption budget for your key applications to ensure the availability of these applications during the upgrade.
                                                                                                                                                                                                                                                                                                                          • During configuration synchronization for existing nodes, the nodes will be reset, and the system disks and data disks will be cleared. Back up important data before the synchronization.
                                                                                                                                                                                                                                                                                                                          • Only some node pool parameters can be synchronized by resetting nodes. The constraints are as follows:
                                                                                                                                                                                                                                                                                                                            • Changes to the container engine, OS, or pre-/post-installation script in a node pool take effect only on new nodes. To synchronize the modification onto existing nodes, manually reset these nodes.
                                                                                                                                                                                                                                                                                                                            • Changes to resource tags and Kubernetes labels/taints in a node pool will be automatically synchronized to existing nodes. You do not need to reset these nodes.
                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                             
                                                                                                                                                                                                                                                                                                                            • Do not delete or reset nodes during batch synchronization. Otherwise, the synchronization of node pool configuration may fail.
                                                                                                                                                                                                                                                                                                                            • This operation involves resetting nodes. Workloads running on a node may be interrupted due to standalone deployment or insufficient schedulable resources. Evaluate the upgrade risks and perform the upgrade during off-peak hours. Alternatively, specify a disruption budget for your key applications to ensure the availability of these applications during the upgrade.
                                                                                                                                                                                                                                                                                                                            • During configuration synchronization for existing nodes, the nodes will be reset, and the system disks and data disks will be cleared. Back up important data before the synchronization.
                                                                                                                                                                                                                                                                                                                            • Only some node pool parameters can be synchronized by resetting nodes. The constraints are as follows:
                                                                                                                                                                                                                                                                                                                              • Changes to the container engine, OS, security hardening, or pre-/post-installation script in a node pool take effect only on new nodes. To synchronize the modification onto existing nodes, manually reset these nodes.
                                                                                                                                                                                                                                                                                                                              • The modification of the system disk or data disk size and data disk space allocation rule of a node pool applies only to new nodes. The settings cannot be synchronized for existing nodes even if they are reset.
                                                                                                                                                                                                                                                                                                                              • Changes to resource tags and Kubernetes labels/taints in a node pool will be automatically synchronized to existing nodes. You do not need to reset these nodes.
                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                              • If a new OS patch exists in the environment, you can synchronize the node pool to update the OS.
                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                            Synchronizing a Single Node
                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                            2. Click the cluster name to access the cluster console. Choose Nodes in the navigation pane. In the right pane, click the Nodes tab.
                                                                                                                                                                                                                                                                                                                            3. Find Node pool updated in the Node Name column of the existing nodes in the node pool.
                                                                                                                                                                                                                                                                                                                            4. Move the cursor to Node pool updated. The Reset button is displayed. You can then determine whether to reset the node immediately.
                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                            Synchronizing a Single Node
                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                            2. Click the cluster name to access the cluster console. Choose Nodes in the navigation pane. In the right pane, click the Nodes tab.
                                                                                                                                                                                                                                                                                                                            3. Find the node marked with Node pool updated in the node pool.
                                                                                                                                                                                                                                                                                                                            4. Move the cursor to Node pool updated. The Reset button is displayed. You can then determine whether to reset the node immediately.
                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                            Batch Synchronization
                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                            2. Click the cluster name to access the cluster console. Choose Nodes in the navigation pane. In the right pane, click the Node Pools tab.
                                                                                                                                                                                                                                                                                                                            3. Choose More > Synchronize in the Operation column of the target node pool.
                                                                                                                                                                                                                                                                                                                            4. In the Batch synchronization window, configure parameters.
                                                                                                                                                                                                                                                                                                                              • OS: shows the image of the target version. You do not need to configure this parameter.
                                                                                                                                                                                                                                                                                                                              • Synchronization Policy: Node Reset is supported.
                                                                                                                                                                                                                                                                                                                              • Max. Nodes for Batch Synchronize: maximum number of nodes that will be unavailable during node synchronization. Nodes will be unavailable during synchronization by resetting the nodes. Properly configure this parameter to prevent pod scheduling failures caused by too many unavailable nodes in the cluster.
                                                                                                                                                                                                                                                                                                                              • Node List: Select the nodes requiring the synchronization of node pool configurations.
                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                              Batch Synchronization
                                                                                                                                                                                                                                                                                                                              1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                              2. Click the cluster name to access the cluster console. Choose Nodes in the navigation pane. In the right pane, click the Node Pools tab.
                                                                                                                                                                                                                                                                                                                              3. Choose More > Synchronize in the Operation column of the target node pool.
                                                                                                                                                                                                                                                                                                                              4. In the Batch synchronization window, configure parameters.
                                                                                                                                                                                                                                                                                                                                • OS: shows the image of the target version. You do not need to configure this parameter.
                                                                                                                                                                                                                                                                                                                                • Synchronization Type: Reset node is supported.
                                                                                                                                                                                                                                                                                                                                • Max. Nodes for Batch Synchronization: maximum number of nodes that will be unavailable during node synchronization. Nodes will be unavailable during synchronization by resetting the nodes. Properly configure this parameter to prevent pod scheduling failures caused by too many unavailable nodes in the cluster.
                                                                                                                                                                                                                                                                                                                                • In the node list, select the nodes requiring the synchronization of node pool configurations.
                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                              5. Click OK.
                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                            Parent topic: Managing a Node Pool
                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                            Parent topic: Managing Node Pools
                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                            
 
diff --git a/docs/cce/umn/cce_10_0655.html b/docs/cce/umn/cce_10_0655.html
index fa1dbc123..c33cf0b70 100644
--- a/docs/cce/umn/cce_10_0655.html
+++ b/docs/cce/umn/cce_10_0655.html
@@ -2,11 +2,11 @@
 
 
                                                                                                                                                                                                                                                                                                                            Copying a Node Pool
                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                            You can copy the configuration of an existing node pool on the CCE console to create new node pools.
                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                            2. Click the cluster name to access the cluster console. Choose Nodes in the navigation pane. In the right pane, click the Node Pools tab.
                                                                                                                                                                                                                                                                                                                            3. Choose More > Copy in the Operation column of the target node pool.
                                                                                                                                                                                                                                                                                                                            4. In the Copy Resource Pool window, the configurations of the node pool to be copied are displayed. Modify the configurations as needed. For details, see Creating a Node Pool. After confirming the configuration, click Next: Confirm.
                                                                                                                                                                                                                                                                                                                            5. On the Confirm page, confirm the node pool configurations and click Submit. Then, a new node pool is created based on the modified configurations.
                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                            2. Click the cluster name to access the cluster console. Choose Nodes in the navigation pane. In the right pane, click the Node Pools tab.
                                                                                                                                                                                                                                                                                                                            3. Choose More > Copy in the Operation column of the target node pool.
                                                                                                                                                                                                                                                                                                                            4. In the Copy Resource Pool window, the configurations of the node pool to be copied are displayed. Modify the configurations as needed. For details, see Creating a Node Pool. After confirming the configuration, click Next: Confirm.
                                                                                                                                                                                                                                                                                                                            5. On the Confirm page, confirm the node pool configurations and click Submit. Then, a new node pool is created based on the modified configurations.
                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                            Parent topic: Managing a Node Pool
                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                            Parent topic: Managing Node Pools
                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                            
 
diff --git a/docs/cce/umn/cce_10_0656.html b/docs/cce/umn/cce_10_0656.html
index 24b3eb2d4..79009c8e5 100644
--- a/docs/cce/umn/cce_10_0656.html
+++ b/docs/cce/umn/cce_10_0656.html
@@ -46,19 +46,19 @@
 
                                                                                                                                                                                                                                                                                                                          Table 1 Basic settings
                                                                                                                                                                                                                                                                                                                          Parameter
                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                          Description
                                                                                                                                                                                                                                                                                                                          
@@ -12,7 +12,7 @@
 
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          Node Pool Name
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          Name of the node pool.
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                          Name of a node pool.
                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          Specifications
                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                          Select node specifications that best fit your service needs.
                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                           NOTE: 
                                                                                                                                                                                                                                                                                                                          • If a node pool is configured with multiple node flavors, only the flavors (which can be located in different AZs) of the same node type are supported. For example, a node pool consisting of general computing-plus nodes supports only general computing-plus node flavors, but not the flavors of general computing nodes.
                                                                                                                                                                                                                                                                                                                          • A maximum of 10 node flavors can be added to a node pool (the flavors in different AZs are counted separately). When adding a node flavor, you can choose multiple AZs, but you need to specify them.
                                                                                                                                                                                                                                                                                                                          • Nodes in a newly created node pool are created using the default flavor. If the resources for the default flavor are insufficient, node creation will fail.
                                                                                                                                                                                                                                                                                                                          • After a node pool is created, the flavors of existing nodes cannot be deleted.
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                           NOTE: 
                                                                                                                                                                                                                                                                                                                          • If a node pool is configured with multiple node flavors, only the flavors (which can be located in different AZs) of the same node type are supported. For example, a node pool consisting of general computing-plus nodes supports only general computing-plus node flavors, but not the flavors of general computing nodes.
                                                                                                                                                                                                                                                                                                                          • Nodes added to a single node pool must have the same GPU type. For example, if you select the nvidia-v100 flavor, you are not allowed to select the nvidia-t4 flavor.
                                                                                                                                                                                                                                                                                                                          • A maximum of 10 node flavors can be added to a node pool (the flavors in different AZs are counted separately). When adding a node flavor, you can choose multiple AZs, but you need to specify them.
                                                                                                                                                                                                                                                                                                                          • Nodes in a newly created node pool are created using the default flavor. If the resources for the default flavor are insufficient, node creation will fail.
                                                                                                                                                                                                                                                                                                                          • After a node pool is created, the flavors of existing nodes cannot be deleted.
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          		
 
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          Container Engine
                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                          The container engines supported by CCE include Docker and containerd, which may vary depending on cluster types, cluster versions, and OSs. Select a container engine based on the information displayed on the CCE console. For details, see Mapping Between Node OSs and Container Engines.
                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                           NOTE: 
                                                                                                                                                                                                                                                                                                                          After the container engine is modified, the modification automatically takes effect on newly added nodes. For existing nodes, manually reset the nodes for the modification to take effect.
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                           NOTE: 
                                                                                                                                                                                                                                                                                                                          The modified container engine automatically applies to newly added nodes. Manually reset existing nodes for the modification to take effect.
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          		
 
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          OS
                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                          Select an OS type. Different types of nodes support different OSs.
                                                                                                                                                                                                                                                                                                                          • Public image: Select a public image for the node.
                                                                                                                                                                                                                                                                                                                          • Private image: Select a private image for the node. 
                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                           NOTE: 
                                                                                                                                                                                                                                                                                                                          • Service container runtimes share the kernel and underlying calls of nodes. To ensure compatibility, select a Linux distribution version that is the same as or close to that of the final service container image for the node OS.
                                                                                                                                                                                                                                                                                                                          • After the OS is modified, the modification automatically takes effect on newly added nodes. Manually reset existing nodes for the modification to take effect.
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                           NOTE: 
                                                                                                                                                                                                                                                                                                                          • Service container runtimes share the kernel and underlying calls of nodes. To ensure compatibility, select a Linux distribution version that is the same as or close to that of the final service container image for the node OS.
                                                                                                                                                                                                                                                                                                                          • The changed OS automatically applies to newly added nodes. Manually reset existing nodes for the modification to take effect.
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          		
 
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          Edit Key Pair
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          Node pools that require key pairs for login authentication allow for key pair editing. You can choose a different key pair.
                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                           NOTE: 
                                                                                                                                                                                                                                                                                                                          The changes made to the key pair will be applied automatically to any new nodes added. However, for existing nodes, you will need to manually reset them for the modifications to take effect.
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                          Only node pools that use key pairs for login support key pair editing. You can select another key pair.
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                           NOTE: 
                                                                                                                                                                                                                                                                                                                          The changed key pair automatically applies to any new nodes added. Manually reset existing nodes for the modification to take effect.
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                          Select a disk for storing system components.
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          • Data Disk: added for storing container runtime and kubelet components by default. The disk size ranges from 20 GiB to 32768 GiB. The default value is 100 GiB. This data disk cannot be deleted or detached. Otherwise, the node will be unavailable.
                                                                                                                                                                                                                                                                                                                          • System Disk: stores CCE resources such as downloaded images, ephemeral storage for containers, and container stdout logs. If the system disk is fully occupied, it will negatively affect the stability of the node.
                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                           NOTE: 
                                                                                                                                                                                                                                                                                                                          • In clusters of v1.23.18-r0, v1.25.13-r0, v1.27.10-r0, v1.28.8-r0, v1.29.4-r0, or later, you can select a disk for storing system components. If CCE Node Problem Detector is used, ensure that its version is 1.19.2 or later.
                                                                                                                                                                                                                                                                                                                          • Customizing the pod base size for a node pool will prevent you from changing System Component Storage to System Disk.
                                                                                                                                                                                                                                                                                                                          • The modified System Component Storage setting automatically takes effect on new nodes. For existing nodes, manually reset the nodes for the modification to take effect.
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                           NOTE: 
                                                                                                                                                                                                                                                                                                                          • In clusters of v1.23.18-r0, v1.25.13-r0, v1.27.10-r0, v1.28.8-r0, v1.29.4-r0, or later, you can select a disk for storing system components. If CCE Node Problem Detector is used, ensure that its version is 1.19.2 or later.
                                                                                                                                                                                                                                                                                                                          • Customizing the pod base size for a node pool will prevent you from changing System Component Storage to System Disk.
                                                                                                                                                                                                                                                                                                                          • The modified system component storage setting automatically applies to new nodes. Manually reset existing nodes for the modification to take effect.
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          		
 
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          Data Disk
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          • At least one default data disk must be added for storing container runtime and kubelet components if System Component Storage is set to Data Disk. This data disk cannot be deleted or detached. Otherwise, the node will be unavailable. This function is available for clusters of a version earlier than v1.23.18-r0, v1.25.13-r0, v1.27.10-r0, v1.28.8-r0, or v1.29.4-r0.
                                                                                                                                                                                                                                                                                                                            • Default data disk: used for container runtime and kubelet components. The disk size ranges from 20 GiB to 32768 GiB. The default value is 100 GiB.
                                                                                                                                                                                                                                                                                                                            • Other common data disks: You can set the data disk size to a value ranging from 10 GiB to 32768 GiB. The default value is 100 GiB.
                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                          • At least one default data disk must be added for storing container runtime and kubelet components if System Component Storage is set to Data Disk. This data disk cannot be deleted or detached. Otherwise, the node will be unavailable. This function is available for clusters of a version earlier than v1.23.18-r0, v1.25.13-r0, v1.27.10-r0, v1.28.8-r0, or v1.29.4-r0.
                                                                                                                                                                                                                                                                                                                            • Default data disk: used for container runtime and kubelet components. The disk size ranges from 20 GiB to 32768 GiB. The default value is 100 GiB.
                                                                                                                                                                                                                                                                                                                            • Other common data disks: You can set the data disk size to a value ranging from 10 GiB to 32768 GiB. The default value is 100 GiB.
                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                          • If System Component Storage is set to System Disk, you do not need to add a default data disk. In this case, all data disks are common ones: You can set the data disk size to a value ranging from 10 GiB to 32768 GiB. The default value is 100 GiB. This function is available for clusters of v1.23.18-r0, v1.25.13-r0, v1.27.10-r0, v1.28.8-r0, v1.29.4-r0, or later versions.
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                           NOTE: 
                                                                                                                                                                                                                                                                                                                          After the data disk configuration is modified, the modification takes effect only on newly added nodes. The configuration cannot be synchronized to existing nodes even if they are reset.
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          Advanced Settings
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          Expand the area and configure the following parameters:
                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                          • Data Disk Space Allocation: allocates space for container engines, images, and ephemeral storage for them to run properly. For details about how to allocate data disk space, see Space Allocation of a Data Disk.
                                                                                                                                                                                                                                                                                                                             NOTE: 
                                                                                                                                                                                                                                                                                                                            After the data disk space allocation configuration is modified, the modification takes effect only for new nodes. The configuration cannot take effect for the existing nodes even if they are reset.
                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                            • Data Disk Space Allocation: allocates space for container engines, images, and ephemeral storage for them to run properly. For details about how to allocate data disk space, see Space Allocation of a Data Disk.
                                                                                                                                                                                                                                                                                                                               NOTE: 
                                                                                                                                                                                                                                                                                                                              After the data disk space allocation configuration is modified, the modification takes effect only for new nodes. The configuration cannot apply to the existing nodes even if they are reset.
                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                            • Enabled: Data disk encryption safeguards your data. Snapshots generated from encrypted disks and disks created using these snapshots automatically inherit the encryption setting. 
                                                                                                                                                                                                                                                                                                                              • Not encrypted is selected by default.
                                                                                                                                                                                                                                                                                                                              • After setting Data Disk Encryption to Enabled, choose an existing key. If no key is available, click View Key List and create a key. After the key is created, click the refresh icon next to the text box.
                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                               NOTE: 
                                                                                                                                                                                                                                                                                                                              After the Data Disk Encryption is modified, the modification takes effect only on newly added nodes. The configuration cannot be synchronized to existing nodes even if they are reset.
                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                            • Enabled: Data disk encryption safeguards your data. Snapshots generated from encrypted disks and disks created using these snapshots automatically inherit the encryption setting. 
                                                                                                                                                                                                                                                                                                                              • Not encrypted is selected by default.
                                                                                                                                                                                                                                                                                                                              • After setting Data Disk Encryption to Enabled, choose an existing key. If no key is available, click View Key List and create a key. After the key is created, click the refresh icon next to the text box.
                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                               NOTE: 
                                                                                                                                                                                                                                                                                                                              After the data disk encryption is modified, the modification only applies to newly added nodes. The configuration cannot be synchronized to existing nodes even if they are reset.
                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                            Adding data disks
                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                            A maximum of 16 data disks can be attached to an ECS. By default, a raw disk is created without any processing. You can also click Expand and select any of the following options:
                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                            A maximum of 16 data disks can be attached to an ECS. By default, a raw disk is created without any processing.
                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                            You can also click Expand and select any of the following options:
                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                            • Default: By default, a raw disk is created without any processing.
                                                                                                                                                                                                                                                                                                                            • Mount Disk: The data disk is attached to a specified directory.
                                                                                                                                                                                                                                                                                                                            • Use as PV: applicable when there is a high performance requirement on PVs. The node.kubernetes.io/local-storage-persistent label is added to the node with PV configured. The value is linear or striped.
                                                                                                                                                                                                                                                                                                                            • Use as ephemeral volume: applicable when there is a high performance requirement on emptyDir.
                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                            PVs and EVs support the following write modes:
                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                            PVs and EVs support the following write modes:
                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                            • Linear: A linear logical volume integrates one or more physical volumes. Data is written to the next physical volume when the previous one is used up.
                                                                                                                                                                                                                                                                                                                            • Striped: A striped logical volume stripes data into blocks of the same size and stores them in multiple physical volumes in sequence. This allows data to be concurrently read and written. A storage pool consisting of striped volumes cannot be scaled-out. This option can be selected only when there are multiple volumes.
                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                             NOTE: 
                                                                                                                                                                                                                                                                                                                            • Local PVs are supported only when the cluster version is v1.21.2-r0 or later and the Everest add-on version is 2.1.23 or later. Version 2.1.23 or later is recommended.
                                                                                                                                                                                                                                                                                                                            • Local EVs are supported only when the cluster version is v1.21.2-r0 or later and the Everest add-on version is 1.2.29 or later.
                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                            
@@ -135,9 +136,9 @@
 
                                                                                                                                                                                                                                                                                                                          Resource Tag
                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                          You can add resource tags to classify resources.
                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                          You can create predefined tags on the TMS console. These tags are available to all resources that support tags. You can use these tags to improve the tag creation and resource migration efficiency. 
                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                          CCE will automatically create the "CCE-Dynamic-Provisioning-Node=Node ID" tag.
                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                           NOTE: 
                                                                                                                                                                                                                                                                                                                          Modified resource tags automatically take effect on new nodes.
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                          You can create predefined tags on the TMS console. These tags are available to all resources that support tags. You can use these tags to improve the tag creation and resource migration efficiency. 
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                          CCE will automatically create the CCE-Dynamic-Provisioning-Node=Node ID tag.
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                           NOTE: 
                                                                                                                                                                                                                                                                                                                          Modified resource tags automatically apply to new nodes.
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          		
 
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          A key-value pair added to a Kubernetes object (such as a pod). After specifying a label, click Add Label for more. A maximum of 20 labels can be added.
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          Labels can be used to distinguish nodes. With workload affinity settings, container pods can be scheduled to a specified node. For more information, see Labels and Selectors.
                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                           NOTE: 
                                                                                                                                                                                                                                                                                                                          Modified Kubernetes labels automatically take effect on new nodes as well as existing nodes if Kubernetes labels is selected in Synchronization for Existing Nodes.
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                           NOTE: 
                                                                                                                                                                                                                                                                                                                          Modified Kubernetes labels automatically apply to new nodes as well as existing nodes if Kubernetes labels synchronized is selected in Synchronization for Existing Nodes.
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          		
 
                                                                                                                                                                                                                                                                                                                          This parameter is left blank by default. You can add taints to configure anti-affinity for the node. A maximum of 20 taints are allowed for each node. Each taint contains the following parameters:
                                                                                                                                                                                                                                                                                                                          • Key: A key must contain 1 to 63 characters, starting with a letter or digit. Only letters, digits, hyphens (-), underscores (_), and periods (.) are allowed. A DNS subdomain name can be used as the prefix of a key.
                                                                                                                                                                                                                                                                                                                          • Value: A value must contain 1 to 63 characters, starting with a letter or digit. Only letters, digits, hyphens (-), underscores (_), and periods (.) are allowed.
                                                                                                                                                                                                                                                                                                                          • Effect: Available options are NoSchedule, PreferNoSchedule, and NoExecute.
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          For details, see Managing Node Taints.
                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                           NOTE: 
                                                                                                                                                                                                                                                                                                                          Modified taints automatically take effect on new nodes as well as existing nodes if Taints is selected in Synchronization for Existing Nodes.
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                           NOTE: 
                                                                                                                                                                                                                                                                                                                          Modified taints automatically apply to new nodes as well as existing nodes if Kubernetes taints synchronized is selected in Synchronization for Existing Nodes.
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          		
 
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          Pre-installation Command
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          Installation script command, in which Chinese characters are not allowed. The script command will be Base64-transcoded. The characters of both the pre-installation and post-installation scripts are centrally calculated, and the total number of characters after transcoding cannot exceed 10240.
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                          Installation script command. The script command will be Base64-transcoded. The characters of both the pre-installation and post-installation scripts are centrally calculated, and the total number of characters after transcoding cannot exceed 10240.
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          The script will be executed before Kubernetes software is installed. Note that if the script is incorrect, Kubernetes software may fail to be installed.
                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                           NOTE: 
                                                                                                                                                                                                                                                                                                                          The modified pre-installation command automatically takes effect on newly added nodes. For existing nodes, manually reset the nodes for the modification to take effect.
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                           NOTE: 
                                                                                                                                                                                                                                                                                                                          The modified pre-installation setting automatically applies to newly added nodes. Manually reset existing nodes for the modification to take effect.
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          		
 
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          Post-installation Command
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          Installation script command, in which Chinese characters are not allowed. The script command will be Base64-transcoded. The characters of both the pre-installation and post-installation scripts are centrally calculated, and the total number of characters after transcoding cannot exceed 10240.
                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                          The script will be executed after Kubernetes software is installed, which does not affect the installation.
                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                           NOTE: 
                                                                                                                                                                                                                                                                                                                          The modified post-installation command automatically takes effect on newly added nodes. For existing nodes, manually reset the nodes for the modification to take effect.
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                          Installation script command. The script command will be Base64-transcoded. The characters of both the pre-installation and post-installation scripts are centrally calculated, and the total number of characters after transcoding cannot exceed 10240.
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                          The script will be executed after Kubernetes software is installed, which does not affect the installation. During post-installation script execution, pods can be scheduled normally. However, if the script execution times out, node installation will fail. To prevent pods from being scheduled to nodes with incomplete script execution, enable the option to schedule pods only after the post-installation script execution completes.
                                                                                                                                                                                                                                                                                                                           CAUTION: 
                                                                                                                                                                                                                                                                                                                          Do not use the reboot command in the post-installation script to restart the system immediately. Instead, use the shutdown -r 1 command to restart the system with a one-minute delay.
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                           NOTE: 
                                                                                                                                                                                                                                                                                                                          The modified post-installation setting automatically applies to newly added nodes. Manually reset existing nodes for the modification to take effect.
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          Agency
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          An agency is created by the account administrator on the IAM console. Using an agency, you can share your cloud server resources with another account, or entrust a more professional person or team to manage your resources.
                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                          If no agency is available, click Create Agency on the right to create one.
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                          If you need to share ECS resources with other accounts or delegate a more professional person or team to manage the resources, you can create an agency on IAM and grant the agency the permissions to manage ECS resources. The delegated account can log in to the cloud system and switch to your account to manage resources. You do not need to share security credentials (such as passwords) with other accounts, ensuring the security of your account.
                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                          If you have created an agency, select the agency from the drop-down list. If no agency is available, click Create Agency on the right to create one.
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                           NOTE: 
                                                                                                                                                                                                                                                                                                                          After an agency is modified, the modification will only apply to new nodes and not to existing ones, even if they are reset.
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                           		
 
 
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                          Migrating Nodes from a Custom Node Pool to the Default Node Pool
                                                                                                                                                                                                                                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                          2. In the navigation pane, choose Nodes and click the Node Pools tab.
                                                                                                                                                                                                                                                                                                                          3. Click View Node in the Operation column of the node pool to be migrated.
                                                                                                                                                                                                                                                                                                                          4. Choose More > Migrate Node in the Operation column of the target node to migrate the node.
                                                                                                                                                                                                                                                                                                                          5. In the displayed Migrate Node dialog box, confirm the information.
                                                                                                                                                                                                                                                                                                                             
                                                                                                                                                                                                                                                                                                                            • The migration does not affect custom resource tags, and Kubernetes labels and taints of the node.
                                                                                                                                                                                                                                                                                                                            • After the migration, system labels cce.cloud.com and cce-nodepool on the node will be deleted. If an existing workload uses these labels for affinity or anti-affinity scheduling, the existing pods on the node will be stopped and rescheduled when kubelet is restarted.
                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                            Migrating Nodes from a Custom Node Pool to the Default Node Pool
                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                            2. In the navigation pane, choose Nodes and click the Node Pools tab.
                                                                                                                                                                                                                                                                                                                            3. Click View Node in the Operation column of the node pool to be migrated.
                                                                                                                                                                                                                                                                                                                            4. Choose More > Migrate Node in the Operation column of the target node to migrate the node.
                                                                                                                                                                                                                                                                                                                            5. In the Migrate Node dialog box, confirm the information.
                                                                                                                                                                                                                                                                                                                               
                                                                                                                                                                                                                                                                                                                              • The migration does not affect custom resource tags, and Kubernetes labels and taints of the node.
                                                                                                                                                                                                                                                                                                                              • After the migration, system labels cce.cloud.com and cce-nodepool on the node will be deleted. If an existing workload uses these labels for affinity or anti-affinity scheduling, the existing pods on the node will be stopped and rescheduled when kubelet is restarted.
                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                            Migrating Nodes from the Default Node Pool to a Custom Node Pool
                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                            2. In the navigation pane, choose Nodes and click the Node Pools tab.
                                                                                                                                                                                                                                                                                                                            3. Locate the target node pool and choose More > Migrate Node.
                                                                                                                                                                                                                                                                                                                            4. In the Migrate Node dialog box, select the nodes that meet the following conditions:
                                                                                                                                                                                                                                                                                                                              • The nodes and the current node pool are deployed in the same VPC and subnet.
                                                                                                                                                                                                                                                                                                                              • The nodes and the current node pool are in the same cloud server group.
                                                                                                                                                                                                                                                                                                                              • The billing mode of the nodes is supported by the current node pool.
                                                                                                                                                                                                                                                                                                                              • The nodes are running and they are from the default node pool.
                                                                                                                                                                                                                                                                                                                              • The flavor, AZ, resource reservation, container engine, and OS configurations of the nodes are the same as those of the node pool.
                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                            5. Click OK.
                                                                                                                                                                                                                                                                                                                               
                                                                                                                                                                                                                                                                                                                              • After nodes are migrated into a node pool, the pool's resource tags, Kubernetes labels, and Kubernetes taints will be synchronized to the nodes. If there is a conflict, the node pool's configurations will take precedence.
                                                                                                                                                                                                                                                                                                                              • After the migration, the pool's security group will take over the nodes' original security group.
                                                                                                                                                                                                                                                                                                                              • After the migration, the pool's agency will take over the nodes' original agency.
                                                                                                                                                                                                                                                                                                                              • After the migration, the nodes' original login mode will remain unchanged.
                                                                                                                                                                                                                                                                                                                              • After a node is migrated to a node pool after being accepted by the cluster, its acceptance tag will be removed. Scaling in the node pool may result in the removal of the node.
                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                              Migrating Nodes from the Default Node Pool to a Custom Node Pool
                                                                                                                                                                                                                                                                                                                              1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                              2. In the navigation pane, choose Nodes and click the Node Pools tab.
                                                                                                                                                                                                                                                                                                                              3. Locate the target node pool and choose More > Migrate Node.
                                                                                                                                                                                                                                                                                                                              4. In the Migrate Node dialog box, select the nodes that meet the following conditions:
                                                                                                                                                                                                                                                                                                                                • The nodes and the current node pool are deployed in the same VPC and subnet.
                                                                                                                                                                                                                                                                                                                                • The nodes and the current node pool are in the same cloud server group.
                                                                                                                                                                                                                                                                                                                                • The billing mode of the nodes is supported by the current node pool.
                                                                                                                                                                                                                                                                                                                                • The nodes are running and they are from the default node pool.
                                                                                                                                                                                                                                                                                                                                • The flavor, AZ, resource reservation, container engine, and OS configurations of the nodes are the same as those of the node pool.
                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                              5. Click OK.
                                                                                                                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                                                                                                                • After migration, node pool configurations (including resource tags, Kubernetes labels, taints, and Kubernetes component settings) will overwrite conflicting node settings.
                                                                                                                                                                                                                                                                                                                                • After the migration, the pool's security group will take over the nodes' original security group.
                                                                                                                                                                                                                                                                                                                                • After the migration, the pool's agency will take over the nodes' original agency.
                                                                                                                                                                                                                                                                                                                                • After the migration, the nodes' original login mode will remain unchanged.
                                                                                                                                                                                                                                                                                                                                • After a node is migrated to a node pool after being accepted by the cluster, its acceptance tag will be removed. Scaling in the node pool may result in the removal of the node.
                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                              Parent topic: Managing a Node Pool
                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                              Parent topic: Managing Node Pools
                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                              
 
diff --git a/docs/cce/umn/cce_10_0657.html b/docs/cce/umn/cce_10_0657.html
index 7f3750c07..c8cc93e36 100644
--- a/docs/cce/umn/cce_10_0657.html
+++ b/docs/cce/umn/cce_10_0657.html
@@ -2,14 +2,16 @@
 
 
                                                                                                                                                                                                                                                                                                                              Deleting a Node Pool
                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                              Deleting a node pool will delete nodes in the pool. Pods on these nodes will be automatically migrated to available nodes in other node pools.
                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                              Notes and Constraints
                                                                                                                                                                                                                                                                                                                              • Deleting a node will cause PVC/PV data loss for the local PVs associated with the node. These PVCs and PVs cannot be restored or used again. In this scenario, the pod that uses the local PV is evicted from the node. A new pod is created and stays in the pending state. This is because the PVC used by the pod has a node label, due to which the pod cannot be scheduled.
                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                              Precautions
                                                                                                                                                                                                                                                                                                                              • Deleting a node pool will delete all nodes in the node pool. Back up data in a timely manner to prevent data loss.
                                                                                                                                                                                                                                                                                                                              • Deleting a node will lead to pod migration, which may affect services. Perform this operation during off-peak hours. If pods in the node pool have a specific node selector and none of the other nodes in the cluster satisfies the node selector, the pods will become unschedulable.
                                                                                                                                                                                                                                                                                                                              • When deleting a node pool, the system sets all nodes in the current node pool to the unschedulable state.
                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                              Procedure
                                                                                                                                                                                                                                                                                                                              1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                              2. Click the cluster name to access the cluster console. Choose Nodes in the navigation pane. In the right pane, click the Node Pools tab.
                                                                                                                                                                                                                                                                                                                              3. Choose More > Delete in the Operation column of the target node pool.
                                                                                                                                                                                                                                                                                                                              4. Read the precautions in the Delete Node Pool dialog box.
                                                                                                                                                                                                                                                                                                                              5. In the text box, enter DELETE and click Yes to confirm that you want to continue the deletion.
                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                              Procedure
                                                                                                                                                                                                                                                                                                                              1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                              2. Click the cluster name to access the cluster console. Choose Nodes in the navigation pane. In the right pane, click the Node Pools tab.
                                                                                                                                                                                                                                                                                                                              3. Choose More > Delete in the Operation column of the target node pool.
                                                                                                                                                                                                                                                                                                                              4. Read the precautions in the Delete Node Pool dialog box.
                                                                                                                                                                                                                                                                                                                              5. In the text box, enter DELETE and click Yes to confirm that you want to continue the deletion.
                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                              Parent topic: Managing a Node Pool
                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                              Parent topic: Managing Node Pools
                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                              
 
diff --git a/docs/cce/umn/cce_10_0658.html b/docs/cce/umn/cce_10_0658.html
index d7f5a5754..30e44097a 100644
--- a/docs/cce/umn/cce_10_0658.html
+++ b/docs/cce/umn/cce_10_0658.html
@@ -4,9 +4,10 @@
 
                                                                                                                                                                                                                                                                                                                              You can specify a specification in a node pool for scaling.
                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                               
                                                                                                                                                                                                                                                                                                                              The default node pool does not support scaling. Use Creating a Node to add a node.
                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                              1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                              2. Click the cluster name to access the cluster console. Choose Nodes in the navigation pane. In the right pane, click the Node Pools tab.
                                                                                                                                                                                                                                                                                                                              3. Choose Resize next to the target node pool.
                                                                                                                                                                                                                                                                                                                              4. In the Resize Node Pool dialog box, configure scaling parameters.
                                                                                                                                                                                                                                                                                                                                • Resize: Add or reduce nodes for scaling.
                                                                                                                                                                                                                                                                                                                                • Use the selected flavor to increase or decrease the number of nodes.
                                                                                                                                                                                                                                                                                                                                • Configure the number of nodes to be added or deleted.
                                                                                                                                                                                                                                                                                                                                  • When scaling out a node pool, make sure that the total number of nodes, both existing and new, does not exceed the management scale of the current cluster.
                                                                                                                                                                                                                                                                                                                                  • When scaling in a node pool, make sure that the number of nodes to be removed does not exceed the number of nodes currently in the pool.
                                                                                                                                                                                                                                                                                                                                    Scaling in can result in the unavailability of resources associated with a node, such as local storage and workloads that were scheduled to that node. Exercise caution when performing this operation to avoid impact on running services.
                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                    1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                                    2. Click the cluster name to access the cluster console. Choose Nodes in the navigation pane. In the right pane, click the Node Pools tab.
                                                                                                                                                                                                                                                                                                                                    3. Choose Resize next to the target node pool.
                                                                                                                                                                                                                                                                                                                                    4. In the Resize Node Pool dialog box, configure scaling parameters.
                                                                                                                                                                                                                                                                                                                                      • Resize: Add or reduce nodes for scaling.
                                                                                                                                                                                                                                                                                                                                      • Use the selected flavor to increase or decrease the number of nodes.
                                                                                                                                                                                                                                                                                                                                      • Configure the number of nodes to be added or deleted.
                                                                                                                                                                                                                                                                                                                                        • When scaling out a node pool, make sure that the total number of nodes, both existing and new, does not exceed the management scale of the current cluster.
                                                                                                                                                                                                                                                                                                                                        • When scaling in a node pool, make sure that the number of nodes to be removed does not exceed the number of nodes currently in the pool.
                                                                                                                                                                                                                                                                                                                                          Scaling in can result in the unavailability of resources associated with a node, such as local storage and workloads that were scheduled to that node. Exercise caution when performing this operation to avoid impact on running services.
                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                    5. Click OK.
                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                              
diff --git a/docs/cce/umn/cce_10_0659.html b/docs/cce/umn/cce_10_0659.html
index 3b58de4e3..570f094bf 100644
--- a/docs/cce/umn/cce_10_0659.html
+++ b/docs/cce/umn/cce_10_0659.html
@@ -1,17 +1,18 @@
 
 
 
                                                                                                                                                                                                                                                                                                                              Configuring Node Fault Detection Policies
                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                              The node fault detection function depends on the NPD add-on. The add-on instances run on nodes and monitor nodes. This section describes how to enable node fault detection.
                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                              Prerequisites
                                                                                                                                                                                                                                                                                                                              The CCE Node Problem Detector add-on has been installed in the cluster.
                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                              Node fault detection depends on the CCE Node Problem Detector add-on (CCE Node Problem Detector). The add-on instance runs on each node to monitor node faults. This section describes how to enable node fault detection.
                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                              Prerequisites
                                                                                                                                                                                                                                                                                                                              The CCE Node Problem Detector add-on (CCE Node Problem Detector) add-on has been installed in the cluster.
                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                              Enabling Node Fault Detection
                                                                                                                                                                                                                                                                                                                              1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                              2. In the navigation pane, choose Nodes and then click the Nodes tab. Check whether the NPD add-on has been installed in the cluster or whether the add-on has been upgraded to the latest version. After the NPD add-on has been installed, you can use the fault detection function.
                                                                                                                                                                                                                                                                                                                              3. If the NPD add-on is running properly, click Node Fault Detection Policy to view the current fault detection items. For details about the NPD check item list, see NPD Check Items.
                                                                                                                                                                                                                                                                                                                              4. If the check result of the current node is abnormal, a message is displayed in the node list, indicating that the metric is abnormal.
                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                              5. You can click Abnormal metrics and rectify the fault as prompted.
                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                Enabling Node Fault Detection
                                                                                                                                                                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                2. In the navigation pane, choose Nodes. Then click the Nodes tab. Verify that the CCE Node Problem Detector add-on is installed in the cluster and updated to the latest version. Fault detection will then be available.
                                                                                                                                                                                                                                                                                                                                3. When this add-on is running normally, click Node Fault Detection Policy to check the current fault detection items. For more details, see NPD Check Items.
                                                                                                                                                                                                                                                                                                                                4. Check the node list for any abnormal metrics.
                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                5. Click Abnormal metrics and rectify the fault as prompted.
                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                Customized Check Items
                                                                                                                                                                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                2. In the navigation pane, choose Nodes and then click the Nodes tab. Then, click Fault Detection Policy.
                                                                                                                                                                                                                                                                                                                                3. On the displayed page, view the current check items. Click Edit in the Operation column and edit checks.
                                                                                                                                                                                                                                                                                                                                  Currently, the following configurations are supported:
                                                                                                                                                                                                                                                                                                                                  • Enable/Disable: Enable or disable a check item.
                                                                                                                                                                                                                                                                                                                                  • Target Node: By default, check items run on all nodes. You can change the fault threshold based on special scenarios. For example, the spot price ECS interruption reclamation check runs only on the spot price ECS node.
                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                  • Trigger Threshold: The default thresholds match common fault scenarios. You can customize and modify the fault thresholds as required. For example, change the threshold for triggering connection tracking table exhaustion from 90% to 80%.
                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                  • Check Period: The default check period is 30 seconds. You can modify this parameter as required.
                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                  • Troubleshooting Strategy: After a fault occurs, you can select the strategies listed in the following table.
+
                                                                                                                                                                                                                                                                                                                                    Customized Check Items
                                                                                                                                                                                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                    2. In the navigation pane, choose Nodes and then click the Nodes tab. Then, click Fault Detection Policy.
                                                                                                                                                                                                                                                                                                                                    3. On the displayed page, view the current check items. Click Edit in the Operation column and edit checks.
                                                                                                                                                                                                                                                                                                                                      Currently, the following configurations are supported:
                                                                                                                                                                                                                                                                                                                                      • Enable/Disable: Enable or disable a check item.
                                                                                                                                                                                                                                                                                                                                      • Target Node: By default, check items are executed on all nodes. You can add the node label to filter the node that meets all conditions.
                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                      • Check Period: The default check period is 30 seconds. You can change the value as required.
                                                                                                                                                                                                                                                                                                                                      • Trigger: The CCE Node Problem Detector add-on provides the default threshold to match common fault scenarios. You can change the threshold as required. The threshold varies depending on check items, such as the number of failures and resource usage percentage. You can adjust the threshold as required. For example, you can change the threshold of resource usage percentage from 90% to 80%.
                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                      • Troubleshooting Strategy: After a fault occurs, you can select the strategies listed in the following table as needed.
 
                                                                                                                                                                                                                                                                                                                                        
-
-
@@ -56,7 +57,7 @@
 
@@ -81,7 +82,7 @@
 
@@ -206,7 +207,7 @@
 
-
@@ -240,7 +241,7 @@
 
                                                                                                                                                                                                                                                                                                                                        Typical scenario: When creating a node, a user configures two data disks as an ephemeral volume storage pool. Some data disks are deleted by mistake. As a result, the storage pool becomes abnormal.
                                                                                                                                                                                                                                                                                                                                        Table 1 Troubleshooting strategies
                                                                                                                                                                                                                                                                                                                                        Troubleshooting Strategy
                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                        Effect
                                                                                                                                                                                                                                                                                                                                        
@@ -25,12 +26,12 @@
 
                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                        Disabling scheduling
                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                        Kubernetes events are reported and the NoSchedule taint is added to the node.
                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                        Kubernetes events are reported and the NoSchedule taint is added to the node.
                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                        Evict Node Load
                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                        Kubernetes events are reported and the NoExecute taint is added to the node. This operation will evict workloads on the node and interrupt services. Exercise caution when performing this operation.
                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                        Kubernetes events are reported and the NoExecute taint is added to the node. This operation will evict workloads on the node and interrupt services. Exercise caution when performing this operation.
                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                        OOMKilling
                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                        Listen to the kernel logs and check whether OOM events occur and are reported.
                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                        Typical scenario: When the memory usage of a process in a container exceeds the limit, OOM is triggered and the process is terminated.
                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                        Typical scenario: The memory used by the process in the container exceeds the limit, triggering OOM and terminating the process.
                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                        Warning event
                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                        Listening object: /dev/kmsg
                                                                                                                                                                                                                                                                                                                                        
@@ -69,7 +70,7 @@
 
                                                                                                                                                                                                                                                                                                                                        Typical scenario: Disk I/O suspension causes process suspension.
                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                        Warning event
                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                        Listening object: /dev/kmsg
                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                        Listening object: /dev/kmsg
                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                        Matching rule: "task \\S+:\\w+ blocked for more than \\w+ seconds\\."
                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                        
 
 
                                                                                                                                                                                                                                                                                                                                        Warning event
                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                        Listening object: /dev/kmsg
                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                        Listening object: /dev/kmsg
                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                        Matching rule: Remounting filesystem read-only
                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                        Check whether PID process resources are exhausted.
                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                        • Default threshold: 90%
                                                                                                                                                                                                                                                                                                                                        • Usage: denominator of the fourth value in /proc/loadavg, which indicates the total number of processes that can run
                                                                                                                                                                                                                                                                                                                                        • Maximum value: smaller value between /proc/sys/kernel/pid_max and /proc/sys/kernel/threads-max.
                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                        • Default threshold: 90%
                                                                                                                                                                                                                                                                                                                                        • Usage: denominator of the fourth value in /proc/loadavg, which indicates the total number of processes that can run
                                                                                                                                                                                                                                                                                                                                        • Maximum value: smaller value between /proc/sys/kernel/pid_max and /proc/sys/kernel/threads-max.
                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                         
 
 
                                                                                                                                                                                                                                                                                                                                        • Detection period: 30s
                                                                                                                                                                                                                                                                                                                                        • Source:
                                                                                                                                                                                                                                                                                                                                          vgs -o vg_name, vg_attr
                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                        • Principle: Check whether the VG (storage pool) is in the P state. If yes, some PVs (data disks) are lost.
                                                                                                                                                                                                                                                                                                                                        • Joint scheduling: The scheduler can automatically identify a PV storage pool error and prevent pods that depend on the storage pool from being scheduled to the node.
                                                                                                                                                                                                                                                                                                                                        • Exceptional scenario: The NPD add-on cannot detect the loss of all PVs (data disks), resulting in the loss of VGs (storage pools). In this case, kubelet automatically isolates the node, detects the loss of VGs (storage pools), and updates the corresponding resources in nodestatus.allocatable to 0. This prevents pods that depend on the storage pool from being scheduled to the node. The damage of a single PV cannot be detected by this check item, but by the ReadonlyFilesystem check item.
                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                      • Principle: Check whether the VG (storage pool) is in the P state. If yes, some PVs (data disks) are lost.
                                                                                                                                                                                                                                                                                                                                      • Joint scheduling: The scheduler can automatically identify a PV storage pool error and prevent pods that depend on the storage pool from being scheduled to the node.
                                                                                                                                                                                                                                                                                                                                      • Exceptional scenario: The NPD add-on cannot detect the loss of all PVs (data disks), resulting in the loss of VGs (storage pools). In this case, kubelet automatically isolates the node, detects the loss of VGs (storage pools), and updates the corresponding resources in nodestatus.allocatable to 0. This prevents pods that depend on the storage pool from being scheduled to the node. The damage of a single PV cannot be detected by this check item, but by the ReadonlyFilesystem check item.
                                                                                                                                                                                                                                                                                                                                        • 
                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                        PV storage pool error
                                                                                                                                                                                                                                                                                                                                        
@@ -255,7 +256,7 @@
 
                                                                                                                                                                                                                                                                                                                                        MountPointProblem
                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                        Check the mount point on the node.
                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                        Definition: You cannot access the mount point by running the cd command.
                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                        Definition: You cannot access the mount point by running the cd command.
                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                        Typical scenario: Network File System (NFS), for example, obsfs and s3fs is mounted to a node. When the connection is abnormal due to network or peer NFS server exceptions, all processes that access the mount point are suspended. For example, during a cluster upgrade, a kubelet is restarted, and all mount points are scanned. If the abnormal mount point is detected, the upgrade fails.
                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                        Alternatively, you can run the following command:
                                                                                                                                                                                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_10_0660.html b/docs/cce/umn/cce_10_0660.html
index 1dc7877da..406372408 100644
--- a/docs/cce/umn/cce_10_0660.html
+++ b/docs/cce/umn/cce_10_0660.html
@@ -2,27 +2,29 @@
 
 
                                                                                                                                                                                                                                                                                                                                        Upgrading an OS
                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                        After CCE releases a new OS image, if existing nodes cannot be automatically upgraded, you can manually upgrade them in batches.
                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                        Precautions
                                                                                                                                                                                                                                                                                                                                        • This section describes how to upgrade an OS by resetting the target node. Workloads running on a node may be interrupted due to standalone deployment or insufficient schedulable resources. Evaluate the upgrade risks and perform the upgrade during off-peak hours. Alternatively, specify a disruption budget for your key applications to ensure the availability of these applications during the upgrade.
                                                                                                                                                                                                                                                                                                                                        • The system disk and data disks of the node will be cleared. Back up important data before resetting the node.
                                                                                                                                                                                                                                                                                                                                        • Resetting a node will clear your configured Kubernetes labels and taints. As a result, resources (such as local storage and load of specified scheduling nodes) associated with the node may be unavailable. Exercise caution when performing this operation to avoid impact on running services.
                                                                                                                                                                                                                                                                                                                                        • After the OS is upgraded, the node automatically starts.
                                                                                                                                                                                                                                                                                                                                        • To ensure node stability, CCE will reserve some CPU and memory resources to run necessary system components.
                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                        Precautions
                                                                                                                                                                                                                                                                                                                                        • This section describes how to upgrade an OS by resetting the target node. Workloads running on a node may be interrupted due to standalone deployment or insufficient schedulable resources. Evaluate the upgrade risks and perform the upgrade during off-peak hours. Alternatively, specify a disruption budget for your key applications to ensure the availability of these applications during the upgrade.
                                                                                                                                                                                                                                                                                                                                        • The system disk and data disks of the node will be cleared. Back up important data before resetting a node.
                                                                                                                                                                                                                                                                                                                                        • Resetting a node will clear your configured Kubernetes labels and taints. As a result, resources (such as local storage and load of specified scheduling nodes) associated with the node may be unavailable. Exercise caution when performing this operation to avoid impact on running services.
                                                                                                                                                                                                                                                                                                                                        • After the OS is upgraded, the node automatically starts.
                                                                                                                                                                                                                                                                                                                                        • To ensure node stability, CCE will reserve some CPU and memory resources to run necessary system components.
                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                        Notes and Constraints
                                                                                                                                                                                                                                                                                                                                        • Nodes running private images cannot be upgraded.
                                                                                                                                                                                                                                                                                                                                        • Compatibility issues may occur when the node OS of an early version is upgraded. In this case, manually reset the node for the OS upgrade.
                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                        Procedure for Default Node Pools
                                                                                                                                                                                                                                                                                                                                        1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                                        2. Click the cluster name to access the cluster console. Choose Nodes in the navigation pane. In the right pane, click the Node Pools tab.
                                                                                                                                                                                                                                                                                                                                        3. Click Upgrade next to the default node pool.
                                                                                                                                                                                                                                                                                                                                        4. In the displayed Operating System Upgrade window, configure parameters.
                                                                                                                                                                                                                                                                                                                                          • Target Operating System: shows the image of the target version. You do not need to configure this parameter.
                                                                                                                                                                                                                                                                                                                                          • Upgrade Policy: Node Reset is supported.
                                                                                                                                                                                                                                                                                                                                          • Max. Nodes for Batch Upgrade: maximum number of nodes that will be unavailable during node upgrade. Nodes will be unavailable during synchronization by resetting the nodes. Properly configure this parameter to prevent pod scheduling failures caused by too many unavailable nodes in the cluster.
                                                                                                                                                                                                                                                                                                                                          • View Node: Select the nodes to be upgraded.
                                                                                                                                                                                                                                                                                                                                          • Login Mode:
                                                                                                                                                                                                                                                                                                                                            • Key Pair
                                                                                                                                                                                                                                                                                                                                              Select the key pair used to log in to the node. You can select a shared key.
                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                              Procedure for Default Node Pools
                                                                                                                                                                                                                                                                                                                                              1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                                              2. Click the cluster name to access the cluster console. Choose Nodes in the navigation pane. In the right pane, click the Node Pools tab.
                                                                                                                                                                                                                                                                                                                                              3. Click Upgrade next to the default node pool.
                                                                                                                                                                                                                                                                                                                                              4. In the displayed Operating System Upgrade window, configure parameters.
                                                                                                                                                                                                                                                                                                                                                • Target Operating System: shows the image of the target version. You do not need to configure this parameter.
                                                                                                                                                                                                                                                                                                                                                • Upgrade Policy: Node Reset is supported.
                                                                                                                                                                                                                                                                                                                                                • Max. Nodes for Batch Upgrade: maximum number of nodes that will be unavailable during node upgrade. Nodes will be unavailable during synchronization by resetting the nodes. Properly configure this parameter to prevent pod scheduling failures caused by too many unavailable nodes in the cluster.
                                                                                                                                                                                                                                                                                                                                                • View Node: Select the nodes to be upgraded.
                                                                                                                                                                                                                                                                                                                                                • Login Mode:
                                                                                                                                                                                                                                                                                                                                                  • Key Pair
                                                                                                                                                                                                                                                                                                                                                    Select the key pair used to log in to the node. You can select a shared key.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    A key pair is used for identity authentication when you remotely log in to a node. If no key pair is available, click Create Key Pair.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                • Pre-installation script:
                                                                                                                                                                                                                                                                                                                                                  Installation script command, in which Chinese characters are not allowed. The script command will be Base64-transcoded. The characters of both the pre-installation and post-installation scripts are centrally calculated, and the total number of characters after transcoding cannot exceed 10240.
                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                • Pre-installation script:
                                                                                                                                                                                                                                                                                                                                                  Installation script command. The script command will be Base64-transcoded. The characters of both the pre-installation and post-installation scripts are centrally calculated, and the total number of characters after transcoding cannot exceed 10240.
                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                  The script will be executed before Kubernetes software is installed. Note that if the script is incorrect, Kubernetes software may fail to be installed.
                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                • Post-installation script:
                                                                                                                                                                                                                                                                                                                                                  Installation script command, in which Chinese characters are not allowed. The script command will be Base64-transcoded. The characters of both the pre-installation and post-installation scripts are centrally calculated, and the total number of characters after transcoding cannot exceed 10240.
                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                  The script will be executed after Kubernetes software is installed, which does not affect the installation.
                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                • Post-installation script:
                                                                                                                                                                                                                                                                                                                                                  Installation script command. The script command will be Base64-transcoded. The characters of both the pre-installation and post-installation scripts are centrally calculated, and the total number of characters after transcoding cannot exceed 10240.
                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                  The script will be executed after Kubernetes software is installed, which does not affect the installation. During post-installation script execution, pods can be scheduled normally. However, if the script execution times out, node installation will fail. To prevent pods from being scheduled to nodes with incomplete script execution, enable the option to schedule pods only after the post-installation script execution completes.
                                                                                                                                                                                                                                                                                                                                                   
                                                                                                                                                                                                                                                                                                                                                  Do not use the reboot command in the post-installation script to restart the system immediately. Instead, use the shutdown -r 1 command to restart the system with a one-minute delay.
                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                              5. Click OK.
                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                              Procedure for Non-default Node Pools
                                                                                                                                                                                                                                                                                                                                              1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                                              2. Click the cluster name to access the cluster console. Choose Nodes in the navigation pane. In the right pane, click the Node Pools tab.
                                                                                                                                                                                                                                                                                                                                              3. Choose More > Synchronize in the Operation column of the target node pool.
                                                                                                                                                                                                                                                                                                                                              4. In the Batch synchronization window, configure parameters.
                                                                                                                                                                                                                                                                                                                                                • OS: shows the image of the target version. You do not need to configure this parameter.
                                                                                                                                                                                                                                                                                                                                                • Synchronization Policy: Node Reset is supported.
                                                                                                                                                                                                                                                                                                                                                • Max. Nodes for Batch Synchronize: maximum number of nodes that will be unavailable during node synchronization. Nodes will be unavailable during synchronization by resetting the nodes. Properly configure this parameter to prevent pod scheduling failures caused by too many unavailable nodes in the cluster.
                                                                                                                                                                                                                                                                                                                                                • Node List: Select the nodes requiring the synchronization of node pool configurations.
                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                Procedure for Non-default Node Pools
                                                                                                                                                                                                                                                                                                                                                1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                                                2. Click the cluster name to access the cluster console. Choose Nodes in the navigation pane. In the right pane, click the Node Pools tab.
                                                                                                                                                                                                                                                                                                                                                3. Choose More > Synchronize in the Operation column of the target node pool.
                                                                                                                                                                                                                                                                                                                                                4. In the Batch synchronization window, configure parameters.
                                                                                                                                                                                                                                                                                                                                                  • OS: shows the image of the target version. You do not need to configure this parameter.
                                                                                                                                                                                                                                                                                                                                                  • Synchronization Type: Reset node is supported.
                                                                                                                                                                                                                                                                                                                                                  • Max. Nodes for Batch Synchronization: maximum number of nodes that will be unavailable during node synchronization. Nodes will be unavailable during synchronization by resetting the nodes. Properly configure this parameter to prevent pod scheduling failures caused by too many unavailable nodes in the cluster.
                                                                                                                                                                                                                                                                                                                                                  • In the node list, select the nodes requiring the synchronization of node pool configurations.
                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                5. Click OK.
                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                              Parent topic: Managing a Node Pool
                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                              Parent topic: Managing Node Pools
                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                              
 
diff --git a/docs/cce/umn/cce_10_0674.html b/docs/cce/umn/cce_10_0674.html
index 2090a41f9..f91bf6161 100644
--- a/docs/cce/umn/cce_10_0674.html
+++ b/docs/cce/umn/cce_10_0674.html
@@ -8,7 +8,7 @@
 
 
                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                              • Overview
                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                              • Scheduling Overview
                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                • 
 
                                                                                                                                                                                                                                                                                                                                              • CPU Scheduling
                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                • 
diff --git a/docs/cce/umn/cce_10_0675.html b/docs/cce/umn/cce_10_0675.html
index b50026078..738c7b34c 100644
--- a/docs/cce/umn/cce_10_0675.html
+++ b/docs/cce/umn/cce_10_0675.html
@@ -19,7 +19,7 @@
 
                                                                                                                                                                                                                                                                                                                                              
 
 
                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                              Parent topic: Container Network
                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                              Parent topic: Container Networks
                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                              
 
diff --git a/docs/cce/umn/cce_10_0677.html b/docs/cce/umn/cce_10_0677.html
index 16cd2c31d..b1b3400f5 100644
--- a/docs/cce/umn/cce_10_0677.html
+++ b/docs/cce/umn/cce_10_0677.html
@@ -10,7 +10,7 @@
 
                                                                                                                                                                                                                                                                                                                                            
 
 
                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                            Parent topic: Container Network
                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                            Parent topic: Container Networks
                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                        
 
diff --git a/docs/cce/umn/cce_10_0678.html b/docs/cce/umn/cce_10_0678.html
index 6a7258e35..7f2e6ae1e 100644
--- a/docs/cce/umn/cce_10_0678.html
+++ b/docs/cce/umn/cce_10_0678.html
@@ -7,13 +7,7 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                        Parent topic: Container Network
                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                        Parent topic: Container Networks
                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                        
 
diff --git a/docs/cce/umn/cce_10_0680.html b/docs/cce/umn/cce_10_0680.html
index 5a9f405f1..ebdf3fcb8 100644
--- a/docs/cce/umn/cce_10_0680.html
+++ b/docs/cce/umn/cce_10_0680.html
@@ -1,11 +1,11 @@
 
 
-
                                                                                                                                                                                                                                                                                                                                        Adding a Container CIDR Block for a Cluster
                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                        Expanding the Container CIDR Block of a Cluster That Uses a VPC Network
                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                        Scenario
                                                                                                                                                                                                                                                                                                                                        If the container CIDR block configured during CCE cluster creation cannot meet service expansion requirements, you can add a container CIDR block for the cluster.
                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                        Notes and Constraints
                                                                                                                                                                                                                                                                                                                                        • This function is available only for clusters of v1.19 or later using a VPC network.
                                                                                                                                                                                                                                                                                                                                        • An added container CIDR block cannot be deleted.
                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                        Notes and Constraints
                                                                                                                                                                                                                                                                                                                                        • This function is available only for clusters of v1.19.16-r0 or later using a VPC network.
                                                                                                                                                                                                                                                                                                                                        • An added container CIDR block cannot be deleted.
                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                        Adding a Container CIDR Block for a CCE Standard Cluster
                                                                                                                                                                                                                                                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                        2. On the Overview page, locate the Networking Configuration area and click Add.
                                                                                                                                                                                                                                                                                                                                        3. Configure the container CIDR block to be added. You can click  to add multiple container CIDR blocks at a time.
                                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                                          New container CIDR blocks cannot conflict with service CIDR blocks, VPC CIDR blocks, and existing container CIDR blocks.
                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                          Adding a Container CIDR Block for a CCE Standard Cluster
                                                                                                                                                                                                                                                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                          2. On the Overview page, locate the Networking Configuration area and click Add.
                                                                                                                                                                                                                                                                                                                                          3. Configure the container CIDR block to be added. You can add multiple container CIDR blocks at a time.
                                                                                                                                                                                                                                                                                                                                             
                                                                                                                                                                                                                                                                                                                                            New container CIDR blocks cannot conflict with service CIDR blocks, VPC CIDR blocks, and existing container CIDR blocks.
                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                          4. Click OK.
                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_10_0681.html b/docs/cce/umn/cce_10_0681.html
index b59d1d1be..c5d91c110 100644
--- a/docs/cce/umn/cce_10_0681.html
+++ b/docs/cce/umn/cce_10_0681.html
@@ -1,34 +1,36 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                          Creating a LoadBalancer Service
                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                          Scenario
                                                                                                                                                                                                                                                                                                                                          LoadBalancer Services can access workloads from the public network through a load balancer, which is more reliable than EIP-based access. The LoadBalancer access address is in the format of IP address of public network load balancer:Access port, for example, 10.117.117.117:80.
                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                          In this access mode, requests are transmitted through an ELB load balancer to a node and then forwarded to the destination pod through the Service.
                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                          Figure 1 LoadBalancer
                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                          When CCE Turbo clusters and dedicated load balancers are used, passthrough networking is supported to reduce service latency and ensure zero performance loss.
                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                          External access requests are directly forwarded from a load balancer to pods. Internal access requests can be forwarded to a pod through a Service.
                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                          Figure 2 Passthrough networking
                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                          A LoadBalancer Service adds an external load balancer on the top of a NodePort Service and distributes external traffic to multiple pods within a cluster. A LoadBalancer Service provides higher reliability than a NodePort Service. It automatically assigns an external IP address to allow access from the clients. LoadBalancer Services process TCP and UDP traffic at Layer 4 (transport layer) as well as HTTP and HTTPS traffic at Layer 7 (application layer).
                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                          If cloud applications require a stable, easy-to-manage entry for external access, you can create a LoadBalancer Service. For example, in a production environment, you can use LoadBalancer Services to expose public-facing services, such as web applications and API services, to the Internet. These services often need to handle heavy traffic while maintaining high availability. The access address of a LoadBalancer Service is in the format of {EIP-of-load-balancer}:{access-port}, for example, 10.117.117.117:80.
                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                          Figure 1 LoadBalancer Service
                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                          If dedicated load balancers are associated with Services in CCE Turbo clusters, passthrough networking is supported to reduce the network latency and ensure zero performance loss.
                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                          External access requests are directly forwarded from a load balancer to pods. Internal access requests can be forwarded to a pod through a Service.
                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                          Figure 2 ELB passthrough networking
                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                          Constraints
                                                                                                                                                                                                                                                                                                                                          • Constraints on load balancers associated with Services:
                                                                                                                                                                                                                                                                                                                                            • The load balancer automatically created based on the Service configuration cannot be associated with other resources. If you associate the load balancer with other resources, the load balancer cannot be automatically deleted when the Service is deleted, resulting in residual resources.
                                                                                                                                                                                                                                                                                                                                            • The names of load balancer listeners for clusters of v1.15 or earlier cannot be changed. If you change the names, access to the load balancer may be abnormal.
                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                          • Constraints on dedicated load balancers:
                                                                                                                                                                                                                                                                                                                                            • Dedicated load balancers can be used only in clusters of v1.17 and later.
                                                                                                                                                                                                                                                                                                                                            • Dedicated load balancers must support private networks (with private IP addresses). If a Service needs to support HTTP, the dedicated load balancer must be of the application (HTTP/HTTPS) type.
                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                          • Constraints on the service affinity (externalTrafficPolicy) configuration of a Service:
                                                                                                                                                                                                                                                                                                                                            • If the service affinity is set to the node level (externalTrafficPolicy is set to Local), access to the load balancer from within the cluster may be abnormal. For details, see Why a Service Fail to Be Accessed from Within the Cluster.
                                                                                                                                                                                                                                                                                                                                            • After a Service is created, if the affinity setting is switched from the cluster level to the node level, the connection tracing table will not be cleared. Do not modify the Service affinity setting after the Service is created. To modify it, create a Service again.
                                                                                                                                                                                                                                                                                                                                            • In a CCE Turbo cluster that utilizes Cloud Native Network 2.0, node-level affinity is supported only when the Service backend is connected to a hostNetwork pod.
                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                          • If you have an IPVS-backed cluster, kube-proxy mounts the Service's load balancer address to the ipvs-0 bridge, which will intercept the traffic from within the cluster to the load balancer. In this case, there may be the following access exceptions:
                                                                                                                                                                                                                                                                                                                                            • If you use the same load balancer for both a LoadBalancer ingress and Service, the ipvs-0 bridge will intercept the traffic from the cluster to the ingress and redirect it to the Service, resulting in an access failure.
                                                                                                                                                                                                                                                                                                                                            • If you use the same load balancer for a Service in the current cluster and a Service in another cluster, the ipvs-0 bridge will intercept the traffic to the Service in another cluster and redirect the traffic to the Service in the current cluster, resulting in an access failure. You can perform the operations in Configuring Passthrough Networking for a LoadBalancer Service to prevent kube-proxy from forwarding the Service's load balancer traffic from the cluster.
                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                          • When the cluster service forwarding (proxy) mode is IPVS, the node IP cannot be configured as the external IP of the Service. Otherwise, the node is unavailable.
                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                          Notes and Constraints
                                                                                                                                                                                                                                                                                                                                          • LoadBalancer Services allow workloads to be accessed from public networks through ELB. This access mode has the following restrictions:
                                                                                                                                                                                                                                                                                                                                            • Automatically created load balancers should not be used by other resources. Otherwise, these load balancers cannot be completely deleted.
                                                                                                                                                                                                                                                                                                                                            • Do not change the listener name for the load balancer in clusters of v1.15 and earlier. Otherwise, the load balancer cannot be accessed.
                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                          • After a Service is created, if the affinity setting is switched from the cluster level to the node level, the connection tracing table will not be cleared. Do not modify the Service affinity setting after the Service is created. To modify it, create a Service again.
                                                                                                                                                                                                                                                                                                                                          • If service affinity is set to the node level (that is, externalTrafficPolicy is set to Local), the cluster may fail to access the Service by using the ELB address. For details, see Why a Service Fail to Be Accessed from Within the Cluster.
                                                                                                                                                                                                                                                                                                                                          • In a CCE Turbo cluster that utilizes Cloud Native Network 2.0, node-level affinity is supported only when the Service backend is connected to a hostNetwork pod.
                                                                                                                                                                                                                                                                                                                                          • Dedicated ELB load balancers can be used only in clusters of v1.17 and later.
                                                                                                                                                                                                                                                                                                                                          • Dedicated load balancers must support private networks (with private IP addresses). If the Service needs to support HTTP, the dedicated load balancers must be of the application (HTTP/HTTPS) type.
                                                                                                                                                                                                                                                                                                                                          • When the cluster service forwarding (proxy) mode is IPVS, the node IP cannot be configured as the external IP of the Service. Otherwise, the node is unavailable.
                                                                                                                                                                                                                                                                                                                                          • If you have an IPVS-backed cluster and use the same ELB load balancer for both the ingress and Service in the same cluster or for the Service ports in different clusters, you will not be able to access the ingress from the nodes or containers in the cluster, or the Service ports in other clusters. This is because kube-proxy mounts the LoadBalancer Service address to the ipvs-0 bridge, which intercepts the load balancer traffic. Use separate load balancers for these ingresses and Services.
                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                          Using the Console
                                                                                                                                                                                                                                                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                          2. In the navigation pane, choose Services & Ingresses. In the upper right corner, click Create Service.
                                                                                                                                                                                                                                                                                                                                          3. Configure parameters.
                                                                                                                                                                                                                                                                                                                                            • Service Name: Specify a Service name, which can be the same as the workload name.
                                                                                                                                                                                                                                                                                                                                            • Service Type: Select LoadBalancer.
                                                                                                                                                                                                                                                                                                                                            • Namespace: namespace that the workload belongs to.
                                                                                                                                                                                                                                                                                                                                            • Service Affinity: For details, see externalTrafficPolicy (Service Affinity).
                                                                                                                                                                                                                                                                                                                                              • Cluster level: The IP addresses and access ports of all nodes in a cluster can access the workload associated with the Service. Accessing the Service will result in a decrease in performance due to route redirection, and the source IP address of the client cannot be obtained.
                                                                                                                                                                                                                                                                                                                                              • Node level: Only the IP address and access port of the node where the workload is located can access the workload associated with the Service. Accessing the Service will not result in a decrease in performance due to route redirection, and the source IP address of the client can be obtained.
                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                            • Selector: Add a label and click Confirm. The Service will use this label to select pods. You can also click Reference Workload Label to use the label of an existing workload. In the dialog box that is displayed, select a workload and click OK.
                                                                                                                                                                                                                                                                                                                                            • Protocol Version: This function is disabled by default. After this function is enabled, the cluster IP address of the Service can be set to an IPv6 address. This function is available only in clusters of v1.15 or later with IPv6 enabled (set during cluster creation).
                                                                                                                                                                                                                                                                                                                                            • Load Balancer: Select a load balancer type and creation mode.
                                                                                                                                                                                                                                                                                                                                              A load balancer can be dedicated or shared. A dedicated load balancer supports Network (TCP/UDP), Application (HTTP/HTTPS), or Network (TCP/UDP) & Application (HTTP/HTTPS).
                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                              Using the CCE Console
                                                                                                                                                                                                                                                                                                                                              1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                              2. In the navigation pane, choose Services & Ingresses. In the upper right corner, click Create Service.
                                                                                                                                                                                                                                                                                                                                              3. Configure parameters.
                                                                                                                                                                                                                                                                                                                                                • Service Name: Enter a name, which can be the same as the workload name.
                                                                                                                                                                                                                                                                                                                                                • Service Type: Select LoadBalancer.
                                                                                                                                                                                                                                                                                                                                                • Namespace: Select the namespace that the workload belongs to.
                                                                                                                                                                                                                                                                                                                                                • Service Affinity: For details, see Service Affinity (externalTrafficPolicy).
                                                                                                                                                                                                                                                                                                                                                  • Cluster-level: The IP addresses and ports of all nodes in a cluster can access the workload associated with the Service. However, accessing the Service may result in a performance decrease due to route redirection, and the client's source IP address may not be obtainable.
                                                                                                                                                                                                                                                                                                                                                  • Node-level: Only the IP address and port of the node where the workload is located can access the workload associated with the Service. Accessing the Service will not result in a performance decrease due to route redirection, and client's source IP address can be obtained.
                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                • Selector: Add a label and click Confirm. The Service will use this label to select pods. You can also click Reference Workload Label to use the label of an existing workload. In the dialog box that is displayed, select a workload and click OK.
                                                                                                                                                                                                                                                                                                                                                • Protocol Version: This function is disabled by default. After this function is enabled, the cluster IP address of the Service can be set to an IPv6 address.  This parameter is available only in clusters of v1.15 or later with IPv6 enabled (set during cluster creation).
                                                                                                                                                                                                                                                                                                                                                • Load Balancer: Select a load balancer type and creation mode.
                                                                                                                                                                                                                                                                                                                                                  A load balancer can be dedicated or shared. A dedicated load balancer supports Network (TCP/UDP), Application (HTTP/HTTPS), or Network (TCP/UDP) & Application (HTTP/HTTPS).
                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                  You can select Use existing or Auto create to obtain a load balancer. For details about the configuration of different creation modes, see Table 1.
-
                                                                                                                                                                                                                                                                                                                                                  Table 1 Load balancer configurations
                                                                                                                                                                                                                                                                                                                                                  How to Create
                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                  
-
-
-
-
-
@@ -36,101 +38,101 @@
 
                                                                                                                                                                                                                                                                                                                                                  Set ELB: You can click Edit and configure the load balancing algorithm and sticky session.
                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                  • Algorithm: Three algorithms are available: weighted round robin, weighted least connections algorithm, or source IP hash.
                                                                                                                                                                                                                                                                                                                                                     
                                                                                                                                                                                                                                                                                                                                                    • Weighted round robin: Requests are forwarded to different servers based on their weights, which indicate server processing performance. Backend servers with higher weights receive proportionately more requests, whereas equal-weighted servers receive the same number of requests. This algorithm is often used for short connections, such as HTTP services.
                                                                                                                                                                                                                                                                                                                                                    • Weighted least connections: In addition to the weight assigned to each server, the number of connections processed by each backend server is considered. Requests are forwarded to the server with the lowest connections-to-weight ratio. Building on least connections, the weighted least connections algorithm assigns a weight to each server based on their processing capability. This algorithm is often used for persistent connections, such as database connections.
                                                                                                                                                                                                                                                                                                                                                    • Source IP hash: The source IP address of each request is calculated using the hash algorithm to obtain a unique hash key, and all backend servers are numbered. The generated key allocates the client to a particular server. This enables requests from different clients to be distributed in load balancing mode and ensures that requests from the same client are forwarded to the same server. This algorithm applies to TCP connections without cookies.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    • Algorithm: Three algorithms are available: weighted round robin, weighted least connections algorithm, or source IP hash.
                                                                                                                                                                                                                                                                                                                                                       
                                                                                                                                                                                                                                                                                                                                                      • Weighted round robin: Requests are forwarded to different servers based on their weights, which indicate server processing performance. Backend servers with higher weights receive proportionately more requests, whereas equal-weighted servers receive the same number of requests. This algorithm is often used for short connections, such as HTTP services.
                                                                                                                                                                                                                                                                                                                                                      • Weighted least connections: In addition to the weight assigned to each server, the number of connections processed by each backend server is considered. Requests are forwarded to the server with the lowest connections-to-weight ratio. This algorithm is based on the least connections algorithm and assigns a weight to each server based on their processing capability. This algorithm is often used for persistent connections, such as database connections.
                                                                                                                                                                                                                                                                                                                                                      • Source IP hash: The source IP address of each request is calculated using the hash algorithm to obtain a unique hash key, and all backend servers are numbered. The generated key allocates the client to a particular server. This enables requests from different clients to be distributed in load balancing mode and ensures that requests from the same client are forwarded to the same server. This algorithm applies to TCP connections without cookies.
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                    • Sticky Session: This function is disabled by default.
                                                                                                                                                                                                                                                                                                                                                      If the listener's frontend protocol is TCP or UDP, sticky sessions can use source IP addresses. This means that access requests from the same IP address will be directed to the same backend server or pod.
                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                    • Sticky Session: This function is disabled by default.
                                                                                                                                                                                                                                                                                                                                                      If the listener's frontend protocol is TCP or UDP, sticky sessions can use source IP addresses. This means that access requests from the same IP address will be directed to the same backend server or pod.
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                       
                                                                                                                                                                                                                                                                                                                                                      When the distribution policy uses the source IP hash, sticky session cannot be set.
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                  • Health Check: Configure health check for the load balancer.
+
                                                                                                                                                                                                                                                                                                                                                  • Health Check: Configure health check for the load balancer.
 
-
                                                                                                                                                                                                                                                                                                                                                  Table 1 Load balancer configuration
                                                                                                                                                                                                                                                                                                                                                  How to Create
                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                  Configuration
                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                  Configuration
                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                  Use existing
                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                  Use existing
                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                  Only the load balancers in the same VPC as the cluster can be selected. If no load balancer is available, click Create Load Balancer to create one on the ELB console.
                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                  Only the load balancers in the same VPC as the cluster can be selected. If no load balancer is available, click Create Load Balancer to create one on the ELB console.
                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                  Auto create
                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                  Auto create
                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                  • Instance Name: Enter a load balancer name.
                                                                                                                                                                                                                                                                                                                                                  • AZ: available only to dedicated load balancers. You can create load balancers in multiple AZs to improve service availability. You can deploy a load balancer in multiple AZs for high availability.
                                                                                                                                                                                                                                                                                                                                                  • Frontend Subnet: available only to dedicated load balancers. It is used to allocate IP addresses for load balancers to provide services externally.
                                                                                                                                                                                                                                                                                                                                                  • Backend Subnet: available only to dedicated load balancers. It is used to allocate IP addresses for load balancers to access the backend service.
                                                                                                                                                                                                                                                                                                                                                  • Network Specifications, Application-oriented Specifications, or Specifications (available only to dedicated load balancers)
                                                                                                                                                                                                                                                                                                                                                    • Elastic: applies to fluctuating traffic, billed based on total traffic. Clusters of v1.21.10-r10, v1.23.8-r10, v1.25.3-r10, and later versions support elastic specifications.
                                                                                                                                                                                                                                                                                                                                                    • Fixed: applies to stable traffic, billed based on specifications.
                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                  • EIP: If you select Auto create, you can configure the size of the public network bandwidth.
                                                                                                                                                                                                                                                                                                                                                  • Resource Tag: You can add resource tags to classify resources. You can create predefined tags on the TMS console. These tags are available to all resources that support tags. You can use these tags to improve the tag creation and resource migration efficiency.
                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                  • Instance Name: Enter a load balancer name.
                                                                                                                                                                                                                                                                                                                                                  • AZ: available only to dedicated load balancers. You can create load balancers in multiple AZs to improve service availability. If diaster recovery is required, you are advised to select multiple AZs.
                                                                                                                                                                                                                                                                                                                                                  • Frontend Subnet: available only to dedicated load balancers. It is used to allocate IP addresses for load balancers to provide services externally.
                                                                                                                                                                                                                                                                                                                                                  • Backend Subnet: available only to dedicated load balancers. It is used to allocate IP addresses for load balancers to access the backend service.
                                                                                                                                                                                                                                                                                                                                                  • Network Specifications, Application-oriented Specifications, or Specifications (available only to dedicated load balancers)
                                                                                                                                                                                                                                                                                                                                                    • Elastic: applies to fluctuating traffic, billed based on total traffic. Clusters of v1.21.10-r10, v1.23.8-r10, v1.25.3-r10, and later versions support elastic specifications.
                                                                                                                                                                                                                                                                                                                                                    • Fixed: applies to stable traffic, billed based on specifications.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                  • EIP: If you select Auto assign, you can configure the size of the public network bandwidth.
                                                                                                                                                                                                                                                                                                                                                  • Resource Tag: You can add resource tags to classify resources. You can create predefined tags on the TMS console. These tags are available to all resources that support tags. You can use these tags to improve the tag creation and resource migration efficiency.
                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                   
 
 
                                                                                                                                                                                                                                                                                                                                                  Table 2 Health check parameters
                                                                                                                                                                                                                                                                                                                                                  Parameter
                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                  
-
-
-
-
-
-
-
-
-
-
-
                                                                                                                                                                                                                                                                                                                                                  Table 2 Health check parameters
                                                                                                                                                                                                                                                                                                                                                  Parameter
                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                  Description
                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                  Description
                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                  Protocol
                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                  Protocol
                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                  When the protocol of Port is set to TCP, the TCP and HTTP protocols are supported. When the protocol of Port is set to UDP, the UDP protocol is supported.
                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                  • Check Path (supported only by HTTP for health check): specifies the health check URL. The check path must start with a slash (/) and contain 1 to 80 characters.
                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                  When the protocol of Port is set to TCP, the TCP and HTTP protocols are supported. When the protocol of Port is set to UDP, the UDP protocol is supported.
                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                  • Check Path: This parameter is only available for HTTP health check. It specifies the URL for health check. The check path must start with a slash (/) and contain 1 to 80 characters.
                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                  Port
                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                  Port
                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                  By default, the service port (NodePort or container port of the Service) is used for health check. You can also specify another port for health check. After the port is specified, a service port named cce-healthz will be added for the Service.
                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                  • Node Port: If a shared or dedicated load balancer is used without an associated ENI, the node port will be used as the health check port. If the port is not specified, a random port will be used. The value ranges from 30000 to 32767.
                                                                                                                                                                                                                                                                                                                                                  • Container Port: When a dedicated load balancer is associated with an ENI instance, the container port is used for health check. The value ranges from 1 to 65535.
                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                  By default, the service port (NodePort or container port of the Service) is used for health check. You can also specify another port for health check. After the port is specified, a service port named cce-healthz will be added for the Service.
                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                  • Node Port: If a shared or dedicated load balancer is used without an associated network interface, the node port will be used as the health check port. If the port is not specified, a random port will be used. The value ranges from 30000 to 32767.
                                                                                                                                                                                                                                                                                                                                                  • Container Port: When a dedicated load balancer is associated with an elastic network interface, the container port is used for health check. The value ranges from 1 to 65535.
                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                  Check Period (s)
                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                  Check Period (s)
                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                  Specifies the maximum interval between health checks. The value ranges from 1 to 50.
                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                  Specifies the maximum interval between health checks. The value ranges from 1 to 50.
                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                  Timeout (s)
                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                  Timeout (s)
                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                  Specifies the maximum timeout for each health check. The value ranges from 1 to 50.
                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                  Specifies the maximum timeout for each health check. The value ranges from 1 to 50.
                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                  Max. Retries
                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                  Max. Retries
                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                  Specifies the maximum number of health check retries. The value ranges from 1 to 10.
                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                  Specifies the maximum number of health check retries. The value ranges from 1 to 10.
                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                   
 
                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                • Ports
                                                                                                                                                                                                                                                                                                                                                  • Protocol: protocol used by the Service. 
                                                                                                                                                                                                                                                                                                                                                  • Container Port: listener port of the workload. For example, Nginx uses port 80 by default.
                                                                                                                                                                                                                                                                                                                                                  • Service Port: port used by the Service. The port number ranges from 1 to 65535.
                                                                                                                                                                                                                                                                                                                                                  • Frontend Protocol: the frontend protocol of the load balancer listener for establishing a traffic distribution connection with the client. When a dedicated load balancer is selected, HTTP/HTTPS can be configured only when Application (HTTP/HTTPS) is selected.
                                                                                                                                                                                                                                                                                                                                                  • Health Check: If Health Check is set to Custom health check, you can configure health check for ports using different protocols. For details, see Table 2.
                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                • Port
                                                                                                                                                                                                                                                                                                                                                  • Protocol: protocol used by the Service. 
                                                                                                                                                                                                                                                                                                                                                  • Container Port: the port that the workload listens on. For example, Nginx uses port 80 by default.
                                                                                                                                                                                                                                                                                                                                                  • Service Port: the port used by the Service. The port ranges from 1 to 65535.
                                                                                                                                                                                                                                                                                                                                                  • Frontend Protocol: Set the protocol of the load balancer listener for establishing a connection with the clients. When a dedicated load balancer is selected, HTTP/HTTPS can be configured only when Application (HTTP/HTTPS) is selected.
                                                                                                                                                                                                                                                                                                                                                  • Health Check: If Health Check is set to Custom, you can configure health check for ports using different protocols. For details, see Table 2.
                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                   
                                                                                                                                                                                                                                                                                                                                                  When a LoadBalancer Service is created, a random node port number (NodePort) is automatically generated.
                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                • Listener
                                                                                                                                                                                                                                                                                                                                                  • SSL Authentication: Select this option if HTTPS/TLS is enabled on the listener port. This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later versions.
                                                                                                                                                                                                                                                                                                                                                    • One-way authentication: Only the backend server is authenticated. If you also need to authenticate the identity of the client, select mutual authentication.
                                                                                                                                                                                                                                                                                                                                                    • Mutual authentication: If you want the clients and the load balancer to authenticate each other, select this option. Only authenticated clients will be allowed to access the load balancer.
                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                  • CA Certificate: If SSL Authentication is set to Mutual authentication, add a CA certificate to authenticate the client. A CA certificate is issued by a certificate authority (CA) and used to verify the certificate issuer. If HTTPS mutual authentication is required, HTTPS connections can be established only when the client provides a certificate issued by a specific CA.
                                                                                                                                                                                                                                                                                                                                                  • Server Certificate: If HTTPS/TLS is enabled on the listener port, you must select a server certificate. 
                                                                                                                                                                                                                                                                                                                                                  • SNI: If HTTPS/TLS is enabled on the listener port, you must determine whether to add an SNI certificate. Before adding an SNI certificate, ensure the certificate contains a domain name. 
                                                                                                                                                                                                                                                                                                                                                    If an SNI certificate cannot be found based on the domain name requested by the client, the server certificate will be returned by default.
                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                  • Security Policy: If HTTPS/TLS is enabled on the listener port, you can select a security policy. This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later versions.
                                                                                                                                                                                                                                                                                                                                                  • Backend Protocol: If HTTPS is enabled on the listener port, HTTP or HTTPS can be used to access the backend server. The default value is HTTP. If TLS is enabled on the listener port, TCP or TLS can be used to access the backend server. The default value is TCP. This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later versions.
                                                                                                                                                                                                                                                                                                                                                  • Access Control
                                                                                                                                                                                                                                                                                                                                                    • Inherit ELB Configurations: CCE does not modify the existing access control configurations on the ELB console.
                                                                                                                                                                                                                                                                                                                                                    • Allow all IP addresses: No access control is configured.
                                                                                                                                                                                                                                                                                                                                                    • Trustlist: Only the selected IP address group can access the load balancer.
                                                                                                                                                                                                                                                                                                                                                    • Blocklist: The selected IP address group cannot access the load balancer.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                  • CA Certificate: If SSL Authentication is set to Mutual authentication, add a CA certificate to authenticate the client. A CA certificate is issued by a Certificate Authority (CA) and is used to verify the issuer of the client's certificate. If HTTPS mutual authentication is enabled, HTTPS connections can be established only if the client provides a certificate issued by a specific CA.
                                                                                                                                                                                                                                                                                                                                                  • Server Certificate: If HTTPS/TLS is enabled on the listener port, you must select a server certificate. 
                                                                                                                                                                                                                                                                                                                                                  • SNI: If HTTPS/TLS is enabled on the listener port, you must determine whether to add an SNI certificate. Before adding an SNI certificate, ensure the certificate contains a domain name. 
                                                                                                                                                                                                                                                                                                                                                    If an SNI certificate cannot be found based on the domain name requested by the client, the server certificate will be returned by default.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                  • Security Policy: If HTTPS/TLS is enabled on the listener port, you can select a security policy. This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later versions.
                                                                                                                                                                                                                                                                                                                                                  • Backend Protocol: If HTTPS is enabled on the listener port, HTTP or HTTPS can be used to access the backend server. The default value is HTTP. If TLS is enabled on the listener port, TCP or TLS can be used to access the backend server. The default value is TCP. This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later versions.
                                                                                                                                                                                                                                                                                                                                                  • Access Control
                                                                                                                                                                                                                                                                                                                                                    • Inherit ELB Configurations: CCE does not modify the existing access control configurations on the ELB console.
                                                                                                                                                                                                                                                                                                                                                    • Allow all IP addresses: No access control is configured.
                                                                                                                                                                                                                                                                                                                                                    • Trustlist: Only the selected IP address group can access the load balancer.
                                                                                                                                                                                                                                                                                                                                                    • Blocklist: The selected IP address group cannot access the load balancer.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                     
                                                                                                                                                                                                                                                                                                                                                    For clusters of v1.25.16-r10, v1.27.16-r10, v1.28.15-r0, v1.29.10-r0, v1.30.6-r0, v1.31.1-r0, or later, when using a dedicated load balancer, you can select a maximum of five IP address groups at a time for access control.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                  • Advanced Options
-
                                                                                                                                                                                                                                                                                                                                                    Configuration
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                                                                                                                                                                                                                                                                                                                    Configuration
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Description
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Description
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Restrictions
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Constraint
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Idle Timeout (s)
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Idle Timeout (s)
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Timeout for an idle client connection. If there are no requests reaching the load balancer during the timeout duration, the load balancer will disconnect the connection from the client and establish a new connection when there is a new request.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Timeout for an idle client connection. If there are no requests reaching the load balancer during the timeout duration, the load balancer will disconnect the connection from the client and establish a new connection when there is a new request.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    This configuration is not supported if the port of a shared load balancer uses UDP.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    This configuration is not supported if the port of a shared load balancer uses UDP.
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    Request Timeout (s)
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Request Timeout (s)
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Timeout for waiting for a request from a client. There are two cases:
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Timeout for waiting for a request from a client. There are two cases:
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    • If the client fails to send a request header to the load balancer during the timeout duration, the request will be interrupted.
                                                                                                                                                                                                                                                                                                                                                    • If the interval between two consecutive request bodies reaching the load balancer is greater than the timeout duration, the connection will be disconnected.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    This parameter is available only after HTTP/HTTPS is enabled on ports.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    This parameter is available only after HTTP/HTTPS is enabled on ports.
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    Response Timeout (s)
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Response Timeout (s)
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Timeout for waiting for a response from a backend server. After a request is forwarded to the backend server, if the backend server does not respond during the timeout duration, the load balancer will stop waiting and return HTTP 504 Gateway Timeout.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Timeout for waiting for a response from a backend server. After a request is forwarded to the backend server, if the backend server does not respond during the timeout duration, the load balancer will stop waiting and return HTTP 504 Gateway Timeout.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    This parameter is available only after HTTP/HTTPS is enabled on ports.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    This parameter is available only after HTTP/HTTPS is enabled on ports.
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    HTTP2
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    HTTP2
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Whether to use HTTP/2 for a client to communicate with a load balancer. Request forwarding using HTTP/2 improves the access performance between your application and the load balancer. However, the load balancer still uses HTTP/1.x to forward requests to the backend server.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Whether to use HTTP/2 for a client to communicate with a load balancer. Request forwarding using HTTP/2 improves the access performance between your application and the load balancer. However, the load balancer still uses HTTP/1.x to forward requests to the backend server.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    This parameter is available only after HTTPS is enabled on ports.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    This parameter is available only after HTTPS is enabled on ports.
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     
 
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    
 
-
                                                                                                                                                                                                                                                                                                                                                  • Annotation: The LoadBalancer Service has some advanced CCE functions, which are implemented by annotations. For details, see Configuring LoadBalancer Services Using Annotations.
                                                                                                                                                                                                                                                                                                                                                    • 
+
                                                                                                                                                                                                                                                                                                                                                  • Annotation: The LoadBalancer Service has some advanced CCE functions, which are implemented by annotations. For details, see Configuring Advanced Load Balancing Functions Using Annotations.
                                                                                                                                                                                                                                                                                                                                                    • 
 
                                                                                                                                                                                                                                                                                                                                                  • Click OK.
                                                                                                                                                                                                                                                                                                                                                    • 
 
 
                                                                                                                                                                                                                                                                                                                                                    Using kubectl to Create a Service (Using an Existing Load Balancer)
                                                                                                                                                                                                                                                                                                                                                    You can configure LoadBalancer Service access using kubectl when creating a workload. If you already have a load balancer in the same VPC and want to use it as the application access entry when creating a Service in the cluster, follow the following steps to associate the load balancer with the Service:
                                                                                                                                                                                                                                                                                                                                                    
@@ -163,7 +165,7 @@ metadata:
   name: nginx
   annotations:
     kubernetes.io/elb.id: <your_elb_id>                         # Load balancer ID. Replace it with the actual value.
-    kubernetes.io/elb.class: union                   # Load balancer type
+    kubernetes.io/elb.class: union                   # Load balancer type
     kubernetes.io/elb.lb-algorithm: ROUND_ROBIN                   # Load balancer algorithm
     kubernetes.io/elb.session-affinity-mode: SOURCE_IP          # The sticky session type is source IP address.
     kubernetes.io/elb.session-affinity-option: '{"persistence_timeout": "30"}'     # Stickiness duration, which is measured in minutes
@@ -187,25 +189,25 @@ spec:
 
                                                                                                                                                                                                                                                                                                                                                     
                                                                                                                                                                                                                                                                                                                                                    To enable sticky sessions, ensure anti-affinity is configured for the workload pods so that the pods are deployed onto different nodes. For details, see Configuring Workload Affinity or Anti-affinity Scheduling (podAffinity or podAntiAffinity).
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    The preceding example uses annotations to implement some advanced functions of load balancing, such as sticky session and health check. For details, see Table 3.
                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                    For more annotations and examples related to advanced functions, see Configuring LoadBalancer Services Using Annotations.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    For more annotations and examples related to advanced functions, see Configuring Advanced Load Balancing Functions Using Annotations.
                                                                                                                                                                                                                                                                                                                                                    
 
-
                                                                                                                                                                                                                                                                                                                                                    Table 3 annotations parameters
                                                                                                                                                                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                                                                                                                                                                                                                                                                                                                    Table 3 annotations parameters
                                                                                                                                                                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Mandatory
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Mandatory
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Type
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Type
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Description
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Description
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.id
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.id
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    ID of a load balancer.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    ID of a load balancer.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Mandatory when an existing load balancer is associated.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    How to obtain:
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    On the management console, click Service List, and choose Networking > Elastic Load Balance. Click the name of the target load balancer. On the Summary tab page, find and copy the ID.
                                                                                                                                                                                                                                                                                                                                                    
@@ -214,92 +216,92 @@ spec:
 
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.class
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.class
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Select a proper load balancer type.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Select a proper load balancer type.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Options:
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    • union: shared load balancer
                                                                                                                                                                                                                                                                                                                                                    • performance: dedicated load balancer, which can be used only in clusters of v1.17 and later.
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.lb-algorithm
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.lb-algorithm
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Specifies the load balancing algorithm of the backend server group. The default value is ROUND_ROBIN.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Specifies the load balancing algorithm of the backend server group. The default value is ROUND_ROBIN.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Options:
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    • ROUND_ROBIN: weighted round robin algorithm
                                                                                                                                                                                                                                                                                                                                                    • LEAST_CONNECTIONS: weighted least connections algorithm
                                                                                                                                                                                                                                                                                                                                                    • SOURCE_IP: source IP hash algorithm
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                     NOTE: 
                                                                                                                                                                                                                                                                                                                                                    If this parameter is set to SOURCE_IP, the weight setting (weight field) of backend servers bound to the backend server group is invalid, and sticky session cannot be enabled.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.session-affinity-mode
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.session-affinity-mode
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Source IP address-based sticky session means that access requests from the same IP address are forwarded to the same backend server.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Source IP address-based sticky session means that access requests from the same IP address are forwarded to the same backend server.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    • To disable sticky sessions, leave this parameter unconfigured.
                                                                                                                                                                                                                                                                                                                                                    • To enable sticky sessions, ensure the frontend protocol is TCP or UDP and set the sticky session type to SOURCE_IP.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                     NOTE: 
                                                                                                                                                                                                                                                                                                                                                    When kubernetes.io/elb.lb-algorithm is set to SOURCE_IP (source IP hash), sticky session cannot be enabled.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.session-affinity-option
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.session-affinity-option
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Table 4 object
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Table 4 object
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Sticky session timeout.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Sticky session timeout.
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.health-check-flag
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.health-check-flag
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Whether to enable the ELB health check.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Whether to enable the ELB health check.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    • Enabling health check: Leave this parameter blank or set it to on.
                                                                                                                                                                                                                                                                                                                                                    • Disabling health check: Set this parameter to off.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    If this parameter is enabled, the kubernetes.io/elb.health-check-option field must also be specified.
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.health-check-option
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.health-check-option
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Table 5 object
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Table 5 object
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    ELB health check configuration items.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    ELB health check configuration items.
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     
 
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    
 
-
                                                                                                                                                                                                                                                                                                                                                    Table 4 elb.session-affinity-option data structure
                                                                                                                                                                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    
-
-
-
-
-
-
-
@@ -307,63 +309,63 @@ spec:
 
                                                                                                                                                                                                                                                                                                                                                    Table 4 elb.session-affinity-option data structure
                                                                                                                                                                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Mandatory
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Mandatory
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Type
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Type
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Description
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Description
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    persistence_timeout
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    persistence_timeout
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Sticky session timeout, in minutes. This parameter is valid only when elb.session-affinity-mode is set to SOURCE_IP.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Sticky session timeout, in minutes. This parameter is valid only when elb.session-affinity-mode is set to SOURCE_IP.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Value range: 1 to 60. Default value: 60
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    
 
-
                                                                                                                                                                                                                                                                                                                                                    Table 5 elb.health-check-option data structure
                                                                                                                                                                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@@ -380,7 +382,7 @@ spec:
 
                                                                                                                                                                                                                                                                                                                                                    NAME                     READY     STATUS             RESTARTS   AGE
 nginx-2601814895-znhbr   1/1       Running            0          15s
                                                                                                                                                                                                                                                                                                                                                  • Create a Service.
                                                                                                                                                                                                                                                                                                                                                    kubectl create -f nginx-elb-svc.yaml
                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                    If information similar to the following is displayed, the Service has been created.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    If information similar to the following is displayed, the Service has been created:
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    service/nginx created
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    View the created Service.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    kubectl get svc
                                                                                                                                                                                                                                                                                                                                                    
@@ -389,7 +391,7 @@ spec:
 kubernetes   ClusterIP      10.247.0.1       <none>        443/TCP        3d
 nginx        LoadBalancer   10.247.130.196   10.78.42.242   80:31540/TCP   51s
 
                                                                                                                                                                                                                                                                                                                                                  • Enter the URL in the address box of the browser, for example, 10.78.42.242:80. 10.78.42.242 indicates the IP address of the load balancer, and 80 indicates the access port displayed on the CCE console.
                                                                                                                                                                                                                                                                                                                                                    The Nginx is accessible.
                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                    Figure 3 Accessing Nginx through the LoadBalancer Service
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Figure 3 Accessing Nginx through the LoadBalancer Service
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    • Using kubectl to Create a Service (Automatically Creating a Load Balancer)
                                                                                                                                                                                                                                                                                                                                                    You can configure LoadBalancer Service access using kubectl when creating a workload. If no load balancer is available when you create a Service, perform the following operations to automatically create a load balancer and associate it with the Service:
                                                                                                                                                                                                                                                                                                                                                    
@@ -505,38 +507,41 @@ spec:
 
                                                                                                                                                                                                                                                                                                                                                    The preceding example uses annotations to implement some advanced functions of load balancing, such as sticky session and health check. For details, see Table 6.
                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                    For more annotations and examples related to advanced functions, see Configuring LoadBalancer Services Using Annotations.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    For more annotations and examples related to advanced functions, see Configuring Advanced Load Balancing Functions Using Annotations.
                                                                                                                                                                                                                                                                                                                                                    
 
-
                                                                                                                                                                                                                                                                                                                                                    Table 5 elb.health-check-option data structure
                                                                                                                                                                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Mandatory
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Mandatory
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Type
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Type
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Description
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Description
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    delay
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    delay
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Health check interval (s)
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Health check interval (s)
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Value range: 1 to 50. Default value: 5
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    timeout
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    timeout
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Health check timeout, in seconds.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Health check timeout, in seconds.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Value range: 1 to 50. Default value: 10
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    max_retries
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    max_retries
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Maximum number of health check retries.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Maximum number of health check retries.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Value range: 1 to 10. Default value: 3
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    protocol
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    protocol
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Health check protocol.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Health check protocol.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Options: TCP, UDP, or HTTP
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    path
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    path
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Health check URL. This parameter needs to be configured when the protocol is HTTP.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Health check URL. This parameter needs to be configured when the protocol is HTTP.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Default value: /
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Value range: 1-80 characters
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                    Table 6 annotations parameters
                                                                                                                                                                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                                                                                                                                                                                                                                                                                                                    Table 6 annotations parameters
                                                                                                                                                                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Mandatory
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Mandatory
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Type
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Type
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Description
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Description
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.class
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.class
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Select a proper load balancer type.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Select a proper load balancer type.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Options:
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    • union: shared load balancer
                                                                                                                                                                                                                                                                                                                                                    • performance: dedicated load balancer, which can be used only in clusters of v1.17 and later.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    The default value is union.
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.autocreate
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.autocreate
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    elb.autocreate object
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    elb.autocreate object
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Whether to automatically create a load balancer associated with the Service.
                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                    Example
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Whether to automatically create a load balancer associated with the Service.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                     CAUTION: 
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.id and kubernetes.io/elb.autocreate cannot be specified concurrently.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    If both annotations are specified in a Service, CCE will use an existing load balancer instead of automatically creating one. If this Service is deleted, the existing load balancer is considered as an automatically created one. If no other resources are associated with the load balancer, the load balancer will also be deleted.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Example:
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    • Automatically created dedicated load balancer with an EIP bound:
                                                                                                                                                                                                                                                                                                                                                      '{"type":"public","bandwidth_name":"cce-bandwidth-1741230802502","bandwidth_chargemode":"traffic","bandwidth_size":5,"bandwidth_sharetype":"PER","eip_type":"5_bgp","available_zone":["*****"],"elb_virsubnet_ids":["*****"],"l7_flavor_name":"","l4_flavor_name":"L4_flavor.elb.pro.max","vip_subnet_cidr_id":"*****"}'
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                    • Automatically created dedicated load balancer with no EIP bound:
                                                                                                                                                                                                                                                                                                                                                      '{"type":"inner","available_zone":["*****"],"elb_virsubnet_ids":["*****"],"l7_flavor_name":"","l4_flavor_name":"L4_flavor.elb.pro.max","vip_subnet_cidr_id":"*****"}'
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                    • Automatically created shared load balancer with an EIP bound:
                                                                                                                                                                                                                                                                                                                                                      '{"type":"public","bandwidth_name":"cce-bandwidth-1551163379627","bandwidth_chargemode":"traffic,"bandwidth_size":5,"bandwidth_sharetype":"PER","eip_type":"5_bgp","name":"james"}'
                                                                                                                                                                                                                                                                                                                                                      
@@ -544,240 +549,239 @@ spec:
 
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.subnet-id
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.subnet-id
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    None
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    -
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    ID of the subnet where the cluster is located. The value can contain 1 to 100 characters.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    ID of the subnet where the cluster is located. The value can contain 1 to 100 characters.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    • Mandatory when a cluster of v1.11.7-r0 or earlier is to be automatically created.
                                                                                                                                                                                                                                                                                                                                                    • Optional for clusters of a version later than v1.11.7-r0.
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.lb-algorithm
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.lb-algorithm
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Specifies the load balancing algorithm of the backend server group. The default value is ROUND_ROBIN.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Specifies the load balancing algorithm of the backend server group. The default value is ROUND_ROBIN.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Options:
                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                    • ROUND_ROBIN: weighted round robin algorithm
                                                                                                                                                                                                                                                                                                                                                    • LEAST_CONNECTIONS: weighted least connections algorithm
                                                                                                                                                                                                                                                                                                                                                    • SOURCE_IP: source IP hash algorithm
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    • ROUND_ROBIN: weighted round robin algorithm
                                                                                                                                                                                                                                                                                                                                                    • LEAST_CONNECTIONS: weighted least connections algorithm
                                                                                                                                                                                                                                                                                                                                                    • SOURCE_IP: source IP hash algorithm
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                     NOTE: 
                                                                                                                                                                                                                                                                                                                                                    If this parameter is set to SOURCE_IP, the weight setting (weight field) of backend servers bound to the backend server group is invalid, and sticky session cannot be enabled.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.session-affinity-mode
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.session-affinity-mode
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Source IP address-based sticky session means that access requests from the same IP address are forwarded to the same backend server.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Source IP address-based sticky session means that access requests from the same IP address are forwarded to the same backend server.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    • To disable sticky sessions, leave this parameter unconfigured.
                                                                                                                                                                                                                                                                                                                                                    • To enable sticky session, add this parameter and set it to SOURCE_IP, indicating that the sticky session is based on the source IP address.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                     NOTE: 
                                                                                                                                                                                                                                                                                                                                                    When kubernetes.io/elb.lb-algorithm is set to SOURCE_IP (source IP hash), sticky session cannot be enabled.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.session-affinity-option
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.session-affinity-option
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Table 4 object
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Table 4 object
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Sticky session timeout.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Sticky session timeout.
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.health-check-flag
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.health-check-flag
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Whether to enable the ELB health check.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Whether to enable the ELB health check.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    • Enabling health check: Leave this parameter blank or set it to on.
                                                                                                                                                                                                                                                                                                                                                    • Disabling health check: Set this parameter to off.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    If this parameter is enabled, the kubernetes.io/elb.health-check-option field must also be specified.
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.health-check-option
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.health-check-option
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Table 5 object
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Table 5 object
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    ELB health check configuration items.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    ELB health check configuration items.
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     
 
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    
 
-
                                                                                                                                                                                                                                                                                                                                                    Table 7 elb.autocreate data structure
                                                                                                                                                                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@@ -794,7 +798,7 @@ spec:
 
                                                                                                                                                                                                                                                                                                                                                    NAME                     READY     STATUS             RESTARTS   AGE
 nginx-2601814895-znhbr   1/1       Running            0          15s
                                                                                                                                                                                                                                                                                                                                                  • Create a Service.
                                                                                                                                                                                                                                                                                                                                                    kubectl create -f nginx-elb-svc.yaml
                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                    If information similar to the following is displayed, the Service has been created.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    If information similar to the following is displayed, the Service has been created:
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    service/nginx created
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    View the created Service.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    kubectl get svc
                                                                                                                                                                                                                                                                                                                                                    
@@ -803,7 +807,7 @@ spec:
 kubernetes   ClusterIP      10.247.0.1       <none>        443/TCP        3d
 nginx        LoadBalancer   10.247.130.196   10.78.42.242   80:31540/TCP   51s
 
                                                                                                                                                                                                                                                                                                                                                  • Enter the URL in the address box of the browser, for example, 10.78.42.242:80. 10.78.42.242 indicates the IP address of the load balancer, and 80 indicates the access port displayed on the CCE console.
                                                                                                                                                                                                                                                                                                                                                    The Nginx is accessible.
                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                    Figure 4 Accessing Nginx through the LoadBalancer Service
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Figure 4 Accessing Nginx through the LoadBalancer Service
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    • 
diff --git a/docs/cce/umn/cce_10_0683.html b/docs/cce/umn/cce_10_0683.html
index 6644bca77..715abb3bb 100644
--- a/docs/cce/umn/cce_10_0683.html
+++ b/docs/cce/umn/cce_10_0683.html
@@ -1,66 +1,67 @@
 
                                                                                                                                                                                                                                                                                                                                                    Configuring HTTP/HTTPS for a LoadBalancer Service
                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                    Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                    • Only clusters of v1.19.16 or later support HTTP or HTTPS.
-
                                                                                                                                                                                                                                                                                                                                                    Table 7 elb.autocreate data structure
                                                                                                                                                                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Mandatory
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Mandatory
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Type
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Type
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Description
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Description
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    name
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    name
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Name of the automatically created load balancer.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Name of the automatically created load balancer.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    The value can contain 1 to 64 characters. Only letters, digits, underscores (_), hyphens (-), and periods (.) are allowed.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Default: cce-lb+service.UID
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    type
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    type
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Network type of the load balancer.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Network type of the load balancer.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    • public: public network load balancer
                                                                                                                                                                                                                                                                                                                                                    • inner: private network load balancer
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Default: inner
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    bandwidth_name
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    bandwidth_name
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Yes for public network load balancers
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Yes for public network load balancers
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Bandwidth name. The default value is cce-bandwidth-******.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Bandwidth name. The default value is cce-bandwidth-******.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    The value can contain 1 to 64 characters. Only letters, digits, underscores (_), hyphens (-), and periods (.) are allowed.
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    bandwidth_chargemode
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    bandwidth_chargemode
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Yes for public network load balancers
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Bandwidth mode.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Bandwidth mode.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    • traffic: billed by traffic
                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                    Default: traffic
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    bandwidth_size
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    bandwidth_size
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Yes for public network load balancers
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Yes for public network load balancers
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Integer
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Integer
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Bandwidth size. The value ranges from 1 Mbit/s to 2000 Mbit/s by default. Configure this parameter based on the bandwidth range allowed in your region.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Bandwidth size. The value ranges from 1 Mbit/s to 2000 Mbit/s by default. Configure this parameter based on the bandwidth range allowed in your region.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    The minimum increment for bandwidth adjustment varies depending on the bandwidth range.
                                                                                                                                                                                                                                                                                                                                                    • The minimum increment is 1 Mbit/s if the allowed bandwidth does not exceed 300 Mbit/s.
                                                                                                                                                                                                                                                                                                                                                    • The minimum increment is 50 Mbit/s if the allowed bandwidth ranges from 300 Mbit/s to 1000 Mbit/s.
                                                                                                                                                                                                                                                                                                                                                    • The minimum increment is 500 Mbit/s if the allowed bandwidth exceeds 1000 Mbit/s.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    bandwidth_sharetype
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    bandwidth_sharetype
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Yes for public network load balancers
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Yes for public network load balancers
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Bandwidth sharing mode.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Bandwidth sharing mode.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    • PER: dedicated bandwidth
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    eip_type
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    eip_type
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Yes for public network load balancers
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Yes for public network load balancers
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    EIP type.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    EIP type.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    • 5_bgp: dynamic BGP
                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                    The specific type varies with regions. For details, see the EIP console.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    The types vary by region. For details, see the EIP console.
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    vip_subnet_cidr_id
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    vip_subnet_cidr_id
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    The ID of the IPv4 subnet where the load balancer resides. This subnet is used to allocate IP addresses for the load balancer to provide external services. The IPv4 subnet must belong to the cluster's VPC.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    The ID of the IPv4 subnet where the load balancer resides. This subnet is used to allocate IP addresses for the load balancer to provide external services. The IPv4 subnet must belong to the cluster's VPC.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    If this parameter is not specified, the load balancer and the cluster will be in the same subnet by default.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    This field can be specified only for clusters of v1.21 or later.
                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                    How to Obtain
                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                    Log in to the VPC console. In the navigation pane, choose Subnets. Filter the target subnet by the cluster's VPC name, click the subnet name, and copy the IPv4 Subnet ID on the Summary tab page.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    How to obtain:
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Log in to the VPC console. In the navigation pane, choose Subnets. Filter the target subnet by the cluster's VPC name, click the subnet name, and copy the IPv4 Subnet ID on the Summary tab.
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    ipv6_vip_virsubnet_id
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    ipv6_vip_virsubnet_id
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    The ID of the IPv6 subnet where the load balancer is deployed. IPv6 must be enabled for the subnet.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    The ID of the IPv6 subnet where the load balancer is deployed. IPv6 must be enabled for the subnet.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    This parameter is available only for dedicated load balancers.
                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                    How to Obtain
                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                    Log in to the VPC console. In the navigation pane, choose Subnets. Filter the target subnet by the cluster's VPC name, click the subnet name, and copy the Network ID on the Summary tab page.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    How to obtain:
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Log in to the VPC console. In the navigation pane, choose Subnets. Filter the target subnet by the cluster's VPC name, click the subnet name, and copy the Network ID on the Summary tab.
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    elb_virsubnet_ids
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    elb_virsubnet_ids
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Array of strings
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Array of strings
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    The network ID of the subnet where the load balancer is located. This subnet is used to allocate IP addresses for accessing the backend server. If this parameter is not specified, the subnet specified by vip_subnet_cidr_id will be used by default. Load balancers occupy varying numbers of subnet IP addresses based on their specifications. Do not use the subnet CIDR blocks of other resources (such as clusters or nodes) as the load balancer's CIDR block.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    The network ID of the subnet where the load balancer is located. This subnet is used to allocate IP addresses for accessing the backend server. If this parameter is not specified, the subnet specified by vip_subnet_cidr_id will be used by default. Load balancers occupy varying numbers of subnet IP addresses based on their specifications. Do not use the subnet CIDR blocks of other resources (such as clusters or nodes) as the load balancer's CIDR block.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    This parameter is available only for dedicated load balancers.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Example:
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    "elb_virsubnet_ids": [
    "14567f27-8ae4-42b8-ae47-9f847a4690dd"
  ]
                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                    How to Obtain
                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                    Log in to the VPC console. In the navigation pane, choose Subnets. Filter the target subnet by the cluster's VPC name, click the subnet name, and copy the Network ID on the Summary tab page.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    How to obtain:
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Log in to the VPC console. In the navigation pane, choose Subnets. Filter the target subnet by the cluster's VPC name, click the subnet name, and copy the Network ID on the Summary tab.
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    vip_address
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    vip_address
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Private IP address of the load balancer. Only IPv4 addresses are supported.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Private IP address of the load balancer. Only IPv4 addresses are supported.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    The IP address must be in the ELB CIDR block. If this parameter is not specified, an IP address will be automatically assigned from the ELB CIDR block.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    This parameter is available only in clusters of v1.23.11-r0, v1.25.6-r0, v1.27.3-r0, or later versions.
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    available_zone
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    available_zone
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Array of strings
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Array of strings
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    AZ where the load balancer is located.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    AZ where the load balancer is located.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    You can obtain all supported AZs by getting the AZ list.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    This parameter is available only for dedicated load balancers.
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    l4_flavor_name
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    l4_flavor_name
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Flavor name of the layer-4 load balancer. This parameter is mandatory when TCP or UDP is used.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Flavor name of the Layer 4 load balancer. This parameter is mandatory when TCP or UDP is used.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    You can obtain all supported types by getting the flavor list.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    This parameter is available only for dedicated load balancers.
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    l7_flavor_name
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    l7_flavor_name
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Flavor name of the layer-7 load balancer. This parameter is mandatory when HTTP is used.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Flavor name of the Layer 7 load balancer. This parameter is mandatory when HTTP is used.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    You can obtain all supported types by getting the flavor list.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    This parameter is available only for dedicated load balancers. Its value must match that of l4_flavor_name, meaning both must be either elastic specifications or fixed specifications.
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                    Table 1 Scenarios where a load balancer supports HTTP or HTTPS
                                                                                                                                                                                                                                                                                                                                                    ELB Type
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    By default, a Layer 4 TCP/UDP listener is created for a LoadBalancer Service. You can also configure HTTP/HTTPS listeners for more refined and diverse task scheduling and to ensure secure access to applications from external networks.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                    • Only clusters of v1.19.16 or later support HTTP or HTTPS.
+
                                                                                                                                                                                                                                                                                                                                                      
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                                                                                                                                                                                                                                                                                                                      Table 1 Scenarios where a load balancer supports HTTP or HTTPS
                                                                                                                                                                                                                                                                                                                                                      ELB Type
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      Application
                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                      Application
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      Whether to Support HTTP or HTTPS
                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                      Whether to Support HTTP or HTTPS
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      Description
                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                      Description
                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      Shared load balancer
                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                      Shared load balancer
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      Interconnecting with an existing load balancer
                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                      Interconnecting with an existing load balancer
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      Supported
                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                      Supported
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                      Automatically creating a load balancer
                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                      Automatically creating a load balancer
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      Supported
                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                      Supported
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                      None
                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                      Dedicated load balancer
                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                      Dedicated load balancer
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      Interconnecting with an existing load balancer
                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                      Interconnecting with an existing load balancer
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      Supported
                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                      Supported
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      • For versions earlier than v1.19.16-r50, v1.21.11-r10, v1.23.9-r10, v1.25.4-r10, or v1.27.1-r10, the load balancer flavor must support both the layer-4 and layer-7 routing.
                                                                                                                                                                                                                                                                                                                                                      • For v1.19.16-r50, v1.21.11-r10, v1.23.9-r10, v1.25.4-r10, v1.27.1-r10, and later versions, the load balancer flavor must support layer-7 routing.
                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                      • For versions earlier than v1.19.16-r50, v1.21.11-r10, v1.23.9-r10, v1.25.4-r10, or v1.27.1-r10, load balancer specifications must support both layer-4 and layer-7 routing.
                                                                                                                                                                                                                                                                                                                                                      • For v1.19.16-r50, v1.21.11-r10, v1.23.9-r10, v1.25.4-r10, v1.27.1-r10, and later versions, load balancer specifications must support layer-7 routing.
                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                      Automatically creating a load balancer
                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                      Automatically creating a load balancer
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      Supported
                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                      Supported
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      • For versions earlier than v1.19.16-r50, v1.21.11-r10, v1.23.9-r10, v1.25.4-r10, or v1.27.1-r10, the load balancer flavor must support both the layer-4 and layer-7 routing.
                                                                                                                                                                                                                                                                                                                                                      • For v1.19.16-r50, v1.21.11-r10, v1.23.9-r10, v1.25.4-r10, v1.27.1-r10, and later versions, the load balancer flavor must support layer-7 routing.
                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                      • For versions earlier than v1.19.16-r50, v1.21.11-r10, v1.23.9-r10, v1.25.4-r10, or v1.27.1-r10, load balancer specifications must support both layer-4 and layer-7 routing.
                                                                                                                                                                                                                                                                                                                                                      • For v1.19.16-r50, v1.21.11-r10, v1.23.9-r10, v1.25.4-r10, v1.27.1-r10, and later versions, load balancer specifications must support layer-7 routing.
                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                       
 
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                    • Do not connect an ingress and a Service that uses HTTP or HTTPS to the same listener of the same load balancer. Otherwise, a port conflict occurs.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                  • Do not connect an ingress and an HTTP/HTTPS Service to the same listener of the same load balancer. Otherwise, a port conflict occurs.
                                                                                                                                                                                                                                                                                                                                                    • 
 
                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                    Using the CCE Console
                                                                                                                                                                                                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                    2. In the navigation pane, choose Services & Ingresses. In the upper right corner, click Create Service.
                                                                                                                                                                                                                                                                                                                                                    3. Configure Service parameters. In this example, only mandatory parameters required for using HTTP/HTTPS are listed. For details about how to configure other parameters, see Using the Console.
                                                                                                                                                                                                                                                                                                                                                      • Service Name: Specify a Service name, which can be the same as the workload name.
                                                                                                                                                                                                                                                                                                                                                      • Service Type: Select LoadBalancer.
                                                                                                                                                                                                                                                                                                                                                      • Selector: Add a label and click Confirm. The Service will use this label to select pods. You can also click Reference Workload Label to use the label of an existing workload. In the dialog box that is displayed, select a workload and click OK.
                                                                                                                                                                                                                                                                                                                                                      • Load Balancer: Select a load balancer type and creation mode.
                                                                                                                                                                                                                                                                                                                                                        • A load balancer can be dedicated or shared. To enable HTTP/HTTPS on the listener port of a dedicated load balancer, the type of the load balancer must be Application (HTTP/HTTPS) or Network (TCP/UDP) & Application (HTTP/HTTPS).
                                                                                                                                                                                                                                                                                                                                                        • This section uses an existing load balancer as an example. For details about the parameters for automatically creating a load balancer, see Table 1.
                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                      • Ports
                                                                                                                                                                                                                                                                                                                                                        • Protocol: Select TCP. If you select UDP, HTTP and HTTPS will be unavailable.
                                                                                                                                                                                                                                                                                                                                                        • Service Port: port used by the Service. The port number ranges from 1 to 65535.
                                                                                                                                                                                                                                                                                                                                                        • Container Port: listener port of the workload. For example, Nginx uses port 80 by default.
                                                                                                                                                                                                                                                                                                                                                        • Frontend Protocol: specifies whether to enable HTTP/HTTPS on the listener port. For a dedicated load balancer, to use HTTP/HTTPS, the type of the load balancer must be Application (HTTP/HTTPS).
                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                      • Listener
                                                                                                                                                                                                                                                                                                                                                        • SSL Authentication: Select this option if HTTPS is enabled on the listener port. This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later versions.
                                                                                                                                                                                                                                                                                                                                                          • One-way authentication: Only the backend server is authenticated. If you also need to authenticate the identity of the client, select mutual authentication.
                                                                                                                                                                                                                                                                                                                                                          • Mutual authentication: If you want the clients and the load balancer to authenticate each other, select this option. Only authenticated clients will be allowed to access the load balancer.
                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                        • CA Certificate: If SSL Authentication is set to Mutual authentication, add a CA certificate to authenticate the client. A CA certificate is issued by a certificate authority (CA) and used to verify the certificate issuer. If HTTPS mutual authentication is required, HTTPS connections can be established only when the client provides a certificate issued by a specific CA.
                                                                                                                                                                                                                                                                                                                                                        • Server Certificate: If HTTPS is enabled on the listener port, you must select a server certificate. 
                                                                                                                                                                                                                                                                                                                                                        • SNI: If HTTPS is enabled on the listener port, you must determine whether to add an SNI certificate. Before adding an SNI certificate, ensure the certificate contains a domain name. 
                                                                                                                                                                                                                                                                                                                                                        • Security Policy: If HTTPS is enabled on the listener port, you can select a security policy. This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later versions.
                                                                                                                                                                                                                                                                                                                                                        • Backend Protocol: If HTTPS is enabled on the listener port, HTTP or HTTPS can be used to access the backend server. The default value is HTTP. This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later versions.
                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                        Using the CCE Console
                                                                                                                                                                                                                                                                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                        2. In the navigation pane, choose Services & Ingresses. In the upper right corner, click Create Service.
                                                                                                                                                                                                                                                                                                                                                        3. Configure Service parameters. In this example, only mandatory parameters required for using HTTP/HTTPS are listed. For details about how to configure other parameters, see Using the CCE Console.
                                                                                                                                                                                                                                                                                                                                                          • Service Name: Specify a Service name, which can be the same as the workload name.
                                                                                                                                                                                                                                                                                                                                                          • Service Type: Select LoadBalancer.
                                                                                                                                                                                                                                                                                                                                                          • Selector: Add a label and click Confirm. The Service will use this label to select pods. You can also click Reference Workload Label to use the label of an existing workload. In the dialog box that is displayed, select a workload and click OK.
                                                                                                                                                                                                                                                                                                                                                          • Load Balancer: Select a load balancer type and creation mode.
                                                                                                                                                                                                                                                                                                                                                            • A load balancer can be dedicated or shared. To enable HTTP/HTTPS on the listener port of a dedicated load balancer, the type of the load balancer must be Application (HTTP/HTTPS) or Network (TCP/UDP) & Application (HTTP/HTTPS).
                                                                                                                                                                                                                                                                                                                                                            • This section uses an existing load balancer as an example. For details about the parameters for automatically creating a load balancer, see Table 1.
                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                          • Ports
                                                                                                                                                                                                                                                                                                                                                            • Protocol: Select TCP. If you select UDP, HTTP and HTTPS will be unavailable.
                                                                                                                                                                                                                                                                                                                                                            • Service Port: the port used by the Service. The port number ranges from 1 to 65535.
                                                                                                                                                                                                                                                                                                                                                            • Container Port: the port that the workload listens on. For example, Nginx uses port 80 by default.
                                                                                                                                                                                                                                                                                                                                                            • Frontend Protocol: specifies whether to enable HTTP/HTTPS on the listener port. For a dedicated load balancer, to use HTTP/HTTPS, the type of the load balancer must be Application (HTTP/HTTPS).
                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                          • Listener
                                                                                                                                                                                                                                                                                                                                                            • SSL Authentication: Select this option if HTTPS is enabled on the listener port. This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later versions.
                                                                                                                                                                                                                                                                                                                                                              • One-way authentication: Only the backend server is authenticated. If you also need to authenticate the identity of the client, select two-way authentication.
                                                                                                                                                                                                                                                                                                                                                              • Two-way authentication: Both the clients and the load balancer authenticate each other. This ensures only authenticated clients can access the load balancer. No additional backend server configuration is required if you select this option.
                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                            • CA Certificate: If SSL Authentication is set to Two-way authentication, add a CA certificate to authenticate the client. A CA certificate is issued by a Certificate Authority (CA) and is used to verify the issuer of the client's certificate. If HTTPS mutual authentication is enabled, HTTPS connections can be established only if the client provides a certificate issued by a specific CA.
                                                                                                                                                                                                                                                                                                                                                            • Server Certificate: If HTTPS is enabled on the listener port, you must select a server certificate. 
                                                                                                                                                                                                                                                                                                                                                            • SNI: If HTTPS is enabled on the listener port, you must determine whether to add an SNI certificate. Before adding an SNI certificate, ensure the certificate contains a domain name. 
                                                                                                                                                                                                                                                                                                                                                            • Security Policy: If HTTPS is enabled on the listener port, you can select a security policy. This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later versions.
                                                                                                                                                                                                                                                                                                                                                            • Backend Protocol: If HTTPS is enabled on the listener port, HTTP or HTTPS can be used to access the backend server. The default value is HTTP. This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later versions.
                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                             
                                                                                                                                                                                                                                                                                                                                                            If multiple HTTPS Services are released, all listeners will use the same certificate configuration.
                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                        4. Click OK.
                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                      • Click Create.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Using kubectl
                                                                                                                                                                                                                                                                                                                                                    If a Service uses the HTTP or HTTPS protocol, it is important to take note of the following configuration requirements:
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    • Different ELB types and cluster versions have different requirements on flavors. For details, see Table 1.
                                                                                                                                                                                                                                                                                                                                                    • The two ports in spec.ports must correspond to those in kubernetes.io/elb.protocol-port. In this example, ports 443 and 80 are enabled with HTTPS and HTTP, respectively.
                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                    The following is a configuration example for automatically creating a dedicated load balancer, in which key configurations are marked in red:
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    The following uses an automatically created dedicated load balancer as an example.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    apiVersion: v1
 kind: Service
 metadata:
@@ -77,12 +78,12 @@ metadata:
           "available_zone": [
               ""
           ],
-          "l7_flavor_name": "L7_flavor.elb.s2.small",
-          "l4_flavor_name": "L4_flavor.elb.s1.medium"
+          "l7_flavor_name": "L7_flavor.elb.s2.small",
+          "l4_flavor_name": "L4_flavor.elb.s1.medium"
       }'
-    kubernetes.io/elb.class: performance  # Dedicated load balancer
-    kubernetes.io/elb.protocol-port: "https:443,http:80"  # HTTP/HTTPS and port number, which must be the same as the port numbers in spec.ports
-    kubernetes.io/elb.cert-id: "17e3b4f4bc40471c86741dc3aa211379"  # Certificate ID of the LoadBalancer Service
+    kubernetes.io/elb.class: performance  # A dedicated load balancer
+    kubernetes.io/elb.protocol-port: "https:443,http:80"  # HTTP/HTTPS and port number, which must be the same as the port numbers in spec.ports
+    kubernetes.io/elb.cert-id: "17e3b4f4bc40471c86741dc3aa211379"  # The certificate ID of the LoadBalancer Service
   labels:
     app: nginx
     name: test
@@ -90,44 +91,44 @@ metadata:
   namespace: default
 spec:
   ports:
-  - name: cce-service-0
-    port: 443
-    protocol: TCP
-    targetPort: 80
-  - name: cce-service-1
-    port: 80
-    protocol: TCP
-    targetPort: 80
+  - name: cce-service-0
+    port: 443
+    protocol: TCP
+    targetPort: 80
+  - name: cce-service-1
+    port: 80
+    protocol: TCP
+    targetPort: 80
   selector:
     app: nginx
     version: v1
   sessionAffinity: None
   type: LoadBalancer
                                                                                                                                                                                                                                                                                                                                                    
 
-
                                                                                                                                                                                                                                                                                                                                                    Table 2 Key parameters
                                                                                                                                                                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    
-
-
-
-
-
-
-
-
diff --git a/docs/cce/umn/cce_10_0684.html b/docs/cce/umn/cce_10_0684.html
index c69a718a8..88081541e 100644
--- a/docs/cce/umn/cce_10_0684.html
+++ b/docs/cce/umn/cce_10_0684.html
@@ -36,7 +36,7 @@ metadata:
 		"path": "/",
 		"target_service_port": "TCP:2",
 		"monitor_port": "22",
-                "expected_codes": "200-399"
+                "expected_codes": "200"
 	}
     ]'
 spec:
diff --git a/docs/cce/umn/cce_10_0685.html b/docs/cce/umn/cce_10_0685.html
index 1be207d7e..0e7d8c679 100644
--- a/docs/cce/umn/cce_10_0685.html
+++ b/docs/cce/umn/cce_10_0685.html
@@ -6,7 +6,7 @@
 
                                                                                                                                                                                                                                                                                                                                                  • This function applies only to passthrough scenarios, that is, scenarios where dedicated load balancers are used in CCE Turbo clusters.
                                                                                                                                                                                                                                                                                                                                                  • To use this function, configure the readinessGates field in the pod and specify the label target-health.elb.k8s.cce/{serviceName}, where {serviceName} indicates the service name.
                                                                                                                                                                                                                                                                                                                                                  • The pod ready status takes effect only when the ELB backend is initially connected. The subsequent health check status does not affect the pod ready status.
                                                                                                                                                                                                                                                                                                                                                    • Setting the Pod Ready Status Through the ELB Health Check
                                                                                                                                                                                                                                                                                                                                                    To use pod readiness gates, perform the following steps:
                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                    2. In the navigation pane, choose Workloads. In the upper right corner, click Create from YAML.
                                                                                                                                                                                                                                                                                                                                                      YAML content:
                                                                                                                                                                                                                                                                                                                                                      kind: Deployment
+
                                                                                                                                                                                                                                                                                                                                                      1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                      2. In the navigation pane, choose Workloads. In the upper right corner, click Create from YAML.
                                                                                                                                                                                                                                                                                                                                                        YAML content:
                                                                                                                                                                                                                                                                                                                                                        kind: Deployment
 apiVersion: apps/v1
 metadata:
   name: nginx
diff --git a/docs/cce/umn/cce_10_0686.html b/docs/cce/umn/cce_10_0686.html
index 3763d5218..aa56d3197 100644
--- a/docs/cce/umn/cce_10_0686.html
+++ b/docs/cce/umn/cce_10_0686.html
@@ -12,13 +12,15 @@
 
                                                                                                                                                                                                                                                                                                                                                        3. 
 
                                                                                                                                                                                                                                                                                                                                                      3. Creating a LoadBalancer Ingress Using kubectl
                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                        4. 
-
                                                                                                                                                                                                                                                                                                                                                      4. Annotations for Configuring LoadBalancer Ingresses
                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                        5. 
-
                                                                                                                                                                                                                                                                                                                                                      5. Advanced Setting Examples of LoadBalancer Ingresses
                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                      6. Configuring an Advanced Forwarding Policy for a LoadBalancer Ingress
                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                        7. 
 
                                                                                                                                                                                                                                                                                                                                                      7. Forwarding Policy Priorities of LoadBalancer Ingresses
                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                        8. 
-
                                                                                                                                                                                                                                                                                                                                                      8. Configuring Multiple Ingresses to Use the Same External ELB Port
                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                      9. Configuring Advanced LoadBalancer Ingress Functions Using Annotations
                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                        10. 
+
                                                                                                                                                                                                                                                                                                                                                      10. Configuring Multiple Ingresses to Use the Same Load Balancer
                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                        11. 
+
                                                                                                                                                                                                                                                                                                                                                      11. Advanced Setting Examples of LoadBalancer Ingresses
                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                        12. 
 
 
diff --git a/docs/cce/umn/cce_10_0687.html b/docs/cce/umn/cce_10_0687.html
index 6aa2f1b87..52e1e6563 100644
--- a/docs/cce/umn/cce_10_0687.html
+++ b/docs/cce/umn/cce_10_0687.html
@@ -2,13 +2,13 @@
 
 
                                                                                                                                                                                                                                                                                                                                                        Configuring an HTTPS Certificate for a LoadBalancer Ingress
                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                        Ingresses support SSL or TLS certificates, allowing you to secure your Services with HTTPS.
                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                        You are allowed to use either of the following ways to configure an ingress certificate in a cluster:
                                                                                                                                                                                                                                                                                                                                                        • Using a TLS certificate: You need to first import a certificate to a secret. CCE will then automatically handle the certificate configurations on the ELB console and give a name to the certificate (started with k8s_plb_default). This certificate, which is generated by CCE, cannot be modified or deleted from the ELB console. To modify the certificate, update the secret where the certificate is imported to on CCE.
                                                                                                                                                                                                                                                                                                                                                        • Using a certificate created on the ELB console: You are allowed to directly use certificates created on the ELB console. There is no need to manually configure the cluster Secrets, and you can modify the certificates on the ELB console.
                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                        You are allowed to use either of the following ways to configure an ingress certificate in a cluster:
                                                                                                                                                                                                                                                                                                                                                        • Using a TLS certificate: You need to first import a certificate to a secret. CCE will then automatically handle the certificate configurations on the ELB console and give a name to the certificate (started with k8s_plb_default). This certificate, which is generated by CCE, cannot be modified or deleted from the ELB console. To modify the certificate, update the secret where the certificate is imported to on CCE.
                                                                                                                                                                                                                                                                                                                                                        • Using a certificate created on the ELB console: You are allowed to directly use certificates created on the ELB console. There is no need to manually configure the cluster secrets, and you can modify the certificates on the ELB console.
                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                         
                                                                                                                                                                                                                                                                                                                                                        If multiple ingresses share the same external port on a load balancer, you are advised to use the same certificate and security policy for these ingresses. Otherwise, the configuration of the first created ingress will take precedence. For details, see Configuring a Same Port for Multiple Ingresses.
                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                        Prerequisites
                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                        Using the CCE Console to Configure a TLS Certificate
                                                                                                                                                                                                                                                                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                        2. Choose Services & Ingresses in the navigation pane, click the Ingresses tab, and click Create Ingress in the upper right corner.
                                                                                                                                                                                                                                                                                                                                                        3. Configure ingress parameters.
                                                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                                                          This example explains only key parameters for configuring HTTPS certificates. You can configure other parameters as required. For details, see Creating a LoadBalancer Ingress on the Console.
                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                          Using the CCE Console to Configure a TLS Certificate
                                                                                                                                                                                                                                                                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                          2. Choose Services & Ingresses in the navigation pane, click the Ingresses tab, and click Create Ingress in the upper right corner.
                                                                                                                                                                                                                                                                                                                                                          3. Configure ingress parameters.
                                                                                                                                                                                                                                                                                                                                                             
                                                                                                                                                                                                                                                                                                                                                            This example explains only key parameters for configuring HTTPS certificates. You can configure other parameters as required. For details, see Creating a LoadBalancer Ingress on the Console.
                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                            
 
 
                                                                                                                                                                                                                                                                                                                                                    Table 2 Key parameters
                                                                                                                                                                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Type
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Type
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Description
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    Description
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.protocol-port
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.protocol-port
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    If a Service is TLS/HTTP/HTTPS-compliant, configure the protocol and port number in the format of "protocol:port".
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    If a Service is TLS/HTTP/HTTPS-compliant, configure the protocol and port number in the format of "protocol:port".
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    where,
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    • protocol: specifies the protocol used by the listener port. The value can be tls, http, or https.
                                                                                                                                                                                                                                                                                                                                                    • port: Service port specified by spec.ports[].port.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    In this example, ports 443 and 80 are enabled with HTTPS and HTTP, respectively. Therefore, the parameter value is https:443,http:80.
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.cert-id
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.cert-id
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    ID of an ELB certificate, which is used as the TLS/HTTPS server certificate.
                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                    To obtain the certificate, log in to the CCE console, choose Service List > Networking > Elastic Load Balance, and click Certificates in the navigation pane. In the load balancer list, copy the ID under the target certificate name.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    ID of an ELB certificate, which is used as the TLS/HTTPS server certificate.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    How to obtain: Log in to the ELB console and choose Certificates. In the load balancer list, copy the ID under the target certificate name.
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     
 
 
                                                                                                                                                                                                                                                                                                                                                    
-
-
                                                                                                                                                                                                                                                                                                                                                    Table 1 Key parameters
                                                                                                                                                                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                                                                                                                                                                    
@@ -35,10 +35,10 @@
 
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Listener
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    • External Protocol: Select HTTPS when configuring a certificate for an ingress.
                                                                                                                                                                                                                                                                                                                                                    • External Port: specifies the port of the load balancer listener. The default HTTPS port is 443.
                                                                                                                                                                                                                                                                                                                                                    • Certificate Source: Select TLS secret.
                                                                                                                                                                                                                                                                                                                                                    • Server Certificate: kubernetes.io/tls and IngressTLS are supported.
                                                                                                                                                                                                                                                                                                                                                      If no certificate is available, you can create a TLS certificate. For details about the configuration parameters, see Creating a Secret.
                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                    • Frontend Protocol: Select HTTPS when configuring a certificate for an ingress.
                                                                                                                                                                                                                                                                                                                                                    • External Port: specifies the port of the load balancer listener. The default HTTPS port is 443.
                                                                                                                                                                                                                                                                                                                                                    • Certificate Source: Select TLS secret.
                                                                                                                                                                                                                                                                                                                                                    • Server Certificate: kubernetes.io/tls and IngressTLS are supported.
                                                                                                                                                                                                                                                                                                                                                      If no certificate is available, you can create a TLS certificate. For details about the configuration parameters, see Creating a Secret.
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    • External Protocol: HTTPS
                                                                                                                                                                                                                                                                                                                                                    • External Port: 443
                                                                                                                                                                                                                                                                                                                                                    • Certificate Source: TLS secret
                                                                                                                                                                                                                                                                                                                                                    • Server Certificate: test
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    • Frontend Protocol: HTTPS
                                                                                                                                                                                                                                                                                                                                                    • External Port: 443
                                                                                                                                                                                                                                                                                                                                                    • Certificate Source: TLS secret
                                                                                                                                                                                                                                                                                                                                                    • Server Certificate: test
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Forwarding Policy
                                                                                                                                                                                                                                                                                                                                                    
@@ -80,6 +80,46 @@ ingress-test-secret          IngressTLS                            2         13s
 
                                                                                                                                                                                                                                                                                                                                                     
                                                                                                                                                                                                                                                                                                                                                    Default security policy (kubernetes.io/elb.tls-ciphers-policy) is supported only in clusters of v1.17.17 or later.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    An example YAML file of an ingress associated with an automatically created load balancer is as follows:
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    For clusters of v1.23 or later:
                                                                                                                                                                                                                                                                                                                                                    apiVersion: networking.k8s.io/v1
+kind: Ingress 
+metadata: 
+  name: ingress-test
+  annotations: 
+    kubernetes.io/elb.class: performance
+    kubernetes.io/elb.port: '443'
+    kubernetes.io/elb.autocreate: 
+      '{
+          "type": "public",
+          "bandwidth_name": "cce-bandwidth-******",
+          "bandwidth_chargemode": "traffic",
+          "bandwidth_size": 5,
+          "bandwidth_sharetype": "PER",
+          "eip_type": "5_bgp",
+          "available_zone": [
+              "eu-de-01"
+          ],
+          "elb_virsubnet_ids":["b4bf8152-6c36-4c3b-9f74-2229f8e640c9"],
+          "l7_flavor_name": "L7_flavor.elb.s1.small"
+       }'
+    kubernetes.io/elb.tls-ciphers-policy: tls-1-2
+spec:
+  tls: 
+  - secretName: ingress-test-secret
+  rules: 
+  - host: ''
+    http: 
+      paths: 
+      - path: '/'
+        backend: 
+          service:
+            name: <your_service_name>  # Replace it with the name of your target Service.
+            port: 
+              number: 80             # Replace 80 with the port number of your target Service.
+        property:
+          ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
+        pathType: ImplementationSpecific
+  ingressClassName: cce 
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    For clusters of v1.21 or earlier:
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    apiVersion: networking.k8s.io/v1beta1
 kind: Ingress 
@@ -117,46 +157,6 @@ spec:
           servicePort: 80
         property:
           ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                    For clusters of v1.23 or later:
                                                                                                                                                                                                                                                                                                                                                    apiVersion: networking.k8s.io/v1
-kind: Ingress 
-metadata: 
-  name: ingress-test
-  annotations: 
-    kubernetes.io/elb.class: performance
-    kubernetes.io/elb.port: '443'
-    kubernetes.io/elb.autocreate: 
-      '{
-          "type": "public",
-          "bandwidth_name": "cce-bandwidth-******",
-          "bandwidth_chargemode": "traffic",
-          "bandwidth_size": 5,
-          "bandwidth_sharetype": "PER",
-          "eip_type": "5_bgp",
-          "available_zone": [
-              "eu-de-01"
-          ],
-          "elb_virsubnet_ids":["b4bf8152-6c36-4c3b-9f74-2229f8e640c9"],
-          "l7_flavor_name": "L7_flavor.elb.s1.small"
-       }'
-    kubernetes.io/elb.tls-ciphers-policy: tls-1-2
-spec:
-  tls: 
-  - secretName: ingress-test-secret
-  rules: 
-  - host: ''
-    http: 
-      paths: 
-      - path: '/'
-        backend: 
-          service:
-            name: <your_service_name>  # Replace it with the name of your target Service.
-            port: 
-              number: 80             # Replace 80 with the port number of your target Service.
-        property:
-          ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
-        pathType: ImplementationSpecific
-  ingressClassName: cce 
                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                    
 
 
                                                                                                                                                                                                                                                                                                                                                    
@@ -274,12 +274,12 @@ spec:
 
                                                                                                                                                                                                                                                                                                                                                    If information similar to the following is displayed, the ingress has been created:
                                                                                                                                                                                                                                                                                                                                                    NAME          CLASS    HOSTS     ADDRESS          PORTS   AGE
 ingress-test  cce      *         121.**.**.**     80,443  10s
                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                  • Enter https://121.**.**.**:443 in the address box of the browser to access the workload (for example, Nginx workload).
                                                                                                                                                                                                                                                                                                                                                    121.**.**.** indicates the IP address of the unified load balancer.
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                  • Enter https://121.**.**.**:443 in the address bar of the browser to access the workload (for example, Nginx workload).
                                                                                                                                                                                                                                                                                                                                                    121.**.**.** indicates the IP address of the unified load balancer.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    • Using the CCE Console to Configure a Certificate Created on the ELB Console
                                                                                                                                                                                                                                                                                                                                                     
                                                                                                                                                                                                                                                                                                                                                    • If both an ELB certificate and a TLS certificate are specified for the same ingress, the ingress will use the ELB certificate.
                                                                                                                                                                                                                                                                                                                                                    • CCE does not check whether an ELB certificate is valid. It only checks whether the certificate is present.
                                                                                                                                                                                                                                                                                                                                                    • Only ingresses in clusters of v1.19.16-r2, v1.21.5-r0, v1.23.3-r0, or later support ELB certificates.
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                    2. Choose Services & Ingresses in the navigation pane, click the Ingresses tab, and click Create Ingress in the upper right corner.
                                                                                                                                                                                                                                                                                                                                                    3. Configure ingress parameters.
                                                                                                                                                                                                                                                                                                                                                       
                                                                                                                                                                                                                                                                                                                                                      This example explains only key parameters for configuring HTTPS certificates. You can configure other parameters as required. For details, see Creating a LoadBalancer Ingress on the Console.
                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                      1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                      2. Choose Services & Ingresses in the navigation pane, click the Ingresses tab, and click Create Ingress in the upper right corner.
                                                                                                                                                                                                                                                                                                                                                      3. Configure ingress parameters.
                                                                                                                                                                                                                                                                                                                                                         
                                                                                                                                                                                                                                                                                                                                                        This example explains only key parameters for configuring HTTPS certificates. You can configure other parameters as required. For details, see Creating a LoadBalancer Ingress on the Console.
                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                        
 
 
                                                                                                                                                                                                                                                                                                                                                    Table 2 Key parameters
                                                                                                                                                                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
 
 
                                                                                                                                                                                                                                                                                                                                                    
-
-
                                                                                                                                                                                                                                                                                                                                                    Table 4 Key parameters
                                                                                                                                                                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                                                                                                                                                                    
@@ -306,10 +306,10 @@ ingress-test  cce      *         121.**.**.**     80,443  10s
 
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Listener
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    • External Protocol: Select HTTPS.
                                                                                                                                                                                                                                                                                                                                                    • External Port: specifies the port of the load balancer listener. The default HTTPS port is 443.
                                                                                                                                                                                                                                                                                                                                                    • Certificate Source: Select ELB server certificate.
                                                                                                                                                                                                                                                                                                                                                    • Server Certificate: Use a certificate created on ELB.
                                                                                                                                                                                                                                                                                                                                                      If no certificate is available, go to the ELB console and create one.
                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                    • Frontend Protocol: Select HTTPS.
                                                                                                                                                                                                                                                                                                                                                    • External Port: specifies the port of the load balancer listener. The default HTTPS port is 443.
                                                                                                                                                                                                                                                                                                                                                    • Certificate Source: Select ELB server certificate.
                                                                                                                                                                                                                                                                                                                                                    • Server Certificate: Use a certificate created on ELB.
                                                                                                                                                                                                                                                                                                                                                      If no certificate is available, go to the ELB console and create one.
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    • External Protocol: HTTPS
                                                                                                                                                                                                                                                                                                                                                    • External Port: 443
                                                                                                                                                                                                                                                                                                                                                    • Certificate Source: ELB server certificate
                                                                                                                                                                                                                                                                                                                                                    • Server Certificate: cert-test
                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                    • Frontend Protocol: HTTPS
                                                                                                                                                                                                                                                                                                                                                    • External Port: 443
                                                                                                                                                                                                                                                                                                                                                    • Certificate Source: ELB server certificate
                                                                                                                                                                                                                                                                                                                                                    • Server Certificate: cert-test
                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                    Forwarding Policy
                                                                                                                                                                                                                                                                                                                                                    
@@ -329,6 +329,32 @@ ingress-test  cce      *         121.**.**.**     80,443  10s
 
 
                                                                                                                                                                                                                                                                                                                                                    1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                                                                                                                                                    2. Create a YAML file named ingress-test.yaml. The file name can be customized.
                                                                                                                                                                                                                                                                                                                                                      vi ingress-test.yaml
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      An example YAML file of an ingress associated with an existing load balancer is as follows:
                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                      For clusters of v1.23 or later:
                                                                                                                                                                                                                                                                                                                                                      apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: ingress-test
+  namespace: default
+  annotations:
+    kubernetes.io/elb.port: '443'
+    kubernetes.io/elb.id: 0b9a6c4d-bd8b-45cc-bfc8-ff0f9da54e95
+    kubernetes.io/elb.class: union
+    kubernetes.io/elb.tls-certificate-ids: 058cc023690d48a3867ad69dbe9cd6e5,b98382b1f01c473286653afd1ed9ab63
+spec:
+  rules:
+    - host: ''
+      http:
+        paths:
+          - path: '/'
+            backend:
+              service:
+                name: <your_service_name>  # Replace it with the name of your target Service.
+                port: 
+                  number: 80             # Replace 80 with the port number of your target Service.
+            property:
+              ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
+            pathType: ImplementationSpecific
+  ingressClassName: cce
                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      For clusters of v1.21 or earlier:
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      apiVersion: networking.k8s.io/v1beta1
 kind: Ingress 
@@ -351,45 +377,20 @@ spec:
           servicePort: 80
         property:
           ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                      For clusters of v1.23 or later:
                                                                                                                                                                                                                                                                                                                                                      apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: ingress-test
-  namespace: default
-  annotations:
-    kubernetes.io/elb.port: '443'
-    kubernetes.io/elb.id: 0b9a6c4d-bd8b-45cc-bfc8-ff0f9da54e95
-    kubernetes.io/elb.class: union
-    kubernetes.io/elb.tls-certificate-ids: 058cc023690d48a3867ad69dbe9cd6e5,b98382b1f01c473286653afd1ed9ab63
-spec:
-  rules:
-    - host: ''
-      http:
-        paths:
-          - path: '/'
-            backend:
-              service:
-                name: <your_service_name>  # Replace it with the name of your target Service.
-                port: 
-                  number: 80             # Replace 80 with the port number of your target Service.
-            property:
-              ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
-            pathType: ImplementationSpecific
-  ingressClassName: cce
                                                                                                                                                                                                                                                                                                                                                      
 
-
                                                                                                                                                                                                                                                                                                                                                      Table 5 Key parameters
                                                                                                                                                                                                                                                                                                                                                      Parameter
                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                      
-
-
-
-
-
@@ -397,7 +398,6 @@ spec:
 
                                                                                                                                                                                                                                                                                                                                                      Table 5 Key parameters
                                                                                                                                                                                                                                                                                                                                                      Parameter
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      Type
                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                      Type
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      Description
                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                      Description
                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      kubernetes.io/elb.tls-certificate-ids
                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                      kubernetes.io/elb.tls-certificate-ids
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      String
                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                      String
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      ELB certificate IDs, which are separated by comma (,). The list length is greater than or equal to 1. The first ID in the list is the server certificate, and the other IDs are SNI certificates in which a domain name must be contained.
                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                      ELB certificate IDs, which are separated by comma (,). The list length is greater than or equal to 1. The first ID in the list is the server certificate, and the other IDs are SNI certificates in which a domain name must be contained.
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      If an SNI certificate cannot be found based on the domain name requested by the client, the server certificate will be returned by default.
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      To obtain the certificate, log in to the CCE console, choose Service List > Networking > Elastic Load Balance, and click Certificates in the navigation pane. In the load balancer list, copy the ID under the target certificate name.
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      
-
 
                                                                                                                                                                                                                                                                                                                                                    3. Create an ingress.
                                                                                                                                                                                                                                                                                                                                                      kubectl create -f ingress-test.yaml
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      If information similar to the following is displayed, the ingress has been created:
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      ingress/ingress-test created
                                                                                                                                                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_10_0688.html b/docs/cce/umn/cce_10_0688.html
index 17ee7d17a..f76b14496 100644
--- a/docs/cce/umn/cce_10_0688.html
+++ b/docs/cce/umn/cce_10_0688.html
@@ -2,15 +2,16 @@
 
 
                                                                                                                                                                                                                                                                                                                                                      Configuring SNI for a LoadBalancer Ingress
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      An SNI certificate is an extended server certificate that allows the same IP address and port number to provide multiple access domain names for external systems. Different security certificates can be used based on the domain names requested by clients to ensure HTTPS communication security.
                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                      When configuring SNI, you need to add a certificate associated with a domain name. The client submits the requested domain name information when initiating an SSL handshake request. After receiving the SSL request, the load balancer searches for the certificate based on the domain name. If the certificate is found, the load balancer will return it to the client. If the certificate is not found, the load balancer will return the default server certificate.
                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                      You are allowed to use either of the following ways to configure an ingress certificate in a cluster:
                                                                                                                                                                                                                                                                                                                                                      • Configuring SNI using a TLS certificate: You need to first import a certificate to a Secret. CCE will then automatically handle the certificate configurations on the ELB console and give a name to the certificate (started with k8s_plb_default). This certificate, which is generated by CCE, cannot be modified or deleted from the ELB console.
                                                                                                                                                                                                                                                                                                                                                      • Configuring SNI using an ELB certificate: You are allowed to directly use certificates created on the ELB console. There is no need to manually configure the cluster Secrets, and you can modify the certificates on the ELB console.
                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                      When configuring SNI, set both the default server certificate and the SNI certificate bound to the target domain name. During the SSL handshake, the client sends the requested domain name. Upon receiving the request, the load balancer searches for the corresponding SNI certificate. If found, it returns that certificate to the client. Otherwise, it returns the default server certificate.
                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                      You are allowed to use either of the following ways to configure an ingress certificate in a cluster:
                                                                                                                                                                                                                                                                                                                                                      • Configuring SNI using a TLS certificate: You need to first import a certificate to a secret. CCE will then automatically handle the certificate configurations on the ELB console and give a name to the certificate (started with k8s_plb_default). This certificate, which is generated by CCE, cannot be modified or deleted from the ELB console.
                                                                                                                                                                                                                                                                                                                                                      • Configuring SNI using an ELB certificate: You are allowed to directly use certificates created on the ELB console. There is no need to manually configure the cluster secrets, and you can modify the certificates on the ELB console.
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                      Prerequisites
                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                      Prerequisites
                                                                                                                                                                                                                                                                                                                                                      • An available workload has been deployed in the cluster for external access. If no workload is available, deploy a workload by referring to Creating a Deployment, Creating a StatefulSet, or Creating a DaemonSet.
                                                                                                                                                                                                                                                                                                                                                      • A Service for external access has been configured for the workload. Services Supported by LoadBalancer Ingresses lists the Service types supported by LoadBalancer ingresses.
                                                                                                                                                                                                                                                                                                                                                      • You have obtained a trusted server certificate and SNI certificate from a certificate provider. 
                                                                                                                                                                                                                                                                                                                                                      • When using a TLS certificate to configure SNI, create an IngressTLS or kubernetes.io/tls secret for the certificate. For details about how to create a secret, see Creating a Secret.
                                                                                                                                                                                                                                                                                                                                                        When using an ELB certificate to configure SNI, create a certificate on ELB. 
                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      Using the CCE Console to Configure an SNI Certificate
                                                                                                                                                                                                                                                                                                                                                       
                                                                                                                                                                                                                                                                                                                                                      • The SNI option is available only when HTTPS is used.
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      • Only one domain name can be specified for each SNI certificate. Wildcard-domain certificates are supported.
                                                                                                                                                                                                                                                                                                                                                      • Security policy (kubernetes.io/elb.tls-ciphers-policy) is supported only in clusters of v1.17.11 or later.
                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                      1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                      2. Choose Services & Ingresses in the navigation pane, click the Ingresses tab, and click Create Ingress in the upper right corner.
                                                                                                                                                                                                                                                                                                                                                      3. Configure ingress parameters.
                                                                                                                                                                                                                                                                                                                                                         
                                                                                                                                                                                                                                                                                                                                                        This example explains only key parameters for configuring SNI certificates. You can configure other parameters as required. For details, see Creating a LoadBalancer Ingress on the Console.
                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                        2. Choose Services & Ingresses in the navigation pane, click the Ingresses tab, and click Create Ingress in the upper right corner.
                                                                                                                                                                                                                                                                                                                                                        3. Configure ingress parameters.
                                                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                                                          This example explains only key parameters for configuring SNI certificates. You can configure other parameters as required. For details, see Creating a LoadBalancer Ingress on the Console.
                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                          
 
 
                                                                                                                                                                                                                                                                                                                                                          
-
-
@@ -62,6 +63,49 @@
 
                                                                                                                                                                                                                                                                                                                                                          In this example, the sni-test-secret SNI certificate is used as an example. The specified domain name must be the same as that of the SNI certificate.
                                                                                                                                                                                                                                                                                                                                                          1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                                                                                                                                                          2. Create a YAML file named ingress-test.yaml. The file name can be customized.
                                                                                                                                                                                                                                                                                                                                                            vi ingress-test.yaml
                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                            An example YAML file of an ingress associated with an automatically created load balancer is as follows:
                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                            For clusters of v1.23 or later:
                                                                                                                                                                                                                                                                                                                                                            apiVersion: networking.k8s.io/v1
+kind: Ingress 
+metadata: 
+  name: ingress-test
+  annotations: 
+    kubernetes.io/elb.class: performance
+    kubernetes.io/elb.port: '443'
+    kubernetes.io/elb.autocreate: 
+      '{
+          "type": "public",
+          "bandwidth_name": "cce-bandwidth-******",
+          "bandwidth_chargemode": "traffic",
+          "bandwidth_size": 5,
+          "bandwidth_sharetype": "PER",
+          "eip_type": "5_bgp",
+          "available_zone": [
+              "eu-de-01"
+          ],
+          "elb_virsubnet_ids":["b4bf8152-6c36-4c3b-9f74-2229f8e640c9"],
+          "l7_flavor_name": "L7_flavor.elb.s1.small"
+       }'
+    kubernetes.io/elb.tls-ciphers-policy: tls-1-2
+spec:
+  tls: 
+  - secretName: ingress-test-secret  # A server certificate must be specified.
+  - hosts:
+      - example.com  # Domain name specified when an SNI certificate is issued
+    secretName: sni-test-secret # SNI certificate
+  rules: 
+  - host: example.com   # The domain name must be the same as the value of hosts in the tls field.
+    http: 
+      paths: 
+      - path: '/'
+        backend: 
+          service:
+            name: <your_service_name>  # Replace it with the name of your target Service.
+            port: 
+              number: 80             # Replace 80 with the port number of your target Service.
+        property:
+          ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
+        pathType: ImplementationSpecific
+  ingressClassName: cce 
                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                            For clusters of v1.21 or earlier:
                                                                                                                                                                                                                                                                                                                                                            apiVersion: networking.k8s.io/v1beta1
 kind: Ingress 
 metadata: 
@@ -92,7 +136,7 @@ spec:
       - example.com  # Domain name specified when an SNI certificate is issued
     secretName: sni-test-secret   #SNI certificate
   rules: 
-  - host: example.com   #The domain name must be the same as the value of hosts in the tls field.
+  - host: example.com   # The domain name must be the same as the value of hosts in the tls field.
     http: 
       paths: 
       - path: '/'
@@ -102,49 +146,6 @@ spec:
         property:
           ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                            For clusters of v1.23 or later:
                                                                                                                                                                                                                                                                                                                                                            apiVersion: networking.k8s.io/v1
-kind: Ingress 
-metadata: 
-  name: ingress-test
-  annotations: 
-    kubernetes.io/elb.class: performance
-    kubernetes.io/elb.port: '443'
-    kubernetes.io/elb.autocreate: 
-      '{
-          "type": "public",
-          "bandwidth_name": "cce-bandwidth-******",
-          "bandwidth_chargemode": "traffic",
-          "bandwidth_size": 5,
-          "bandwidth_sharetype": "PER",
-          "eip_type": "5_bgp",
-          "available_zone": [
-              "eu-de-01"
-          ],
-          "elb_virsubnet_ids":["b4bf8152-6c36-4c3b-9f74-2229f8e640c9"],
-          "l7_flavor_name": "L7_flavor.elb.s1.small"
-       }'
-    kubernetes.io/elb.tls-ciphers-policy: tls-1-2
-spec:
-  tls: 
-  - secretName: ingress-test-secret  # A server certificate must be specified.
-  - hosts:
-      - example.com  # Domain name specified when an SNI certificate is issued
-    secretName: sni-test-secret # SNI certificate
-  rules: 
-  - host: example.com   # The domain name must be the same as the value of hosts in the tls field.
-    http: 
-      paths: 
-      - path: '/'
-        backend: 
-          service:
-            name: <your_service_name>  # Replace it with the name of your target Service.
-            port: 
-              number: 80             # Replace 80 with the port number of your target Service.
-        property:
-          ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
-        pathType: ImplementationSpecific
-  ingressClassName: cce 
                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                          3. Create an ingress.
                                                                                                                                                                                                                                                                                                                                                            kubectl create -f ingress-test.yaml
                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                            If information similar to the following is displayed, the ingress has been created:
                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                            ingress/ingress-test created
                                                                                                                                                                                                                                                                                                                                                            
@@ -158,7 +159,7 @@ ingress-test   cce    example.com    121.**.**.**     80,443  10s
 
 
                                                                                                                                                                                                                                                                                                                                                            Using the CCE Console to Configure an SNI Certificate Created on the ELB Console
                                                                                                                                                                                                                                                                                                                                                             
                                                                                                                                                                                                                                                                                                                                                            • If both an ELB certificate and a TLS certificate are specified for the same ingress, the ingress will use the ELB certificate.
                                                                                                                                                                                                                                                                                                                                                            • CCE does not check whether an ELB certificate is valid. It only checks whether the certificate is present.
                                                                                                                                                                                                                                                                                                                                                            • Only ingresses in clusters of v1.19.16-r2, v1.21.5-r0, v1.23.3-r0, or later support ELB certificates.
                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                            2. Choose Services & Ingresses in the navigation pane, click the Ingresses tab, and click Create Ingress in the upper right corner.
                                                                                                                                                                                                                                                                                                                                                            3. Configure ingress parameters.
                                                                                                                                                                                                                                                                                                                                                               
                                                                                                                                                                                                                                                                                                                                                              This example explains only key parameters for configuring SNI certificates. You can configure other parameters as required. For details, see Creating a LoadBalancer Ingress on the Console.
                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                              1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                              2. Choose Services & Ingresses in the navigation pane, click the Ingresses tab, and click Create Ingress in the upper right corner.
                                                                                                                                                                                                                                                                                                                                                              3. Configure ingress parameters.
                                                                                                                                                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                                                                                                                                                This example explains only key parameters for configuring SNI certificates. You can configure other parameters as required. For details, see Creating a LoadBalancer Ingress on the Console.
                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                
 
 
                                                                                                                                                                                                                                                                                                                                                          Table 1 Key parameters
                                                                                                                                                                                                                                                                                                                                                          Parameter
                                                                                                                                                                                                                                                                                                                                                          
@@ -37,10 +38,10 @@
 
                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                          Listener
                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                          • External Protocol: Select HTTPS when configuring a certificate for an ingress.
                                                                                                                                                                                                                                                                                                                                                          • External Port: specifies the port of the load balancer listener. The default HTTPS port is 443.
                                                                                                                                                                                                                                                                                                                                                          • Certificate Source: Select TLS secret.
                                                                                                                                                                                                                                                                                                                                                          • Server Certificate: kubernetes.io/tls and IngressTLS are supported.
                                                                                                                                                                                                                                                                                                                                                            If no certificate is available, you can create a TLS certificate. For details about the configuration parameters, see Creating a Secret.
                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                          • Frontend Protocol: Select HTTPS when configuring a certificate for an ingress.
                                                                                                                                                                                                                                                                                                                                                          • External Port: specifies the port of the load balancer listener. The default HTTPS port is 443.
                                                                                                                                                                                                                                                                                                                                                          • Certificate Source: Select TLS secret.
                                                                                                                                                                                                                                                                                                                                                          • Server Certificate: kubernetes.io/tls and IngressTLS are supported.
                                                                                                                                                                                                                                                                                                                                                            If no certificate is available, you can create a TLS certificate. For details about the configuration parameters, see Creating a Secret.
                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                          • SNI: Enter a domain name and select a certificate. The SNI certificate must contain the domain name information. SNI certificates support two TLS secret types: kubernetes.io/tls and IngressTLS.
                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                          • External Protocol: HTTPS
                                                                                                                                                                                                                                                                                                                                                          • External Port: 443
                                                                                                                                                                                                                                                                                                                                                          • Certificate Source: TLS secret
                                                                                                                                                                                                                                                                                                                                                          • Server Certificate: test
                                                                                                                                                                                                                                                                                                                                                          • SNI:
                                                                                                                                                                                                                                                                                                                                                            • Domain Name: example.com
                                                                                                                                                                                                                                                                                                                                                            • Certificate: example-test
                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                          • Frontend Protocol: HTTPS
                                                                                                                                                                                                                                                                                                                                                          • External Port: 443
                                                                                                                                                                                                                                                                                                                                                          • Certificate Source: TLS secret
                                                                                                                                                                                                                                                                                                                                                          • Server Certificate: test
                                                                                                                                                                                                                                                                                                                                                          • SNI:
                                                                                                                                                                                                                                                                                                                                                            • Domain Name: example.com
                                                                                                                                                                                                                                                                                                                                                            • Certificate: example-test
                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                          
-
-
                                                                                                                                                                                                                                                                                                                                                          Table 2 Key parameters
                                                                                                                                                                                                                                                                                                                                                          Parameter
                                                                                                                                                                                                                                                                                                                                                          
@@ -185,11 +186,11 @@ ingress-test   cce    example.com    121.**.**.**     80,443  10s
 
                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                          Listener
                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                          • External Protocol: Select HTTPS.
                                                                                                                                                                                                                                                                                                                                                          • External Port: specifies the port of the load balancer listener. The default HTTPS port is 443.
                                                                                                                                                                                                                                                                                                                                                          • Certificate Source: Select ELB server certificate.
                                                                                                                                                                                                                                                                                                                                                          • Server Certificate: Use a certificate created on ELB.
                                                                                                                                                                                                                                                                                                                                                            If no certificate is available, go to the ELB console and create one.
                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                          • Frontend Protocol: Select HTTPS.
                                                                                                                                                                                                                                                                                                                                                          • External Port: specifies the port of the load balancer listener. The default HTTPS port is 443.
                                                                                                                                                                                                                                                                                                                                                          • Certificate Source: Select ELB server certificate.
                                                                                                                                                                                                                                                                                                                                                          • Server Certificate: Use a certificate created on ELB.
                                                                                                                                                                                                                                                                                                                                                            If no certificate is available, go to the ELB console and create one.
                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                          • SNI: Select the corresponding SNI certificate, which must contain the domain name information.
                                                                                                                                                                                                                                                                                                                                                            If no certificate is available, go to the ELB console and create one.
                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                          • External Protocol: HTTPS
                                                                                                                                                                                                                                                                                                                                                          • External Port: 443
                                                                                                                                                                                                                                                                                                                                                          • Certificate Source: ELB server certificate
                                                                                                                                                                                                                                                                                                                                                          • Server Certificate: cert-test
                                                                                                                                                                                                                                                                                                                                                          • SNI: cert-example
                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                          • Frontend Protocol: HTTPS
                                                                                                                                                                                                                                                                                                                                                          • External Port: 443
                                                                                                                                                                                                                                                                                                                                                          • Certificate Source: ELB server certificate
                                                                                                                                                                                                                                                                                                                                                          • Server Certificate: cert-test
                                                                                                                                                                                                                                                                                                                                                          • SNI: cert-example
                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                          Forwarding Policy
                                                                                                                                                                                                                                                                                                                                                          
@@ -209,6 +210,32 @@ ingress-test   cce    example.com    121.**.**.**     80,443  10s
 
 
                                                                                                                                                                                                                                                                                                                                                          1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                                                                                                                                                          2. Create a YAML file named ingress-test.yaml. The file name can be customized.
                                                                                                                                                                                                                                                                                                                                                            vi ingress-test.yaml
                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                            An example YAML file of an ingress associated with an existing load balancer is as follows:
                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                            For clusters of v1.23 or later:
                                                                                                                                                                                                                                                                                                                                                            apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: ingress-test
+  namespace: default
+  annotations:
+    kubernetes.io/elb.port: '443'
+    kubernetes.io/elb.id: 0b9a6c4d-bd8b-45cc-bfc8-ff0f9da54e95
+    kubernetes.io/elb.class: union
+    kubernetes.io/elb.tls-certificate-ids: 058cc023690d48a3867ad69dbe9cd6e5,b98382b1f01c473286653afd1ed9ab63
+spec:
+  rules:
+    - host: ''
+      http:
+        paths:
+          - path: '/'
+            backend:
+              service:
+                name: <your_service_name>  # Replace it with the name of your target Service.
+                port: 
+                  number: 80             # Replace 80 with the port number of your target Service.
+            property:
+              ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
+            pathType: ImplementationSpecific
+  ingressClassName: cce
                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                            For clusters of v1.21 or earlier:
                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                            apiVersion: networking.k8s.io/v1beta1
 kind: Ingress 
@@ -227,49 +254,24 @@ spec:
       paths: 
       - path: '/'
         backend: 
-          serviceName: <your_service_name>  # Replace it with the name of your target Service.
+          serviceName: <your_service_name>  # Replace it with the name of your target Service.
           servicePort: 80
         property:
           ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                            For clusters of v1.23 or later:
                                                                                                                                                                                                                                                                                                                                                            apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: ingress-test
-  namespace: default
-  annotations:
-    kubernetes.io/elb.port: '443'
-    kubernetes.io/elb.id: 0b9a6c4d-bd8b-45cc-bfc8-ff0f9da54e95
-    kubernetes.io/elb.class: union
-    kubernetes.io/elb.tls-certificate-ids: 058cc023690d48a3867ad69dbe9cd6e5,b98382b1f01c473286653afd1ed9ab63
-spec:
-  rules:
-    - host: ''
-      http:
-        paths:
-          - path: '/'
-            backend:
-              service:
-            name: <your_service_name>  # Replace it with the name of your target Service.
-                port: 
-                  number: 80             # Replace 80 with the port number of your target Service.
-            property:
-              ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
-            pathType: ImplementationSpecific
-  ingressClassName: cce
                                                                                                                                                                                                                                                                                                                                                            
 
-
                                                                                                                                                                                                                                                                                                                                                            Table 3 Key parameters
                                                                                                                                                                                                                                                                                                                                                            Parameter
                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                            
-
-
-
-
-
@@ -277,7 +279,6 @@ spec:
 
                                                                                                                                                                                                                                                                                                                                                            Table 3 Key parameters
                                                                                                                                                                                                                                                                                                                                                            Parameter
                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                            Type
                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                            Type
                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                            Description
                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                            Description
                                                                                                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                                                                                                             		
 
                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                            kubernetes.io/elb.tls-certificate-ids
                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                            kubernetes.io/elb.tls-certificate-ids
                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                            String
                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                            String
                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                            ELB certificate IDs, which are separated by comma (,). The list length is greater than or equal to 1. The first ID in the list is the server certificate, and the other IDs are SNI certificates in which a domain name must be contained.
                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                            ELB certificate IDs, which are separated by comma (,). The list length is greater than or equal to 1. The first ID in the list is the server certificate, and the other IDs are SNI certificates in which a domain name must be contained.
                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                            If an SNI certificate cannot be found based on the domain name requested by the client, the server certificate will be returned by default.
                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                            To obtain the certificate, log in to the CCE console, choose Service List > Networking > Elastic Load Balance, and click Certificates in the navigation pane. In the load balancer list, copy the ID under the target certificate name.
                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                            
-
 
                                                                                                                                                                                                                                                                                                                                                          3. Create an ingress.
                                                                                                                                                                                                                                                                                                                                                            kubectl create -f ingress-test.yaml
                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                            If information similar to the following is displayed, the ingress has been created:
                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                            ingress/ingress-test created
                                                                                                                                                                                                                                                                                                                                                            
diff --git a/docs/cce/umn/cce_10_0689.html b/docs/cce/umn/cce_10_0689.html
index 26c445f17..38dc8870c 100644
--- a/docs/cce/umn/cce_10_0689.html
+++ b/docs/cce/umn/cce_10_0689.html
@@ -7,7 +7,7 @@
 
 
                                                                                                                                                                                                                                                                                                                                                            Prerequisites
                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                            Using the CCE Console
                                                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                            2. Choose Services & Ingresses in the navigation pane, click the Ingresses tab, and click Create Ingress in the upper right corner.
                                                                                                                                                                                                                                                                                                                                                            3. Configure ingress parameters.
                                                                                                                                                                                                                                                                                                                                                               
                                                                                                                                                                                                                                                                                                                                                              This example explains only key parameters for configuring forwarding policies. You can configure other parameters as required. For details, see Creating a LoadBalancer Ingress on the Console.
                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                              Using the CCE Console
                                                                                                                                                                                                                                                                                                                                                              1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                              2. Choose Services & Ingresses in the navigation pane, click the Ingresses tab, and click Create Ingress in the upper right corner.
                                                                                                                                                                                                                                                                                                                                                              3. Configure ingress parameters.
                                                                                                                                                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                                                                                                                                                This example explains only key parameters for configuring forwarding policies. You can configure other parameters as required. For details, see Creating a LoadBalancer Ingress on the Console.
                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                
 
 
                                                                                                                                                                                                                                                                                                                                                                
-
-
                                                                                                                                                                                                                                                                                                                                                                Table 1 Key parameters
                                                                                                                                                                                                                                                                                                                                                                Parameter
                                                                                                                                                                                                                                                                                                                                                                
@@ -34,9 +34,9 @@
 
                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                Listener
                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                • External Protocol: HTTP and HTTPS are available.
                                                                                                                                                                                                                                                                                                                                                                • External Port: specifies the port of the load balancer listener.
                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                • Frontend Protocol: HTTP and HTTPS are available.
                                                                                                                                                                                                                                                                                                                                                                • External Port: specifies the port of the load balancer listener.
                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                • External Protocol: HTTP
                                                                                                                                                                                                                                                                                                                                                                • External Port: 80
                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                • Frontend Protocol: HTTP
                                                                                                                                                                                                                                                                                                                                                                • External Port: 80
                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                Forwarding Policy
                                                                                                                                                                                                                                                                                                                                                                
@@ -63,7 +63,7 @@ kind: Ingress
 metadata: 
   name: ingress-test
   annotations: 
-    kubernetes.io/elb.id: <your_elb_id>  #Replace it with the ID of your existing load balancer.
+    kubernetes.io/elb.id: <your_elb_id>  # Replace it with the ID of your existing load balancer.
     kubernetes.io/elb.class: performance  # Load balancer type
     kubernetes.io/elb.port: '80'
 spec:
@@ -83,9 +83,9 @@ spec:
       - path: '/bar'
         backend: 
           service:
-            name: <your_service_name>  # Replace it with the name of your target Service.
+            name: <your_service_name>  # Replace it with the name of your target Service.
             port: 
-              number: 80             # Replace 80 with the port number of your target Service.
+              number: 80             # Replace 80 with the port number of your target Service.
         property:
           ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
         pathType: ImplementationSpecific
@@ -95,9 +95,9 @@ spec:
       - path: '/'
         backend: 
           service:
-            name: <your_service_name>  # Replace it with the name of your target Service.
+            name: <your_service_name>  # Replace it with the name of your target Service.
             port: 
-              number: 80             # Replace 80 with the port number of your target Service.
+              number: 80             # Replace 80 with the port number of your target Service.
         property:
           ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
         pathType: ImplementationSpecific
@@ -111,7 +111,7 @@ metadata:
   annotations: 
     kubernetes.io/ingress.class: cce
     kubernetes.io/elb.port: '80'
-    kubernetes.io/elb.id: <your_elb_id>  #Replace it with the ID of your existing load balancer.
+    kubernetes.io/elb.id: <your_elb_id>  # Replace it with the ID of your existing load balancer.
     kubernetes.io/elb.class: performance  # Load balancer type
 spec:
   rules: 
@@ -126,7 +126,7 @@ spec:
           ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
       - path: '/bar'
         backend:
-          serviceName: <your_service_name>  # Replace it with the name of your target Service.
+          serviceName: <your_service_name>  # Replace it with the name of your target Service.
           servicePort: 80
         property:
           ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
@@ -135,7 +135,7 @@ spec:
       paths:
       - path: '/'
         backend:
-          serviceName: <your_service_name>  # Replace it with the name of your target Service.
+          serviceName: <your_service_name>  # Replace it with the name of your target Service.
           servicePort: 80
         property:
           ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
diff --git a/docs/cce/umn/cce_10_0691.html b/docs/cce/umn/cce_10_0691.html
index 55a27d101..9388e7be1 100644
--- a/docs/cce/umn/cce_10_0691.html
+++ b/docs/cce/umn/cce_10_0691.html
@@ -6,9 +6,9 @@
 
                                                                                                                                                                                                                                                                                                                                                                Prerequisites
                                                                                                                                                                                                                                                                                                                                                                • A CCE standard or Turbo cluster is available, and the cluster version meets the following requirements:
                                                                                                                                                                                                                                                                                                                                                                  • v1.23: v1.23.8-r0 or later
                                                                                                                                                                                                                                                                                                                                                                  • v1.25: v1.25.3-r0 or later
                                                                                                                                                                                                                                                                                                                                                                  • Other clusters of later versions
                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                • An available workload has been deployed in the cluster for external access. If no workload is available, deploy a workload by referring to Creating a Deployment, Creating a StatefulSet, or Creating a DaemonSet.
                                                                                                                                                                                                                                                                                                                                                                • A Service for external access has been configured for the workload. Services Supported by LoadBalancer Ingresses lists the Service types supported by LoadBalancer ingresses.
                                                                                                                                                                                                                                                                                                                                                                • You can obtain a trusted certificate from a certificate provider. 
                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                • Ingresses can interconnect with HTTPS backend services only when dedicated load balancers are used.
                                                                                                                                                                                                                                                                                                                                                                • When an ingress interconnects with an HTTPS backend service, the ingress protocol must be HTTPS.
                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                • Ingresses can interconnect with HTTPS backend services only when dedicated load balancers are used.
                                                                                                                                                                                                                                                                                                                                                                • When an ingress interconnects with an HTTPS backend service, the ingress protocol must be HTTPS.
                                                                                                                                                                                                                                                                                                                                                                • Load balancers do not support updating backend service protocols. Modifications are not allowed after an ingress is created.
                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                Using the CCE Console to Configure an HTTPS Backend Service
                                                                                                                                                                                                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                2. Choose Services & Ingresses in the navigation pane, click the Ingresses tab, and click Create Ingress in the upper right corner.
                                                                                                                                                                                                                                                                                                                                                                3. Configure ingress parameters.
                                                                                                                                                                                                                                                                                                                                                                   
                                                                                                                                                                                                                                                                                                                                                                  This example explains only key parameters for configuring HTTPS backend Services. You can configure other parameters as required. For details, see Creating a LoadBalancer Ingress on the Console.
                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                  Using the CCE Console to Configure an HTTPS Backend Service
                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                  2. Choose Services & Ingresses in the navigation pane, click the Ingresses tab, and click Create Ingress in the upper right corner.
                                                                                                                                                                                                                                                                                                                                                                  3. Configure ingress parameters.
                                                                                                                                                                                                                                                                                                                                                                     
                                                                                                                                                                                                                                                                                                                                                                    This example explains only key parameters for configuring HTTPS backend Services. You can configure other parameters as required. For details, see Creating a LoadBalancer Ingress on the Console.
                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                    
 
 
                                                                                                                                                                                                                                                                                                                                                                    
-
-
                                                                                                                                                                                                                                                                                                                                                                    Table 1 Key parameters
                                                                                                                                                                                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                                                                                                                                                                                    
@@ -35,10 +35,10 @@
 
                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                    Listener
                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                    • External Protocol: Select HTTPS for an HTTPS backend Service for an ingress.
                                                                                                                                                                                                                                                                                                                                                                    • External Port: specifies the port of the load balancer listener. The default HTTPS port is 443.
                                                                                                                                                                                                                                                                                                                                                                    • Certificate Source: Select ELB server certificate.
                                                                                                                                                                                                                                                                                                                                                                    • Server Certificate: Use a certificate created on ELB.
                                                                                                                                                                                                                                                                                                                                                                      If no certificate is available, go to the ELB console and create one.
                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                    • Frontend Protocol: Select HTTPS for an HTTPS backend Service of an ingress.
                                                                                                                                                                                                                                                                                                                                                                    • External Port: specifies the port of the load balancer listener. The default HTTPS port is 443.
                                                                                                                                                                                                                                                                                                                                                                    • Certificate Source: Select ELB server certificate.
                                                                                                                                                                                                                                                                                                                                                                    • Server Certificate: Use a certificate created on ELB.
                                                                                                                                                                                                                                                                                                                                                                      If no certificate is available, go to the ELB console and create one.
                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                    • Backend Protocol: Select HTTPS.
                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                    • External Protocol: HTTPS
                                                                                                                                                                                                                                                                                                                                                                    • External Port: 443
                                                                                                                                                                                                                                                                                                                                                                    • Certificate Source: ELB server certificate
                                                                                                                                                                                                                                                                                                                                                                    • Server Certificate: cert-test
                                                                                                                                                                                                                                                                                                                                                                    • Backend Protocol: HTTPS
                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                    • Frontend Protocol: HTTPS
                                                                                                                                                                                                                                                                                                                                                                    • External Port: 443
                                                                                                                                                                                                                                                                                                                                                                    • Certificate Source: ELB server certificate
                                                                                                                                                                                                                                                                                                                                                                    • Server Certificate: cert-test
                                                                                                                                                                                                                                                                                                                                                                    • Backend Protocol: HTTPS
                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                    Forwarding Policy
                                                                                                                                                                                                                                                                                                                                                                    
diff --git a/docs/cce/umn/cce_10_0692.html b/docs/cce/umn/cce_10_0692.html
index 518f8e184..9e1a6bb22 100644
--- a/docs/cce/umn/cce_10_0692.html
+++ b/docs/cce/umn/cce_10_0692.html
@@ -12,7 +12,7 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                  4. Creating an Nginx Ingress Using kubectl
                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                    5. 
-
                                                                                                                                                                                                                                                                                                                                                                  5. Annotations for Configuring Nginx Ingresses
                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                  6. Configuring Advanced Nginx Ingress Functions Using Annotations
                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                    7. 
 
                                                                                                                                                                                                                                                                                                                                                                  7. Advanced Setting Examples of Nginx Ingresses
                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                    8. 
diff --git a/docs/cce/umn/cce_10_0693.html b/docs/cce/umn/cce_10_0693.html
index 412a369d2..55ecd1126 100644
--- a/docs/cce/umn/cce_10_0693.html
+++ b/docs/cce/umn/cce_10_0693.html
@@ -79,7 +79,7 @@ spec:
 
                                                                                                                                                                                                                                                                                                                                                                    If information similar to the following is displayed, the ingress has been created:
                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                    NAME          CLASS   HOSTS         ADDRESS    PORTS   AGE
 ingress-test  nginx   example.com              80,443  10s
                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                  8. Enter https://example.com in the address box of the browser to access the workload (for example, Nginx workload).
                                                                                                                                                                                                                                                                                                                                                                    Replace example.com with your domain name.
                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                  9. Enter https://example.com in the address bar of the browser to access the workload (for example, Nginx workload).
                                                                                                                                                                                                                                                                                                                                                                    Replace example.com with your domain name.
                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                    10. 
 
 
                                                                                                                                                                                                                                                                                                                                                                    
diff --git a/docs/cce/umn/cce_10_0694.html b/docs/cce/umn/cce_10_0694.html
index b217f10fa..c22334e1e 100644
--- a/docs/cce/umn/cce_10_0694.html
+++ b/docs/cce/umn/cce_10_0694.html
@@ -1,13 +1,13 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                                                    Configuring HTTP/2 for a LoadBalancer Ingress
                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                    Ingresses can use HTTP/2 to expose Services. Connections from the load balancer to your application use HTTP/1.x by default. If your application is capable of receiving HTTP/2 requests, enable the use of HTTP/2 by referring to Using the CCE Console to Configure HTTP/2 or Using kubectl to Configure HTTP/2.
                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                    Ingresses can use HTTP/2 to expose Services. Connections from the load balancer to your application use HTTP/1.x by default. If your application is capable of receiving HTTP/2 requests, enable the use of HTTP/2 by referring to Using the CCE Console to Configure HTTP/2 or Using kubectl to Configure HTTP/2.
                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                    Prerequisites
                                                                                                                                                                                                                                                                                                                                                                    • A CCE standard or Turbo cluster is available, and the cluster version meets the following requirements:
                                                                                                                                                                                                                                                                                                                                                                      • v1.23: v1.23.13-r0 or later
                                                                                                                                                                                                                                                                                                                                                                      • v1.25: v1.25.8-r0 or later
                                                                                                                                                                                                                                                                                                                                                                      • v1.27: v1.27.5-r0 or later
                                                                                                                                                                                                                                                                                                                                                                      • v1.28: v1.28.3-r0 or later
                                                                                                                                                                                                                                                                                                                                                                      • Other clusters of later versions
                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                    • An available workload has been deployed in the cluster for external access. If no workload is available, deploy a workload by referring to Creating a Deployment, Creating a StatefulSet, or Creating a DaemonSet.
                                                                                                                                                                                                                                                                                                                                                                    • A Service for external access has been configured for the workload. Services Supported by LoadBalancer Ingresses lists the Service types supported by LoadBalancer ingresses.
                                                                                                                                                                                                                                                                                                                                                                    • You can obtain a trusted certificate from a certificate provider. 
                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                    Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                    • Only an HTTPS-compliant load balancer supports HTTP/2.
                                                                                                                                                                                                                                                                                                                                                                    • After HTTP/2 is configured, if you delete the advanced configuration for enabling HTTP/2 on the CCE console or delete the target annotation from the YAML file, HTTP/2 will be disabled on the ELB.
                                                                                                                                                                                                                                                                                                                                                                    • If multiple ingresses share the same external port on a load balancer, you are advised to use the same HTTP/2 configuration for these ingresses. Otherwise, the configuration of the first created ingress will take precedence. For details, see Configuring Multiple Ingresses to Use the Same External ELB Port.
                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                    Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                    • Only an HTTPS-compliant load balancer supports HTTP/2.
                                                                                                                                                                                                                                                                                                                                                                    • After HTTP/2 is configured, if you delete the advanced configuration for enabling HTTP/2 on the CCE console or delete the target annotation from the YAML file, HTTP/2 will be disabled on the ELB.
                                                                                                                                                                                                                                                                                                                                                                    • If multiple ingresses share the same external port on a load balancer, you are advised to use the same HTTP/2 configuration for these ingresses. Otherwise, the configuration of the first created ingress will take precedence. For details, see Configuring Multiple Ingresses to Use the Same Load Balancer.
                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                    Using the CCE Console to Configure HTTP/2
                                                                                                                                                                                                                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                    2. Choose Services & Ingresses in the navigation pane, click the Ingresses tab, and click Create Ingress in the upper right corner.
                                                                                                                                                                                                                                                                                                                                                                    3. Configure ingress parameters.
                                                                                                                                                                                                                                                                                                                                                                       
                                                                                                                                                                                                                                                                                                                                                                      This example explains only key parameters for configuring HTTP/2. You can configure other parameters as required. For details, see Creating a LoadBalancer Ingress on the Console.
                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                      Using the CCE Console to Configure HTTP/2
                                                                                                                                                                                                                                                                                                                                                                      1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                      2. Choose Services & Ingresses in the navigation pane, click the Ingresses tab, and click Create Ingress in the upper right corner.
                                                                                                                                                                                                                                                                                                                                                                      3. Configure ingress parameters.
                                                                                                                                                                                                                                                                                                                                                                         
                                                                                                                                                                                                                                                                                                                                                                        This example explains only key parameters for configuring HTTP/2. You can configure other parameters as required. For details, see Creating a LoadBalancer Ingress on the Console.
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        
 
 
                                                                                                                                                                                                                                                                                                                                                                        
-
-
-
                                                                                                                                                                                                                                                                                                                                                                        Table 1 Key parameters
                                                                                                                                                                                                                                                                                                                                                                        Parameter
                                                                                                                                                                                                                                                                                                                                                                        
@@ -34,10 +34,10 @@
 
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        Listener
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        • External Protocol: Select HTTPS.
                                                                                                                                                                                                                                                                                                                                                                        • External Port: specifies the port of the load balancer listener. The default HTTPS port is 443.
                                                                                                                                                                                                                                                                                                                                                                        • Certificate Source: Select ELB server certificate.
                                                                                                                                                                                                                                                                                                                                                                        • Server Certificate: Use a certificate created on ELB.
                                                                                                                                                                                                                                                                                                                                                                          If no certificate is available, go to the ELB console and create one.
                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                        • Frontend Protocol: Select HTTPS.
                                                                                                                                                                                                                                                                                                                                                                        • External Port: specifies the port of the load balancer listener. The default HTTPS port is 443.
                                                                                                                                                                                                                                                                                                                                                                        • Certificate Source: Select ELB server certificate.
                                                                                                                                                                                                                                                                                                                                                                        • Server Certificate: Use a certificate created on ELB.
                                                                                                                                                                                                                                                                                                                                                                          If no certificate is available, go to the ELB console and create one.
                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                        • Advanced Options: Add advanced configurations, select HTTP2, and set its status to Enable.
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        • External Protocol: HTTPS
                                                                                                                                                                                                                                                                                                                                                                        • External Port: 443
                                                                                                                                                                                                                                                                                                                                                                        • Certificate Source: ELB server certificate
                                                                                                                                                                                                                                                                                                                                                                        • Server Certificate: cert-test
                                                                                                                                                                                                                                                                                                                                                                        • Advanced Options: HTTP2 enabled
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        • Frontend Protocol: HTTPS
                                                                                                                                                                                                                                                                                                                                                                        • External Port: 443
                                                                                                                                                                                                                                                                                                                                                                        • Certificate Source: ELB server certificate
                                                                                                                                                                                                                                                                                                                                                                        • Server Certificate: cert-test
                                                                                                                                                                                                                                                                                                                                                                        • Advanced Options: HTTP2 enabled
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        Forwarding Policy
                                                                                                                                                                                                                                                                                                                                                                        
@@ -97,7 +97,7 @@ spec:
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        String
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        Whether HTTP/2 is enabled. Request forwarding using HTTP/2 improves the access performance between your application and the load balancer. However, the load balancer still uses HTTP/1.x to forward requests to the backend server.
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        Whether HTTP/2 is enabled. Request forwarding using HTTP/2 improves access performance between your application and the load balancer. However, the load balancer still uses HTTP/1.x to forward requests to the backend server.
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        Options:
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        • true: enabled
                                                                                                                                                                                                                                                                                                                                                                        • false: disabled (default value)
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        Note: HTTP/2 can be enabled or disabled only when the listener uses HTTPS. This parameter is invalid and defaults to false when the listener protocol is HTTP.
                                                                                                                                                                                                                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_10_0695.html b/docs/cce/umn/cce_10_0695.html
index 9f70f6e91..9391b72eb 100644
--- a/docs/cce/umn/cce_10_0695.html
+++ b/docs/cce/umn/cce_10_0695.html
@@ -1,6 +1,6 @@
 
 
-
                                                                                                                                                                                                                                                                                                                                                                        Annotations for Configuring LoadBalancer Ingresses
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        Configuring Advanced LoadBalancer Ingress Functions Using Annotations
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        You can add annotations to a YAML file for more advanced ingress functions. This section describes the annotations that can be used when you create a LoadBalancer ingress.
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        Indexes
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        
-
-
@@ -102,7 +102,8 @@
 
@@ -112,11 +113,11 @@
 
@@ -255,7 +256,7 @@
 
-
@@ -356,7 +357,7 @@
 
@@ -500,7 +501,7 @@
 
-
                                                                                                                                                                                                                                                                                                                                                                        Category
                                                                                                                                                                                                                                                                                                                                                                        
@@ -11,7 +11,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        Load balancer configuration
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
+
 
 
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        Port or protocol configuration
                                                                                                                                                                                                                                                                                                                                                                        
@@ -21,7 +21,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        Advanced features of ELB listeners
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
+
 
 
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        Forwarding policy
                                                                                                                                                                                                                                                                                                                                                                        
@@ -67,7 +67,7 @@
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        • cce: A proprietary LoadBalancer ingress is used.
                                                                                                                                                                                                                                                                                                                                                                        • nginx: indicates that Nginx Ingress is used. This option is available only after NGINX Ingress Controller is installed. For details, see Creating an Nginx Ingress Using kubectl.
                                                                                                                                                                                                                                                                                                                                                                          Multiple NGINX Ingress Controller add-ons can be installed in a single cluster if the add-on version is 2.5.4 or later. In this case, the value of this parameter must be the controller name customized during controller installation, indicating that the ingress is managed by that specific controller.
                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                        This parameter is mandatory when an ingress is created by calling the API.
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        This parameter is mandatory when you create an ingress. The default value is cce.
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        For clusters of v1.23 or later, use the parameter ingressClassName. For details, see Creating a LoadBalancer Ingress Using kubectl.
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        Only clusters of v1.21 or earlier
                                                                                                                                                                                                                                                                                                                                                                        
@@ -92,7 +92,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                        When associating only existing load balancers, you can use either this parameter or kubernetes.io/elb.ip. If they conflict, kubernetes.io/elb.id will take precedence.
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        This parameter indicates the ID of a load balancer.
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        How to obtain:
                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                        On the management console, click Service List, and choose Networking > Elastic Load Balance. Click the name of the target load balancer. On the Summary tab page, find and copy the ID.
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        Log in to the ELB console and click the load balancer name. On the Summary tab of the load balancer details page, find the ID field and copy it.
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        v1.9 or later
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        String
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        When associating only existing load balancers, you can use either this parameter or kubernetes.io/elb.id. If they conflict, kubernetes.io/elb.id will take precedence.
                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                        This parameter indicates the service address of a load balancer. The value can be the public IP address of a public network load balancer or the private IP address of a private network load balancer.
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        This parameter indicates the IP address of a load balancer.
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        When creating an ingress, specify a public or private IP address for a shared load balancer. For a dedicated load balancer, only a private IP address can be specified.
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        v1.9 or later
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        Table 15 object
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        Mandatory when load balancers are automatically created.
                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                        Example
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        Example:
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        • Automatically created dedicated load balancer with an EIP bound:
                                                                                                                                                                                                                                                                                                                                                                          '{"type":"public","bandwidth_name":"cce-bandwidth-1741230802502","bandwidth_chargemode":"traffic","bandwidth_size":5,"bandwidth_sharetype":"PER","eip_type":"5_bgp","available_zone":["*****"],"elb_virsubnet_ids":["*****"],"l7_flavor_name":"L7_flavor.elb.pro.max","l4_flavor_name":"","vip_subnet_cidr_id":"*****"}'
                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                        • Automatically created dedicated load balancer with no EIP bound:
                                                                                                                                                                                                                                                                                                                                                                          '{"type":"inner","available_zone":["*****"],"elb_virsubnet_ids":["*****"],"l7_flavor_name":"L7_flavor.elb.pro.max","l4_flavor_name":"","vip_subnet_cidr_id":"*****"}'
                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                        • Automatically created shared load balancer with an EIP bound:
                                                                                                                                                                                                                                                                                                                                                                          '{"type":"public","bandwidth_name":"cce-bandwidth-1551163379627","bandwidth_chargemode":"traffic,"bandwidth_size":5,"bandwidth_sharetype":"PER","eip_type":"5_bgp","name":"james"}'
                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                        • Automatically created shared load balancer with no EIP bound:
                                                                                                                                                                                                                                                                                                                                                                          {"type":"inner","name":"A-location-d-test"}
                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                        • Automatically created shared load balancer with no EIP bound:
                                                                                                                                                                                                                                                                                                                                                                          '{"type":"inner", "name": "A-location-d-test"}'
                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        v1.9 or later
                                                                                                                                                                                                                                                                                                                                                                        
@@ -155,7 +156,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                        String
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        ELB certificate IDs, which are separated by comma (,). The list length is greater than or equal to 1. The first ID in the list is the server certificate, and the other IDs are SNI certificates in which a domain name must be contained.
                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                        To obtain the certificate, log in to the CCE console, choose Service List > Networking > Elastic Load Balance, and click Certificates in the navigation pane. In the load balancer list, copy the ID under the target certificate name.
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        How to obtain: Log in to the ELB console and choose Certificates. In the load balancer list, copy the ID under the target certificate name.
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        v1.19.16-r2, v1.21.5-r0, v1.23.3-r0, or later
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        String
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        To interconnect with HTTPS backend services, set this parameter to https.
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        To interconnect with HTTPS backend services, set this parameter to https.
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        v1.23.8, v1.25.3, or later
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        • If this parameter is not specified, CCE does not modify access control on the ELB.
                                                                                                                                                                                                                                                                                                                                                                        • If this parameter is left empty, all IP addresses are allowed to access the load balancer.
                                                                                                                                                                                                                                                                                                                                                                        • If this parameter is set to the IP address group ID of the load balancer, access control is enabled and you need to configure an IP address blocklist or trustlist for the load balancer. Additionally, you need to configure both kubernetes.io/elb.acl-status and kubernetes.io/elb.acl-type.
                                                                                                                                                                                                                                                                                                                                                                           NOTE: 
                                                                                                                                                                                                                                                                                                                                                                          For clusters of v1.25.16-r10, v1.27.16-r10, v1.28.15-r0, v1.29.10-r0, v1.30.6-r0, v1.31.1-r0, or later, when using a dedicated load balancer, you can select a maximum of five IP address groups at a time, separated by commas (,).
                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                          How to obtain:
                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                          Log in to the console. In the Service List, choose Networking > Elastic Load Balance. On the Network Console, choose Elastic Load Balance > IP Address Groups and copy the ID of the target IP address group. 
                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                          Log in to the ELB console, choose Elastic Load Balance > IP Address Groups, and copy the ID of the target IP address group. 
                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        v1.23.12-r0, v1.25.7-r0, v1.27.4-r0, v1.28.2-r0, or later
                                                                                                                                                                                                                                                                                                                                                                        
@@ -436,7 +437,7 @@
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        Specifies the sequence of forwarding rules of different ingresses. The value ranges from 1 to 1000. A smaller value indicates a higher priority. The priority of a forwarding rule must be unique under the same load balancer listener.
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        This parameter is available only for dedicated load balancers.
                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                         NOTE: 
                                                                                                                                                                                                                                                                                                                                                                        When this annotation is configured, the kubernetes.io/elb.rule-priority-enabled annotation is enabled by default. The forwarding rules of each ingress will be sorted.
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                         NOTE: 
                                                                                                                                                                                                                                                                                                                                                                        • When this annotation is configured, the kubernetes.io/elb.rule-priority-enabled annotation is enabled by default. The forwarding rules of each ingress will be sorted.
                                                                                                                                                                                                                                                                                                                                                                        • CCE sorts all forwarding policies for a given listener based on the order of the ingresses and the forwarding policy settings within those ingresses. The configured value does not correspond to the priority of the load balancer forwarding policy.
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        		
 
                                                                                                                                                                                                                                                                                                                                                                        v1.23.15-r0, v1.25.10-r0, v1.27.7-r0, v1.28.5-r0, v1.29.1-r10, or later
                                                                                                                                                                                                                                                                                                                                                                        
@@ -473,7 +474,7 @@
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        Custom header of the Service associated with an ingress. ${svc_name} is the Service name.
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        Format: a JSON string, for example, {"key": "test", "values": ["value1", "value2"]}
                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                        • key/value indicates the key-value pair of the custom header. A maximum of eight values can be configured.
                                                                                                                                                                                                                                                                                                                                                                          Enter 1 to 40 characters for a key. Only letters, digits, hyphens (-), and underscores (_) are allowed.
                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                          • A key-value pair represents the key and value of a custom header. You can configure up to nine values. However, if a header with the key host is specified, only eight values can be configured.
                                                                                                                                                                                                                                                                                                                                                                            Enter 1 to 40 characters for a key. Only letters, digits, hyphens (-), and underscores (_) are allowed.
                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                            Enter 1 to 128 characters for a value. Asterisks (*) and question marks (?) are allowed, but spaces and double quotation marks are not allowed. An asterisk can match zero or more characters, and a question mark can match one character.
                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                          • Either a custom header or grayscale release can be configured.
                                                                                                                                                                                                                                                                                                                                                                          • Enter 1 to 51 characters for ${svc_name}.
                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                        		
 
                                                                                                                                                                                                                                                                                                                                                                        String
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        ID of the custom EIP, which can be seen on the EIP console
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        ID of the custom EIP, which can be seen on the EIP console.
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        The EIP must be bindable.
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        v1.23.18-r0, v1.25.13-r0, v1.27.10-r0, v1.28.8-r0, v1.29.4-r0, v1.30.1-r0, or later
                                                                                                                                                                                                                                                                                                                                                                        
@@ -510,7 +511,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                        Configuring Advanced Forwarding Rules
                                                                                                                                                                                                                                                                                                                                                                        For details about application scenarios and use cases, see Configuring Advanced Forwarding Rules for a LoadBalancer Ingress.
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        Configuring Advanced Forwarding Rules
                                                                                                                                                                                                                                                                                                                                                                        For details about application scenarios and use cases, see Configuring an Advanced Forwarding Policy for a LoadBalancer Ingress.
                                                                                                                                                                                                                                                                                                                                                                        
 
 
                                                                                                                                                                                                                                                                                                                                                                        
@@ -528,7 +529,7 @@
 
@@ -539,7 +540,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                        Table 13 Annotations for advanced forwarding rules
                                                                                                                                                                                                                                                                                                                                                                        Parameter
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        Configure an advanced forwarding rule. ${svc_name} indicates the Service name, which can contain a maximum of 51 characters.
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        If the annotation value is set to [], the advanced forwarding rule will be deleted.
                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                        The annotation value is a JSON array. For details, see Table 2.
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        The annotation value is a JSON array. For details, see Table 4.
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                         NOTICE: 
                                                                                                                                                                                                                                                                                                                                                                        • Due to ELB API restrictions, a kubernetes.io/elb.conditions.{svcName} can contain a maximum of 10 key-value pairs.
                                                                                                                                                                                                                                                                                                                                                                        • The rules in a condition array are connected by an AND relationship, while the values in the same rule block are connected by an OR relationship. For example, if both Method and QueryString are configured, the target traffic can be distributed only when both rules are met. However, if the Method value is GET or POST, the target traffic can be distributed only when both rules are met and the Method value must be GET or POST.
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                        Configuring Advanced Forwarding Actions
                                                                                                                                                                                                                                                                                                                                                                        For details about application scenarios and use cases, see Configuring Advanced Forwarding Actions for a LoadBalancer Ingress.
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        Configuring Advanced Forwarding Actions
                                                                                                                                                                                                                                                                                                                                                                        For details about application scenarios and use cases, see Configuring an Advanced Forwarding Policy for a LoadBalancer Ingress.
                                                                                                                                                                                                                                                                                                                                                                        
 
 
                                                                                                                                                                                                                                                                                                                                                                        
@@ -560,7 +561,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                        The following advanced forwarding actions are supported:
                                                                                                                                                                                                                                                                                                                                                                        
-
@@ -612,13 +613,12 @@
 
-
-
@@ -733,7 +733,7 @@
 
-
diff --git a/docs/cce/umn/cce_10_0698.html b/docs/cce/umn/cce_10_0698.html
index a82afa673..0dad8d22a 100644
--- a/docs/cce/umn/cce_10_0698.html
+++ b/docs/cce/umn/cce_10_0698.html
@@ -59,7 +59,7 @@ spec:
 ingress-test  nginx   *         121.**.**.**     80      10s
                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                        Documentation
                                                                                                                                                                                                                                                                                                                                                                        Custom NGINX upstream hashing
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        Helpful Links
                                                                                                                                                                                                                                                                                                                                                                        Custom NGINX upstream hashing
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_10_0699.html b/docs/cce/umn/cce_10_0699.html
index c27be05ef..5b3453a53 100644
--- a/docs/cce/umn/cce_10_0699.html
+++ b/docs/cce/umn/cce_10_0699.html
@@ -1,11 +1,11 @@
 
 
-
                                                                                                                                                                                                                                                                                                                                                                        Annotations for Configuring Nginx Ingresses
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        Configuring Advanced Nginx Ingress Functions Using Annotations
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        The nginx-ingress add-on in CCE uses the community chart and image. If the default add-on parameters cannot meet your demands, you can add annotations to define what you need, such as the default backend, timeout, and size of a request body.
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        This section describes common annotations used for creating an ingress of the Nginx type.
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                         
                                                                                                                                                                                                                                                                                                                                                                        • The key value of an annotation can only be a string. Other types (such as Boolean values or numeric values) must be enclosed in quotation marks (""), for example, "true", "false", and "100".
                                                                                                                                                                                                                                                                                                                                                                        • Nginx Ingress supports native annotations of the community. For details, see Annotations.
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        
-
+
 
                                                                                                                                                                                                                                                                                                                                                                        Ingress Type
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        Table 14 Annotations for configuring advanced forwarding actions
                                                                                                                                                                                                                                                                                                                                                                        Parameter
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
 
                                                                                                                                                                                                                                                                                                                                                                        The forwarding actions supported by clusters vary depending on the cluster version. For details, see Table 1.
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        The forwarding actions supported by clusters vary depending on the cluster version.
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        
 
 
                                                                                                                                                                                                                                                                                                                                                                        bandwidth_chargemode
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        No
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        Yes for public network load balancers
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        String
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        Bandwidth mode.
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        • traffic: billed by traffic
                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                        Default: traffic
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        bandwidth_size
                                                                                                                                                                                                                                                                                                                                                                        
@@ -650,7 +650,7 @@
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        EIP type.
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        • 5_bgp: dynamic BGP
                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                        The specific type varies with regions. For details, see the EIP console.
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        The types vary by region. For details, see the EIP console.
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        vip_subnet_cidr_id
                                                                                                                                                                                                                                                                                                                                                                        
@@ -662,8 +662,8 @@
 
                                                                                                                                                                                                                                                                                                                                                                        The ID of the IPv4 subnet where the load balancer resides. This subnet is used to allocate IP addresses for the load balancer to provide external services. The IPv4 subnet must belong to the cluster's VPC.
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        If this parameter is not specified, the load balancer and the cluster will be in the same subnet by default.
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        This field can be specified only for clusters of v1.21 or later.
                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                        How to Obtain
                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                        Log in to the VPC console. In the navigation pane, choose Subnets. Filter the target subnet by the cluster's VPC name, click the subnet name, and copy the IPv4 Subnet ID on the Summary tab page.
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        How to obtain:
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        Log in to the VPC console. In the navigation pane, choose Subnets. Filter the target subnet by the cluster's VPC name, click the subnet name, and copy the IPv4 Subnet ID on the Summary tab.
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        ipv6_vip_virsubnet_id
                                                                                                                                                                                                                                                                                                                                                                        
@@ -674,8 +674,8 @@
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        The ID of the IPv6 subnet where the load balancer is deployed. IPv6 must be enabled for the subnet.
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        This parameter is available only for dedicated load balancers.
                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                        How to Obtain
                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                        Log in to the VPC console. In the navigation pane, choose Subnets. Filter the target subnet by the cluster's VPC name, click the subnet name, and copy the Network ID on the Summary tab page.
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        How to obtain:
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        Log in to the VPC console. In the navigation pane, choose Subnets. Filter the target subnet by the cluster's VPC name, click the subnet name, and copy the Network ID on the Summary tab.
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        elb_virsubnet_ids
                                                                                                                                                                                                                                                                                                                                                                        
@@ -690,8 +690,8 @@
 
                                                                                                                                                                                                                                                                                                                                                                        "elb_virsubnet_ids": [
    "14567f27-8ae4-42b8-ae47-9f847a4690dd"
  ]
                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                        How to Obtain
                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                        Log in to the VPC console. In the navigation pane, choose Subnets. Filter the target subnet by the cluster's VPC name, click the subnet name, and copy the Network ID on the Summary tab page.
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        How to obtain:
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        Log in to the VPC console. In the navigation pane, choose Subnets. Filter the target subnet by the cluster's VPC name, click the subnet name, and copy the Network ID on the Summary tab.
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        vip_address
                                                                                                                                                                                                                                                                                                                                                                        
@@ -722,7 +722,7 @@
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        String
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        Flavor name of the layer-4 load balancer. This parameter is mandatory when TCP or UDP is used.
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        Flavor name of the Layer 4 load balancer. This parameter is mandatory when TCP or UDP is used.
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        You can obtain all supported types by getting the flavor list.
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        This parameter is available only for dedicated load balancers.
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        String
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        Flavor name of the layer-7 load balancer. This parameter is mandatory when HTTP is used.
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        Flavor name of the Layer 7 load balancer. This parameter is mandatory when HTTP is used.
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        You can obtain all supported types by getting the flavor list.
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        This parameter is available only for dedicated load balancers. Its value must match that of l4_flavor_name, meaning both must be either elastic specifications or fixed specifications.
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
 
 
                                                                                                                                                                                                                                                                                                                                                                        
@@ -22,7 +22,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                        Table 1 Ingress type annotations
                                                                                                                                                                                                                                                                                                                                                                        Parameter
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        String
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        • nginx: Nginx Ingress is used.
                                                                                                                                                                                                                                                                                                                                                                        • cce: A proprietary LoadBalancer ingress is used.
                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                        This parameter is mandatory when an ingress is created by calling the API.
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        This parameter is mandatory when you create an ingress. The default value is cce.
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        For clusters of v1.23 or later, use the parameter ingressClassName. For details, see Creating an Nginx Ingress Using kubectl.
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        Only clusters of v1.21 or earlier
                                                                                                                                                                                                                                                                                                                                                                        
@@ -341,7 +341,7 @@ nginx-test   nginx   example.com   10.3.xx.xx   80      14m
 
 
                                                                                                                                                                                                                                                                                                                                                                        
 
-
                                                                                                                                                                                                                                                                                                                                                                        Documentation
                                                                                                                                                                                                                                                                                                                                                                        For details about annotation parameters supported by Nginx Ingress, see Annotations.
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        Helpful Links
                                                                                                                                                                                                                                                                                                                                                                        For details about annotation parameters supported by Nginx Ingress, see Annotations.
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_10_0702.html b/docs/cce/umn/cce_10_0702.html
index d7b21da41..c30f6ef38 100644
--- a/docs/cce/umn/cce_10_0702.html
+++ b/docs/cce/umn/cce_10_0702.html
@@ -1,8 +1,8 @@
 
 
-
                                                                                                                                                                                                                                                                                                                                                                        Overview
                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                        CCE supports different types of resource scheduling and task scheduling, improving application performance and overall cluster resource utilization. This section describes the main functions of CPU resource scheduling, GPU heterogeneous resource scheduling, and Volcano scheduling.
                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                        CPU Scheduling
                                                                                                                                                                                                                                                                                                                                                                        CCE provides CPU policies to allocate complete physical CPU cores to applications, improving application performance and reducing application scheduling latency.
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        Scheduling Overview
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        CCE supports multiple resource and task scheduling policies to enhance application performance and overall cluster resource utilization. This section describes the main functions of CPU scheduling, GPU heterogeneous scheduling, and Volcano scheduling.
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        CPU Scheduling
                                                                                                                                                                                                                                                                                                                                                                        CCE provides CPU management policies that enable the allocation of complete physical CPU cores to applications. This improves application performance and reduces scheduling latency.
                                                                                                                                                                                                                                                                                                                                                                        
 
 
                                                                                                                                                                                                                                                                                                                                                                        
@@ -14,14 +14,14 @@
 
-
-
@@ -30,7 +30,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                        Function
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        CPU policy
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        When many CPU-intensive pods are running on a node, workloads may be migrated to different CPU cores. Many workloads are not sensitive to this migration and work fine without any intervention. For CPU-sensitive applications, you can use the CPU policy provided by Kubernetes to allocate dedicated cores to applications, improving application performance and reducing application scheduling latency.
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        If a node runs a large number of CPU-intensive pods, workloads may be migrated between CPU cores. For CPU-sensitive applications, you can allocate dedicated physical cores to them using the CPU management policy provided by Kubernetes. This improves application performance and reduces scheduling latency.
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        CPU Policy
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        Enhanced CPU policy
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        Based on the Kubernetes static core binding policy, the enhanced CPU policy (enhanced-static) supports burstable pods (whose CPU requests and limits must be positive integers) and allows them to preferentially use certain CPUs to ensure application stability.
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        Based on the conventional CPU management policy, this policy supports intelligent scheduling for burstable pods, whose CPU request and limit values must be positive integers. These pods can use specific CPU cores preferentially, but they do not exclusively use these CPU cores.
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        Enhanced CPU Policy
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                        GPU Scheduling
                                                                                                                                                                                                                                                                                                                                                                        CCE schedules heterogeneous GPU resources in clusters and allows GPUs to be used in containers.
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        GPU Scheduling
                                                                                                                                                                                                                                                                                                                                                                        CCE provides GPU scheduling for clusters, facilitating refined resource allocation and optimizing resource utilization. This accommodates the specific GPU compute needs of diverse workloads, thereby enhancing the overall scheduling efficiency and service performance of the cluster.
                                                                                                                                                                                                                                                                                                                                                                        
 
 
                                                                                                                                                                                                                                                                                                                                                                        
@@ -42,56 +42,77 @@
 
-
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                        Function
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        Default GPU scheduling in Kubernetes
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        This function allows you to specify the number of GPUs that a pod requests. The value can be less than 1 so that multiple pods can share a GPU.
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        You can specify the number of GPUs that a pod requests. The value can be less than 1 so that multiple pods can share a single GPU.
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        Default GPU Scheduling in Kubernetes
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        GPU virtualization
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        GPU virtualization dynamically divides the GPU memory and computing power. A single GPU can be virtualized into a maximum of 20 virtual GPU devices. Virtualization is more flexible than static allocation. You can specify the number of GPUs on the basis of stable service running to improve GPU utilization.
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        GPU Virtualization
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        GPU monitoring
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        Prometheus and Grafana comprehensively monitor GPU metrics. This helps optimize compute performance, quickly identify faults, and efficiently schedule resources. This leads to improved GPU utilization and reduced O&M costs.
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        GPU Monitoring
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        GPU auto scaling
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        CCE allows you to configure auto scaling policies for workloads and nodes based on GPU metrics to dynamically schedule and optimize resources. This improves computing efficiency, ensures stable service operation, and reduces O&M costs.
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        GPU Auto Scaling
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         
 
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        Volcano Scheduling
                                                                                                                                                                                                                                                                                                                                                                        Volcano is a Kubernetes-based batch processing platform that supports machine learning, deep learning, bioinformatics, genomics, and other big data applications. It provides general-purpose, high-performance computing capabilities, such as job scheduling, heterogeneous chip management, and job running management.
                                                                                                                                                                                                                                                                                                                                                                        
 
-
                                                                                                                                                                                                                                                                                                                                                                        Function
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        
-
-
-
-
-
-
-
-
-
-
-
                                                                                                                                                                                                                                                                                                                                                                        Function
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        Description
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        Description
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        Documentation
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        Scheduling workloads
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        Scheduling workloads
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        Kubernetes typically uses its default scheduler to schedule workloads. To use Volcano, specify Volcano for your workloads.
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        Kubernetes typically uses its default scheduler to schedule workloads. To use Volcano, specify Volcano for your workloads.
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        Scheduling Workloads
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        Resource utilization-based scheduling
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        Resource utilization-based scheduling
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        Scheduling policies are optimized for computing resources to effectively reduce resource fragments on each node and maximize computing resource utilization.
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        Scheduling policies are optimized for computing resources to effectively reduce resource fragments on each node and maximize computing resource utilization.
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        Resource Usage-based Scheduling
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        Priority-based scheduling
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        Priority-based scheduling
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        Scheduling policies are customized based on service importance and priorities to guarantee the resources of key services.
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        Scheduling policies are customized based on service importance and priorities to guarantee the resources of key services.
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        Priority-based Scheduling
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        AI performance-based scheduling
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        AI performance-based scheduling
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        Scheduling policies are configured based on the nature and resource usage of AI tasks to increase the throughput of cluster services and improve service performance.
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        Scheduling policies are configured based on the nature and resource usage of AI tasks to increase the throughput of cluster services and improve service performance.
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        AI Performance-based Scheduling
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        NUMA affinity scheduling
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        NUMA affinity scheduling
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        Volcano targets to lift the limitation to make scheduler NUMA topology aware so that:
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        Volcano targets to lift the limitation to make scheduler NUMA topology aware so that:
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        • Pods are not scheduled to the nodes that NUMA topology does not match.
                                                                                                                                                                                                                                                                                                                                                                        • Pods are scheduled to the most suitable node for NUMA topology.
                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                        NUMA Affinity Scheduling
                                                                                                                                                                                                                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_10_0704.html b/docs/cce/umn/cce_10_0704.html
index c48a48b7d..998818e0b 100644
--- a/docs/cce/umn/cce_10_0704.html
+++ b/docs/cce/umn/cce_10_0704.html
@@ -8,7 +8,7 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                        
 
 
diff --git a/docs/cce/umn/cce_10_0720.html b/docs/cce/umn/cce_10_0720.html
index 2058ebe72..286e06ceb 100644
--- a/docs/cce/umn/cce_10_0720.html
+++ b/docs/cce/umn/cce_10_0720.html
@@ -8,9 +8,17 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                        
 
 
diff --git a/docs/cce/umn/cce_10_0721.html b/docs/cce/umn/cce_10_0721.html
index 7f0835394..353e4a943 100644
--- a/docs/cce/umn/cce_10_0721.html
+++ b/docs/cce/umn/cce_10_0721.html
@@ -1,9 +1,9 @@
 
 
-
                                                                                                                                                                                                                                                                                                                                                                        Overview
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        Volcano Scheduling Overview
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        Volcano is a batch processing platform that runs on Kubernetes for machine learning, deep learning, bioinformatics, genomics, and other big data applications. It provides general-purpose, high-performance computing capabilities, such as job scheduling, heterogeneous chip management, and job running management.
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        Volcano Scheduler
                                                                                                                                                                                                                                                                                                                                                                        Volcano Scheduler is a pod scheduling component, which consists of a series of actions and plugins. Actions should be executed in every step. Plugins provide the action algorithm details in different scenarios. Volcano Scheduler features high scalability. You can specify actions and plugins as needed.
                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                        Figure 1 Volcano Scheduler workflow
                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                        Figure 1 Volcano Scheduler workflow
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        The working process of Volcano Scheduler is as follows:
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        1. Identify and cache the job submitted by the client.
                                                                                                                                                                                                                                                                                                                                                                        2. Start a periodical session. A scheduling cycle begins.
                                                                                                                                                                                                                                                                                                                                                                        3. Send jobs that are not scheduled the to-be-scheduled queue of the session.
                                                                                                                                                                                                                                                                                                                                                                        4. Traverse all jobs to be scheduled and perform actions such as enqueue, allocate, preempt, reclaim, and backfill in the configured sequence to find the most appropriate node for each job. Bind the job to the node. The specific algorithm logic executed in action depends on the implementation of each function in the registered plugin.
                                                                                                                                                                                                                                                                                                                                                                        5. Close the session.
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_10_0722.html b/docs/cce/umn/cce_10_0722.html
index b6e2cc46c..ab3a5b8eb 100644
--- a/docs/cce/umn/cce_10_0722.html
+++ b/docs/cce/umn/cce_10_0722.html
@@ -75,7 +75,7 @@ spec:
 
                                                                                                                                                                                                                                                                                                                                                                        You can obtain pod details to check whether the pod is scheduled by Volcano to the allocated queue.
                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                        1. Run the following command to check the pod details and obtain the scheduling.k8s.io/group-name value:
                                                                                                                                                                                                                                                                                                                                                                          kubectl describe pod <pod_name>
                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                          The scheduling.k8s.io/group-name value of the pod is displayed.
                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                        2. Check whether the pod is scheduled by Volcano to the allocated queue.
                                                                                                                                                                                                                                                                                                                                                                          kubectl describe pg <group_name>
                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                          Command output:
                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                          Spec:
diff --git a/docs/cce/umn/cce_10_0725.html b/docs/cce/umn/cce_10_0725.html
index 54cba9acd..47665e14a 100644
--- a/docs/cce/umn/cce_10_0725.html
+++ b/docs/cce/umn/cce_10_0725.html
@@ -3,13 +3,13 @@
 
                                                                                                                                                                                                                                                                                                                                                                          Importing an EV to a Storage Pool
                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                          CCE allows you to use LVM to combine data volumes on nodes into a storage pool (VolumeGroup) and create LVs for containers to mount. Before creating a local EV, import the data disk of the node to the storage pool.
                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                          Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                          • Local EVs are supported only when the cluster version is v1.21.2-r0 or later and the Everest add-on version is 1.2.29 or later.
                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                          • The first data disk (used by container runtime and the kubelet component) on a node cannot be imported as a storage pool.
                                                                                                                                                                                                                                                                                                                                                                          • Storage pools in striped mode do not support scale-out. After scale-out, fragmented space may be generated and the storage pool cannot be used.
                                                                                                                                                                                                                                                                                                                                                                          • Storage pools cannot be scaled in or deleted.
                                                                                                                                                                                                                                                                                                                                                                          • If disks in a storage pool on a node are deleted, the storage pool will malfunction.
                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                          • Data disks used by the container runtime and Kubernetes components cannot be imported into a storage pool.
                                                                                                                                                                                                                                                                                                                                                                          • Storage pools in striped mode do not support scale-out. After scale-out, fragmented space may be generated and the storage pool cannot be used.
                                                                                                                                                                                                                                                                                                                                                                          • Storage pools cannot be scaled in or deleted.
                                                                                                                                                                                                                                                                                                                                                                          • If disks in a storage pool on a node are deleted, the storage pool will malfunction.
                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                          Importing a Storage Pool
                                                                                                                                                                                                                                                                                                                                                                          Imported during node creation
                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                          When creating a node, you can add a data disk to the node in Storage Settings and import the data disk to the storage pool as an EV. For details, see Creating a Node.
                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                          Imported manually
                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                          If no EV is imported during node creation, or the capacity of the current storage volume is insufficient, you can manually import an EV.
                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                          1. Go to the ECS console and add a SCSI disk to the node. 
                                                                                                                                                                                                                                                                                                                                                                          2. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                          3. Choose Storage in the navigation pane. In the right pane, click the Storage Pool tab.
                                                                                                                                                                                                                                                                                                                                                                          4. View the node to which the disk has been added and select Import as EV. You can select a write mode during the import.
                                                                                                                                                                                                                                                                                                                                                                             
                                                                                                                                                                                                                                                                                                                                                                            If the manually attached disk is not displayed in the storage pool, wait for 1 minute and refresh the list.
                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                            1. Go to the ECS console and add a SCSI disk to the node. 
                                                                                                                                                                                                                                                                                                                                                                            2. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                            3. Choose Storage in the navigation pane. In the right pane, click the Storage Pool tab.
                                                                                                                                                                                                                                                                                                                                                                            4. View the node to which the disk has been added and select Import as EV. You can select a write mode during the import.
                                                                                                                                                                                                                                                                                                                                                                               
                                                                                                                                                                                                                                                                                                                                                                              If the manually attached disk is not displayed in the storage pool, wait for 1 minute and refresh the list.
                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                              • Linear: A linear logical volume integrates one or more physical volumes. Data is written to the next physical volume when the previous one is used up.
                                                                                                                                                                                                                                                                                                                                                                              • Striped: A striped logical volume stripes data into blocks of the same size and stores them in multiple physical volumes in sequence. This allows data to be concurrently read and written. Select this option only when there are multiple volumes.
                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                            
@@ -21,7 +21,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                            Parent topic: Ephemeral Volumes
                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                            Parent topic: emptyDir
                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                            
 
diff --git a/docs/cce/umn/cce_10_0726.html b/docs/cce/umn/cce_10_0726.html
index dffad42f6..5b8ce4120 100644
--- a/docs/cce/umn/cce_10_0726.html
+++ b/docs/cce/umn/cce_10_0726.html
@@ -6,7 +6,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                            Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                            • Local EVs are supported only when the cluster version is v1.21.2-r0 or later and the Everest add-on version is 1.2.29 or later.
                                                                                                                                                                                                                                                                                                                                                                            • Do not manually delete the corresponding storage pool or detach data disks from the node. Otherwise, exceptions such as data loss may occur.
                                                                                                                                                                                                                                                                                                                                                                            • Ensure that the /var/lib/kubelet/pods/ directory is not mounted to the pod on the node. Otherwise, the pod, mounted with such volumes, may fail to be deleted.
                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                            Using the Console to Mount a Local EV
                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                            2. Choose Workloads in the navigation pane. In the right pane, click the Deployments tab.
                                                                                                                                                                                                                                                                                                                                                                            3. Click Create Workload in the upper right corner. On the displayed page, click Data Storage in the Container Information area under Container Settings and choose Add Volume > Local EV (emptyDir).
                                                                                                                                                                                                                                                                                                                                                                            4. Mount and use storage volumes, as shown in Table 1. For details about other parameters, see Workloads.
                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                              Using a Local EV Through the Console
                                                                                                                                                                                                                                                                                                                                                                              1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                              2. Choose Workloads in the navigation pane. In the right pane, click the Deployments tab.
                                                                                                                                                                                                                                                                                                                                                                              3. Click Create Workload in the upper right corner. On the displayed page, click Data Storage in the Container Information area under Container Settings and choose Add Volume > Local EV (emptyDir).
                                                                                                                                                                                                                                                                                                                                                                              4. Mount and use storage volumes. For details about the parameters, see Table 1. For other parameters, see Workloads.
                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                Table 1 Mounting a local EV
                                                                                                                                                                                                                                                                                                                                                                                Parameter
                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                Description
                                                                                                                                                                                                                                                                                                                                                                                
@@ -41,7 +41,7 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                              5. After the configuration, click Create Workload.
                                                                                                                                                                                                                                                                                                                                                                                6. 
 
-
                                                                                                                                                                                                                                                                                                                                                                                Mounting a Local EV Through kubectl
                                                                                                                                                                                                                                                                                                                                                                                1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                                                                                                                                                                                2. Create a file named nginx-emptydir.yaml and edit it.
                                                                                                                                                                                                                                                                                                                                                                                  vi nginx-emptydir.yaml
                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                  Using a Local EV Through kubectl
                                                                                                                                                                                                                                                                                                                                                                                  1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                                                                                                                                                                                  2. Create a file named nginx-emptydir.yaml and edit it.
                                                                                                                                                                                                                                                                                                                                                                                    vi nginx-emptydir.yaml
                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                    Content of the YAML file:
                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                    apiVersion: apps/v1
 kind: Deployment
@@ -77,7 +77,7 @@ spec:
 
                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                  Parent topic: Ephemeral Volumes
                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                  Parent topic: emptyDir
                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                  
 
diff --git a/docs/cce/umn/cce_10_0727.html b/docs/cce/umn/cce_10_0727.html
index 978c247c2..c1f3fa25d 100644
--- a/docs/cce/umn/cce_10_0727.html
+++ b/docs/cce/umn/cce_10_0727.html
@@ -4,38 +4,38 @@
 
                                                                                                                                                                                                                                                                                                                                                                                  Auto Scaling (AS) enables elastic scaling of nodes in a node pool based on scaling policies. Without this function, you have to manually adjust the number of nodes in a node pool.
                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                  Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                                  To enable AS, the CCE Cluster Autoscaler add-on must be installed in the target cluster.
                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                  Procedure
                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                  2. In the navigation pane, choose Nodes. On the Node Pools tab, locate the row containing the target node pool and click Auto Scaling.
                                                                                                                                                                                                                                                                                                                                                                                    • If Autoscaler has not been installed, configure add-on parameters based on service requirements, click Install, and wait until the add-on is installed. For details about add-on configurations, see CCE Cluster Autoscaler.
                                                                                                                                                                                                                                                                                                                                                                                    • If Autoscaler has been installed, directly configure scaling policies.
                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                  3. Configure auto scaling policies.
                                                                                                                                                                                                                                                                                                                                                                                    AS Configuration
                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                    • Customized Rule: Click Add Rule. In the dialog box displayed, configure parameters. You can add multiple node scaling policies, a maximum of one CPU usage-based rule, and one memory usage-based rule. The total number of rules cannot exceed 10.
                                                                                                                                                                                                                                                                                                                                                                                      The following table lists custom rules.
-
                                                                                                                                                                                                                                                                                                                                                                                      
-
-
-
@@ -36,7 +36,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                      Table 1 Custom rules
                                                                                                                                                                                                                                                                                                                                                                                      Rule Type
                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                      Procedure
                                                                                                                                                                                                                                                                                                                                                                                      1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                      2. In the navigation pane, choose Nodes. On the Node Pools tab, locate the row containing the target node pool and click Auto Scaling.
                                                                                                                                                                                                                                                                                                                                                                                        • If CCE Cluster Autoscaler is not installed, configure add-on parameters based on service requirements, click Install, and wait until the add-on is installed. For details about add-on configurations, see CCE Cluster Autoscaler.
                                                                                                                                                                                                                                                                                                                                                                                        • If CCE Cluster Autoscaler has been installed, configure scaling policies.
                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                      3. Configure auto scaling policies.
                                                                                                                                                                                                                                                                                                                                                                                        Auto Scaling Configuration
                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                        • Custom rules: Click Add Rule. In the dialog box displayed, configure parameters. You can add multiple node scaling policies, a maximum of one CPU usage-based rule, and a maximum of one memory usage-based rule. The total number of rules cannot exceed 10.
                                                                                                                                                                                                                                                                                                                                                                                          The following table lists custom rules.
+
                                                                                                                                                                                                                                                                                                                                                                                          
-
-
-
-
-
                                                                                                                                                                                                                                                                                                                                                                                          Table 1 Custom rules
                                                                                                                                                                                                                                                                                                                                                                                          Rule Type
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          Configuration
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          Configuration
                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          Metric-based
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          Metric-based
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          • Trigger: Select CPU allocation rate or Memory allocation rate and enter a value. The percentage must be greater than the value specified in the node resource requirements for a node scale-in when you configure a scaling policy (Configuring an Auto Scaling Policy for a Cluster).
                                                                                                                                                                                                                                                                                                                                                                                             NOTE: 
                                                                                                                                                                                                                                                                                                                                                                                            • Resource allocation (%) = Resources requested by pods in the node pool/Resources allocatable to pods in the node pool
                                                                                                                                                                                                                                                                                                                                                                                            • If multiple rules meet the conditions, the rules are executed in either of the following modes:
                                                                                                                                                                                                                                                                                                                                                                                              If rules based on the CPU allocation rate and memory allocation rate are configured and two or more rules meet the scale-out conditions, the rule that will add the most nodes will be executed.
                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                              If a rule is configured based on the CPU allocation rate and a periodic rule and both the rules meet the scale-out conditions, the periodic rule executed early changes the node pool to the scaling state. As a result, the metric-based rule cannot be executed. After the periodic rule is executed and the node pool status becomes normal, the metric-based rule will not be executed. If the metric-based rule is executed early, the periodic rule will be executed after the metric-based rule is executed.
                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                            • If a rule is configured based on the CPU allocation rate and memory allocation rate, the policy detection period varies with the processing logic of each loop of the Autoscaler add-on. A scale-out is triggered once the conditions are met, but it is constrained by other factors such as the cooldown period and node pool status.
                                                                                                                                                                                                                                                                                                                                                                                            • If the number of nodes reaches the upper limit of the cluster scale, the upper limit of the nodes supported in a node pool, or the upper limit of the nodes of a specific flavor, a metric-based scale-out will not be triggered.
                                                                                                                                                                                                                                                                                                                                                                                            • If the number of nodes, CPUs, or memory resources reaches the upper limit for a node scale-out, a metric-based scale-out will not be triggered.
                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                          • Trigger: Select CPU allocation rate or Memory allocation rate and enter a value. The rate must be greater than the value specified in the node resource requirements for a node scale-in when you configure a scaling policy (Configuring an Auto Scaling Policy for a Cluster).
                                                                                                                                                                                                                                                                                                                                                                                             NOTE: 
                                                                                                                                                                                                                                                                                                                                                                                            • Resource allocation rate (%) = Resources requested by pods in the node pool/Resources allocatable to pods in the node pool
                                                                                                                                                                                                                                                                                                                                                                                            • If multiple rules meet scaling conditions, the rules are executed in either of the following modes:
                                                                                                                                                                                                                                                                                                                                                                                              If rules based on the CPU allocation rate and memory allocation rate are configured and two or more rules meet the scale-out conditions, the rule that will add the most nodes will be executed.
                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                              If a rule based on the CPU allocation rate and a periodic rule are configured and both the rules meet the scale-out conditions, the periodic rule executed early changes the node pool to the scaling state. As a result, the metric-based rule cannot be executed. After the periodic rule is executed and the node pool status becomes normal, the metric-based rule will not be executed. If the metric-based rule is executed early, the periodic rule will be executed after the metric-based rule is executed.
                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                            • If rules based on the CPU allocation rate and memory allocation rate are configured, the policy detection period varies with the processing logic of each loop of the CCE Cluster Autoscaler add-on. A scale-out is triggered once the conditions are met, but it is constrained by other factors such as the cooldown period and node pool status.
                                                                                                                                                                                                                                                                                                                                                                                            • If the number of nodes reaches the upper limit of the cluster scale, the upper limit of the nodes supported in a node pool, or the upper limit of the nodes of a specific flavor, a metric-based scale-out will not be triggered.
                                                                                                                                                                                                                                                                                                                                                                                            • If the number of nodes, the number of vCPUs, or the amount of memory reaches the upper limit for a node scale-out, a metric-based scale-out will not be triggered.
                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                          • Action: Configure an action to be performed when the triggering condition is met.
                                                                                                                                                                                                                                                                                                                                                                                            • Custom: Add a specified number of nodes to a node pool.
                                                                                                                                                                                                                                                                                                                                                                                            • Auto calculation: When the trigger condition is met, nodes are automatically added and the allocation rate is restored to a value lower than the threshold. The formula is as follows:
                                                                                                                                                                                                                                                                                                                                                                                              Number of nodes to be added = [Resource request of pods in the node pool/(Available resources of a single node x Target allocation rate)] – Number of current nodes + 1
                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                            • Action: Configure an action to be performed when the triggering conditions are met.
                                                                                                                                                                                                                                                                                                                                                                                              • Custom: Plan the number of nodes added to a node pool.
                                                                                                                                                                                                                                                                                                                                                                                              • Auto calculation: When the triggering conditions are met, nodes are automatically added and the allocation rate is restored to a value lower than the threshold. The formula is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                The number of nodes to be added = Resource requests of pods in the node pool/(Available resources of a single node × Target allocation rate) – The number of current nodes + 1
                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                          		
 
                                                                                                                                                                                                                                                                                                                                                                                          Periodic
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          Periodic
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          • Trigger Time: You can select a specific time every day, every week, every month, or every year.
                                                                                                                                                                                                                                                                                                                                                                                          • Action: specifies an action to be carried out when the trigger time is reached. A specified number of nodes will be added to the node pool.
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          • Trigger Time: You can select a specific time every day, every week, every month, or every year.
                                                                                                                                                                                                                                                                                                                                                                                          • Action: specifies an action to be carried out when the trigger time is reached. Plan the number of nodes added to the node pool.
                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                           
 
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                        • Nodes: The number of nodes in a node pool will always be within the range during auto scaling.
                                                                                                                                                                                                                                                                                                                                                                                        • Cooldown Period: a period during which the nodes added in the current node pool cannot be scaled in.
                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                        AS Object
                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                        • Specifications: Configure whether to enable auto scaling for node flavors in a node pool.
                                                                                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                                                                                          If multiple flavors are configured for a node pool, you can specify the upper limit for the number of nodes and the priority for each flavor separately.
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                        • Nodes: The number of nodes in a node pool will always be within the range during auto scaling.
                                                                                                                                                                                                                                                                                                                                                                                        • Cooldown Period: a period during which the nodes added to the current node pool cannot be scaled in.
                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                        Auto Scaling Object
                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                        • Specifications: Configure whether to enable auto scaling for node flavors in a node pool.
                                                                                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                                                                                          If multiple flavors are configured for a node pool, you can specify the number of nodes and the scaling priority for each flavor.
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                      4. Click OK.
                                                                                                                                                                                                                                                                                                                                                                                      
@@ -43,7 +43,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                      Parent topic: Managing a Node Pool
                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                      Parent topic: Managing Node Pools
                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                      
 
diff --git a/docs/cce/umn/cce_10_0728.html b/docs/cce/umn/cce_10_0728.html
index c23f92258..27d895b28 100644
--- a/docs/cce/umn/cce_10_0728.html
+++ b/docs/cce/umn/cce_10_0728.html
@@ -14,21 +14,21 @@
 
                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                      NoExecute
                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                      • Pods running on the node will be evicted immediately.
                                                                                                                                                                                                                                                                                                                                                                                      • Inactive pods will not scheduled to the node.
                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                      • Pods running on the node will be evicted immediately.
                                                                                                                                                                                                                                                                                                                                                                                      • Inactive pods will not be scheduled to the node.
                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                      • If the tolerance time window tolerationSeconds is not specified, pods can always run on this node.
                                                                                                                                                                                                                                                                                                                                                                                      • If the tolerance time window tolerationSeconds is specified, pods still run on the node with taints within the time window. After the time expires, the pods will be evicted.
                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                      PreferNoSchedule
                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                      • Pods running on the node will not be evicted.
                                                                                                                                                                                                                                                                                                                                                                                      • Inactive pods will not scheduled to the node to the best extend.
                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                      • Pods running on the node will not be evicted.
                                                                                                                                                                                                                                                                                                                                                                                      • Inactive pods will not be scheduled to the node to the best extend.
                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                      Pods can always run on this node.
                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                      NoSchedule
                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                      • Pods running on the node will not be evicted.
                                                                                                                                                                                                                                                                                                                                                                                      • Inactive pods will not scheduled to the node.
                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                      • Pods running on the node will not be evicted.
                                                                                                                                                                                                                                                                                                                                                                                      • Inactive pods will not be scheduled to the node.
                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                      Pods can always run on this node.
                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                      Configuring Tolerance Policies on the Console
                                                                                                                                                                                                                                                                                                                                                                                      1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                                                                                      2. When creating a workload, click Toleration in the Advanced Settings area.
                                                                                                                                                                                                                                                                                                                                                                                      3. Add a taint tolerance policy.
                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                        Configuring Tolerance Policies on the Console
                                                                                                                                                                                                                                                                                                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                        2. When creating a workload, click Toleration in the Advanced Settings area.
                                                                                                                                                                                                                                                                                                                                                                                        3. Add a taint tolerance policy.
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          
-
@@ -52,20 +52,20 @@
 
-
                                                                                                                                                                                                                                                                                                                                                                                          Using the CCE Console
                                                                                                                                                                                                                                                                                                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                          2. In the navigation pane, choose Services & Ingresses. In the upper right corner, click Create Service.
                                                                                                                                                                                                                                                                                                                                                                                          3. Configure Service parameters. In this example, only mandatory parameters required for configuring timeout are listed. For details about how to configure other parameters, see Using the Console.
                                                                                                                                                                                                                                                                                                                                                                                            • Service Name: Specify a Service name, which can be the same as the workload name.
                                                                                                                                                                                                                                                                                                                                                                                            • Service Type: Select LoadBalancer.
                                                                                                                                                                                                                                                                                                                                                                                            • Selector: Add a label and click Confirm. The Service will use this label to select pods. You can also click Reference Workload Label to use the label of an existing workload. In the dialog box that is displayed, select a workload and click OK.
                                                                                                                                                                                                                                                                                                                                                                                            • Load Balancer: Select a load balancer type and creation mode.
                                                                                                                                                                                                                                                                                                                                                                                              • A load balancer can be dedicated or shared.
                                                                                                                                                                                                                                                                                                                                                                                              • This section uses an existing load balancer as an example. For details about the parameters for automatically creating a load balancer, see Table 1.
                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                            • Ports
                                                                                                                                                                                                                                                                                                                                                                                              • Protocol: protocol that the load balancer complies. Timeout cannot be configured for a UDP-compliant shared load balancer.
                                                                                                                                                                                                                                                                                                                                                                                              • Service Port: port used by the Service. The port number ranges from 1 to 65535.
                                                                                                                                                                                                                                                                                                                                                                                              • Container Port: listener port of the workload. For example, Nginx uses port 80 by default.
                                                                                                                                                                                                                                                                                                                                                                                              • Frontend Protocol: Select a protocol for the listener. If HTTP/HTTPS is not enabled, only the idle timeout can be configured.
                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                              Using the CCE Console
                                                                                                                                                                                                                                                                                                                                                                                              1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                              2. In the navigation pane, choose Services & Ingresses. In the upper right corner, click Create Service.
                                                                                                                                                                                                                                                                                                                                                                                              3. Configure Service parameters. In this example, only mandatory parameters required for configuring timeout are listed. For details about how to configure other parameters, see Using the CCE Console.
                                                                                                                                                                                                                                                                                                                                                                                                • Service Name: Specify a Service name, which can be the same as the workload name.
                                                                                                                                                                                                                                                                                                                                                                                                • Service Type: Select LoadBalancer.
                                                                                                                                                                                                                                                                                                                                                                                                • Selector: Add a label and click Confirm. The Service will use this label to select pods. You can also click Reference Workload Label to use the label of an existing workload. In the dialog box that is displayed, select a workload and click OK.
                                                                                                                                                                                                                                                                                                                                                                                                • Load Balancer: Select a load balancer type and creation mode.
                                                                                                                                                                                                                                                                                                                                                                                                  • A load balancer can be dedicated or shared.
                                                                                                                                                                                                                                                                                                                                                                                                  • This section uses an existing load balancer as an example. For details about the parameters for automatically creating a load balancer, see Table 1.
                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                • Ports
                                                                                                                                                                                                                                                                                                                                                                                                  • Protocol: protocol that the load balancer complies. Timeout cannot be configured for a UDP-compliant shared load balancer.
                                                                                                                                                                                                                                                                                                                                                                                                  • Service Port: the port used by the Service. The port number ranges from 1 to 65535.
                                                                                                                                                                                                                                                                                                                                                                                                  • Container Port: the port that the workload listens on. For example, Nginx uses port 80 by default.
                                                                                                                                                                                                                                                                                                                                                                                                  • Frontend Protocol: Select a protocol for the listener. If HTTP/HTTPS is not enabled, only the idle timeout can be configured.
                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                • Listener
                                                                                                                                                                                                                                                                                                                                                                                                  • Advanced Options: Select a proper option.
 
                                                                                                                                                                                                                                                                                                                                                                                          Table 1 Parameters for configuring a taint tolerance policy
                                                                                                                                                                                                                                                                                                                                                                                          Parameter
                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                          Description
                                                                                                                                                                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_10_0729.html b/docs/cce/umn/cce_10_0729.html
index 025f7018a..e87ccd85e 100644
--- a/docs/cce/umn/cce_10_0729.html
+++ b/docs/cce/umn/cce_10_0729.html
@@ -9,7 +9,7 @@
                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                          Load Balancer Type
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          Restrictions
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          Constraint
                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                          Supported Cluster Version
                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                           		
 
 
                                                                                                                                                                                                                                                                                                                                                                                          
-
-
@@ -74,8 +74,8 @@
 
-
-
-
@@ -146,7 +146,7 @@ spec:
 
@@ -156,7 +156,7 @@ spec:
 
-
diff --git a/docs/cce/umn/cce_10_0730.html b/docs/cce/umn/cce_10_0730.html
index 21f65546e..f7f838a1c 100644
--- a/docs/cce/umn/cce_10_0730.html
+++ b/docs/cce/umn/cce_10_0730.html
@@ -34,9 +34,9 @@
 
                                                                                                                                                                                                                                                                                                                                                                                        4. An available workload has been deployed in the cluster for external access. If no workload is available, deploy a workload by referring to Creating a Deployment, Creating a StatefulSet, or Creating a DaemonSet.
                                                                                                                                                                                                                                                                                                                                                                                        5. A Service for external access has been configured for the workload. Services Supported by LoadBalancer Ingresses lists the Service types supported by LoadBalancer ingresses.
                                                                                                                                                                                                                                                                                                                                                                                          6. 
-
                                                                                                                                                                                                                                                                                                                                                                                          Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                                          • If you delete the timeout configuration when updating an ingress, the timeout configuration of the existing listener will be retained.
                                                                                                                                                                                                                                                                                                                                                                                          • If multiple ingresses share the same external port on a load balancer, you are advised to use the same timeout configuration for these ingresses. Otherwise, the configuration of the first created ingress will take precedence. For details, see Configuring Multiple Ingresses to Use the Same External ELB Port.
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                                          • If you delete the timeout configuration when updating an ingress, the timeout configuration of the existing listener will be retained.
                                                                                                                                                                                                                                                                                                                                                                                          • If multiple ingresses share the same external port on a load balancer, you are advised to use the same timeout configuration for these ingresses. Otherwise, the configuration of the first created ingress will take precedence. For details, see Configuring Multiple Ingresses to Use the Same Load Balancer.
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                          Using the CCE Console to Configure Timeout
                                                                                                                                                                                                                                                                                                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                          2. In the navigation pane, choose Services & Ingresses. Click the Ingresses tab and click Create Ingress in the upper right corner.
                                                                                                                                                                                                                                                                                                                                                                                          3. Configure ingress parameters.
                                                                                                                                                                                                                                                                                                                                                                                             
                                                                                                                                                                                                                                                                                                                                                                                            This example explains only key parameters for configuring timeout. You can configure other parameters as required. For details, see Creating a LoadBalancer Ingress on the Console.
                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                            Using the CCE Console to Configure Timeout
                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                            2. In the navigation pane, choose Services & Ingresses. Click the Ingresses tab and click Create Ingress in the upper right corner.
                                                                                                                                                                                                                                                                                                                                                                                            3. Configure ingress parameters.
                                                                                                                                                                                                                                                                                                                                                                                               
                                                                                                                                                                                                                                                                                                                                                                                              This example explains only key parameters for configuring timeout. You can configure other parameters as required. For details, see Creating a LoadBalancer Ingress on the Console.
                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                              
 
 
                                                                                                                                                                                                                                                                                                                                                                                          Configuration
                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                          Description
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          Restrictions
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          Constraint
                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                           
 
                                                                                                                                                                                                                                                                                                                                                                                          Idle Timeout
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          Timeout for an idle client connection. If there are no requests reaching the load balancer during the timeout duration, the load balancer will disconnect the connection from the client and establish a new connection when there is a new request.
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          The duration for which a client connection can remain idle before being terminated. If there are no requests reaching the load balancer during this period, the load balancer will disconnect the connection from the client and establish a new connection when there is a new request.
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          Value:
                                                                                                                                                                                                                                                                                                                                                                                          • For TCP listeners, the value ranges from 10 to 4000 (in seconds). The default value is 300.
                                                                                                                                                                                                                                                                                                                                                                                          • For HTTP, HTTPS, and TERMINATED_HTTPS listeners, the value ranges from 0 to 4000 (in seconds). The default value is 60.
                                                                                                                                                                                                                                                                                                                                                                                          • For UDP listeners (supported only by dedicated load balancers), the value ranges from 10 to 4000 (in seconds). The default value is 300.
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          Request Timeout
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          Timeout for waiting for a request from a client. There are two cases:
                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                          • If the client fails to send a request header to the load balancer during the timeout duration, the request will be interrupted.
                                                                                                                                                                                                                                                                                                                                                                                          • If the interval between two consecutive request bodies reaching the load balancer is greater than the timeout duration, the connection will be disconnected.
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          The duration within which a request from a client must be received. There are two cases:
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          • If the client fails to send a request header to the load balancer during this period, the request will be interrupted.
                                                                                                                                                                                                                                                                                                                                                                                          • If the interval between two consecutive request bodies exceeds the timeout duration, the connection will be disconnected.
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          The value ranges from 1 to 300 (in seconds). The default value is 60.
                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                          This parameter is available only after HTTP/HTTPS is enabled on ports.
                                                                                                                                                                                                                                                                                                                                                                                          
@@ -83,7 +83,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          Response Timeout
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          Timeout for waiting for a response from a backend server. After a request is forwarded to the backend server, if the backend server does not respond during the timeout duration, the load balancer will stop waiting and return HTTP 504 Gateway Timeout.
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          The duration within which a response from the backend server is expected. If the backend server does not respond within this period after receiving a request, the load balancer will stop waiting and return an HTTP 504 error.
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          The value ranges from 1 to 300 (in seconds). The default value is 60.
                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                          This parameter is available only after HTTP/HTTPS is enabled on ports.
                                                                                                                                                                                                                                                                                                                                                                                          
@@ -94,7 +94,7 @@
 
 
 
-
                                                                                                                                                                                                                                                                                                                                                                                        6. Click OK.
                                                                                                                                                                                                                                                                                                                                                                                          7. 
+
                                                                                                                                                                                                                                                                                                                                                                                        7. Click Create.
                                                                                                                                                                                                                                                                                                                                                                                          8. 
 
 
                                                                                                                                                                                                                                                                                                                                                                                          Using kubectl
                                                                                                                                                                                                                                                                                                                                                                                          Use annotations to configure timeout. The following shows an example:
                                                                                                                                                                                                                                                                                                                                                                                          apiVersion: v1 
 kind: Service 
@@ -104,8 +104,8 @@ metadata:
     kubernetes.io/elb.class: performance  # Load balancer type
     kubernetes.io/elb.protocol-port: http:80 # The HTTP port 80 is used.
     kubernetes.io/elb.keepalive_timeout: '300'  # Timeout setting for client connections
-    kubernetes.io/elb.client_timeout: '60'      # Timeout for waiting for a request from a client
-    kubernetes.io/elb.member_timeout: '60'      # Timeout for waiting for a response from a backend server
+    kubernetes.io/elb.client_timeout: '60'      # Timeout for waiting for a request from a client
+    kubernetes.io/elb.member_timeout: '60'      # Timeout for waiting for a response from a backend server
   name: nginx 
 spec: 
   ports: 
@@ -134,7 +134,7 @@ spec:
 
                                                                                                                                                                                                                                                                                                                                                                                          		
 
                                                                                                                                                                                                                                                                                                                                                                                          String
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          Timeout for client connections. If there are no requests reaching the load balancer during the timeout duration, the load balancer will disconnect the connection from the client and establish a new connection when there is a new request.
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          Timeout for client connections. If there are no requests reaching the load balancer during this period, the load balancer will disconnect the connection from the client and establish a new connection when there is a new request.
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          Value:
                                                                                                                                                                                                                                                                                                                                                                                          • For TCP listeners, the value ranges from 10 to 4000 (in seconds). The default value is 300.
                                                                                                                                                                                                                                                                                                                                                                                          • For HTTP, HTTPS, and TERMINATED_HTTPS listeners, the value ranges from 0 to 4000 (in seconds). The default value is 60.
                                                                                                                                                                                                                                                                                                                                                                                          • For UDP listeners (supported only by dedicated load balancers), the value ranges from 10 to 4000 (in seconds). The default value is 300.
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          String
                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                          Timeout for waiting for a request from a client. There are two cases:
                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                          • If the client fails to send a request header to the load balancer during the timeout duration, the request will be interrupted.
                                                                                                                                                                                                                                                                                                                                                                                          • If the interval between two consecutive request bodies reaching the load balancer is greater than the timeout duration, the connection will be disconnected.
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          • If the client fails to send a request header to the load balancer during this period, the request will be interrupted.
                                                                                                                                                                                                                                                                                                                                                                                          • If the interval between two consecutive request bodies reaching the load balancer is greater than the timeout duration, the connection will be disconnected.
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          The value ranges from 1 to 300 (in seconds). The default value is 60.
                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          String
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          Timeout for waiting for a response from a backend server. After a request is forwarded to the backend server, if the backend server does not respond within the duration specified by member_timeout, the load balancer will stop waiting and return HTTP 504 Gateway Timeout.
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          The duration within which a response from the backend server is expected. After a request is forwarded to the backend server, if the backend server does not respond within the duration specified by member_timeout, the load balancer will stop waiting and return HTTP 504 Gateway Timeout.
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          The value ranges from 1 to 300 (in seconds). The default value is 60.
                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                          
 
 
                                                                                                                                                                                                                                                                                                                                                                                          
-
-
@@ -145,7 +145,7 @@ spec:
 
@@ -155,7 +155,7 @@ spec:
 
-
diff --git a/docs/cce/umn/cce_10_0734.html b/docs/cce/umn/cce_10_0734.html
index 8845ab41c..6e6024ffc 100644
--- a/docs/cce/umn/cce_10_0734.html
+++ b/docs/cce/umn/cce_10_0734.html
@@ -1,7 +1,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                          Configuring an EIP for a Pod
                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                          Application Scenarios
                                                                                                                                                                                                                                                                                                                                                                                          In Cloud Native Network 2.0, pods use VPC ENIs or sub-ENIs for networking. You can directly bind EIPs to pods.
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          Application Scenarios
                                                                                                                                                                                                                                                                                                                                                                                          In Cloud Native Network 2.0, pods use VPC elastic network interfaces or supplementary network interfaces for networking. You can directly bind and EIPs to pods.
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          To associate an EIP with a pod, simply set the value of the yangtse.io/pod-with-eip annotation to true when creating the pod. Then, the EIP will be automatically allocated and bound to the pod.
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                          A CCE Turbo cluster is available and the cluster version meets the requirements listed in the following table.
                                                                                                                                                                                                                                                                                                                                                                                          
@@ -101,7 +101,7 @@ spec:
 
 
                                                                                                                                                                                                                                                                                                                                                                                          
-
-
@@ -193,7 +193,7 @@ spec:
 
-
diff --git a/docs/cce/umn/cce_10_0735.html b/docs/cce/umn/cce_10_0735.html
index d91959664..19c81faaa 100644
--- a/docs/cce/umn/cce_10_0735.html
+++ b/docs/cce/umn/cce_10_0735.html
@@ -1,12 +1,12 @@
 
                                                                                                                                                                                                                                                                                                                                                                                          Configuring a Slow Start for a LoadBalancer Ingress
                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                          With slow start configured, a load balancer linearly increases the proportion of requests to backend server pods. When the slow start duration elapses, the load balancer sends full share of requests to backend pods and exits the slow start mode. Slow start gives applications time to warm up and respond to requests with optimal performance.
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          With slow start configured, a load balancer linearly increases the proportion of requests to backend server pods. When the slow start duration elapses, the load balancer sends full share of requests to backend server pods and exits the slow start mode. Slow start gives applications time to warm up and respond to requests with optimal performance.
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                                                                                          After a slow start is configured, if you delete the target annotation from the YAML file, slow start will not be enabled.
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                          Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                                          • Only dedicated load balancers support slow start for HTTP and HTTPS backend server groups.
                                                                                                                                                                                                                                                                                                                                                                                          • Slow start takes effect only when the weighted round robin algorithm is used.
                                                                                                                                                                                                                                                                                                                                                                                          • Slow start takes effect only for new backend server pods.
                                                                                                                                                                                                                                                                                                                                                                                          • After the slow start duration elapses, backend servers will not enter the slow start mode again.
                                                                                                                                                                                                                                                                                                                                                                                          • Slow start takes effect when health check is enabled and backend server pods are running properly.
                                                                                                                                                                                                                                                                                                                                                                                          • If health check is disabled, slow start takes effect immediately.
                                                                                                                                                                                                                                                                                                                                                                                          • With slow start configured for an ingress, all forwarding policies of the ingress take effect.
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                                          • Slow start is only available for HTTP, gRPC, or HTTPS backend server groups (pods) of dedicated load balancers.
                                                                                                                                                                                                                                                                                                                                                                                          • Slow start takes effect only when the weighted round robin algorithm is used.
                                                                                                                                                                                                                                                                                                                                                                                          • Slow start takes effect only for new backend server pods.
                                                                                                                                                                                                                                                                                                                                                                                          • After the slow start duration elapses, backend servers will not enter the slow start mode again.
                                                                                                                                                                                                                                                                                                                                                                                          • Slow start takes effect when health check is enabled and backend server pods are running properly.
                                                                                                                                                                                                                                                                                                                                                                                          • If health check is disabled, slow start takes effect immediately.
                                                                                                                                                                                                                                                                                                                                                                                          • With slow start configured for an ingress, all forwarding policies of the ingress take effect.
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          Procedure
                                                                                                                                                                                                                                                                                                                                                                                          1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                                                                                                                                                                                          2. Create a YAML file named ingress-test.yaml. The file name can be customized.
                                                                                                                                                                                                                                                                                                                                                                                            vi ingress-test.yaml
                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                            An example YAML file of an ingress associated with an existing load balancer is as follows:
                                                                                                                                                                                                                                                                                                                                                                                            
diff --git a/docs/cce/umn/cce_10_0741.html b/docs/cce/umn/cce_10_0741.html
new file mode 100644
index 000000000..9aca2104a
--- /dev/null
+++ b/docs/cce/umn/cce_10_0741.html
@@ -0,0 +1,83 @@
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                            Comprehensive Monitoring of GPU, Virtualization, and Pod Resource Metrics
                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                            Monitoring GPU metrics optimizes performance, identifies faults quickly, and allocates resources efficiently. It improves GPU utilization and lowers O&M costs. Using Prometheus and Grafana, you can comprehensively monitor GPU resources and accurately obtain resource usage. This section describes how to configure Prometheus and Grafana.
                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                            For more information, see GPU Metrics Provided by CCE.
                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                            Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                            Process
                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                          Table 1 Key parameters
                                                                                                                                                                                                                                                                                                                                                                                          Parameter
                                                                                                                                                                                                                                                                                                                                                                                          
@@ -63,16 +63,16 @@
 
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          Listener
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          • External Protocol: HTTP and HTTPS are available.
                                                                                                                                                                                                                                                                                                                                                                                          • External Port: specifies the port of the load balancer listener.
                                                                                                                                                                                                                                                                                                                                                                                          • Advanced Options
                                                                                                                                                                                                                                                                                                                                                                                            • Idle Timeout (s): specifies the idle timeout of a client connection. If there are no requests reaching the load balancer during the timeout duration, the load balancer will disconnect the connection from the client and establish a new connection when there is a new request.
                                                                                                                                                                                                                                                                                                                                                                                              The value ranges from 0 to 4000 (in seconds). The default value is 60.
                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                          • Frontend Protocol: HTTP and HTTPS are available.
                                                                                                                                                                                                                                                                                                                                                                                          • External Port: specifies the port of the load balancer listener.
                                                                                                                                                                                                                                                                                                                                                                                          • Advanced Options
                                                                                                                                                                                                                                                                                                                                                                                            • Idle Timeout (s): specifies the idle timeout of a client connection. If there are no requests reaching the load balancer during this period, the load balancer will disconnect the connection from the client and establish a new connection when there is a new request.
                                                                                                                                                                                                                                                                                                                                                                                              The value ranges from 0 to 4000 (in seconds). The default value is 60.
                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                            • Request Timeout (s): specifies the timeout duration for waiting for a client request.
                                                                                                                                                                                                                                                                                                                                                                                              Specifically:
                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                              If the client fails to send a request header to the load balancer during the timeout duration, the request will be interrupted.
                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                              If the client fails to send a request header to the load balancer during this period, the request will be interrupted.
                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                              If the interval between two consecutive request bodies reaching the load balancer is greater than the timeout duration, the connection will be disconnected.
                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                              The value ranges from 1 to 300 (in seconds). The default value is 60.
                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                            • Response Timeout (s): specifies the timeout duration for waiting for a response from a backend server. After a request is forwarded to the backend server, if the backend server does not respond during the timeout duration, the load balancer will stop waiting and return HTTP 504 Gateway Timeout.
                                                                                                                                                                                                                                                                                                                                                                                              The value ranges from 1 to 300 (in seconds). The default value is 60.
                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                            • Response Timeout (s): specifies the timeout duration for waiting for a response from a backend server. If the backend server does not respond within this period after receiving a request, the load balancer will stop waiting and return an HTTP 504 error.
                                                                                                                                                                                                                                                                                                                                                                                              The value ranges from 1 to 300 (in seconds). The default value is 60.
                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          • External Protocol: HTTP
                                                                                                                                                                                                                                                                                                                                                                                          • External Port: 80
                                                                                                                                                                                                                                                                                                                                                                                          • Advanced Options
                                                                                                                                                                                                                                                                                                                                                                                            • Idle Timeout (s): 60
                                                                                                                                                                                                                                                                                                                                                                                            • Request Timeout (s): 60
                                                                                                                                                                                                                                                                                                                                                                                            • Response Timeout (s): 60
                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                          • Frontend Protocol: HTTP
                                                                                                                                                                                                                                                                                                                                                                                          • External Port: 80
                                                                                                                                                                                                                                                                                                                                                                                          • Advanced Options
                                                                                                                                                                                                                                                                                                                                                                                            • Idle Timeout (s): 60
                                                                                                                                                                                                                                                                                                                                                                                            • Request Timeout (s): 60
                                                                                                                                                                                                                                                                                                                                                                                            • Response Timeout (s): 60
                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                          String
                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                          Timeout for waiting for a request from a client. There are two cases:
                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                          • If the client fails to send a request header to the load balancer during the timeout duration, the request will be interrupted.
                                                                                                                                                                                                                                                                                                                                                                                          • If the interval between two consecutive request bodies reaching the load balancer is greater than the timeout duration, the connection will be disconnected.
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          • If the client fails to send a request header to the load balancer during this period, the request will be interrupted.
                                                                                                                                                                                                                                                                                                                                                                                          • If the interval between two consecutive request bodies reaching the load balancer is greater than the timeout duration, the connection will be disconnected.
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          The value ranges from 1 to 300 (in seconds). The default value is 60.
                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          String
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          Timeout for waiting for a response from a backend server. After a request is forwarded to the backend server, if the backend server does not respond within the duration specified by member_timeout, the load balancer will stop waiting and return HTTP 504 Gateway Timeout.
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          The duration within which a response from the backend server is expected. After a request is forwarded to the backend server, if the backend server does not respond within the duration specified by member_timeout, the load balancer will stop waiting and return HTTP 504 Gateway Timeout.
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          The value ranges from 1 to 300 (in seconds). The default value is 60.
                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                          
 
 
                                                                                                                                                                                                                                                                                                                                                                                          Bandwidth, in Mbit/s
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          The value range varies depending on the region and bandwidth billing mode. For details, see the page on the EIP console.
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          The value range varies depending on the region and bandwidth billing mode. For details, see the EIP console.
                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          yangtse.io/eip-network-type
                                                                                                                                                                                                                                                                                                                                                                                          
@@ -112,7 +112,7 @@ spec:
                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                          EIP type
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          The type varies depending on the region. For details, see the page on the EIP console.
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          The type varies depending on the region. For details, see the EIP console.
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          Whether to allocate an EIP with a pod and bind the EIP to the pod
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          false or true
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          false or true
                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          yangtse.io/eip-network-type
                                                                                                                                                                                                                                                                                                                                                                                          
@@ -205,7 +205,7 @@ spec:
 
                                                                                                                                                                                                                                                                                                                                                                                          EIP type
                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                          • 5_bgp
                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                          The specific type varies with regions. For details, see the EIP console.
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          The types vary by region. For details, see the EIP console.
                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          yangtse.io/eip-bandwidth-id
                                                                                                                                                                                                                                                                                                                                                                                          
@@ -272,7 +272,7 @@ spec:
                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                          EIP ID
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          How to obtain:
                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                          Log in to the EIP console, click the name of the target EIP in the EIP list, and copy the ID field.
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          Log in to the EIP console, click the name of the target EIP in the EIP list, and copy the EIP ID.
                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                          
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                          
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                          Step
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          Description
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          Billing
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          Deploying a GPU Workload
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          GPU metrics are automatically reported when a GPU-backed workload is deployed in a cluster.
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          N/A
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          Accessing Prometheus
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          You can access Prometheus to view GPU monitoring metrics.
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          • Local data storage must be enabled in Cloud Native Cluster Monitoring, which may incur EVS disk fees. 
                                                                                                                                                                                                                                                                                                                                                                                          • A public LoadBalancer Service must be created in the cluster. This will incur ELB billing. 
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          Accessing Grafana
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          You can access Grafana to view GPU monitoring metrics on the built-in dashboard. Additionally, you can customize the dashboard as needed.
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          A load balancer must be associated, which will be billed. 
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                        Deploying a GPU Workload
                                                                                                                                                                                                                                                                                                                                                                                        Create a GPU-backed workload. After the workload runs properly, access Prometheus or Grafana to monitor GPU metrics.
                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console. The Overview page is displayed.
                                                                                                                                                                                                                                                                                                                                                                                        2. In the navigation pane, choose Workloads. In the upper right corner of the displayed page, click Create Workload.
                                                                                                                                                                                                                                                                                                                                                                                        3. Click Basic Info in the Container Information area under Container Settings. Select GPU card for GPU Quota and set Number of GPUs to 1.
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                        4. Configure other workload parameters and click Create Workload. If the workload status is Running, the GPU workload has been created.
                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                        Accessing Prometheus
                                                                                                                                                                                                                                                                                                                                                                                        To view GPU metrics in Prometheus, enable Local Data Storage in Data Storage Configuration of Cloud Native Cluster Monitoring. For details, see Installing the Add-on.
                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                        After Cloud Native Cluster Monitoring is installed, its associated workloads and Services are automatically deployed in the cluster. The Prometheus server will be deployed as a StatefulSet in the monitoring namespace. You can create a public LoadBalancer Service to enable Prometheus access from the Internet.
                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                        1. In the navigation pane, choose Services & Ingresses. In the upper right corner, click Create from YAML and create a public LoadBalancer Service.
                                                                                                                                                                                                                                                                                                                                                                                          apiVersion: v1
+kind: Service
+metadata:
+  name: prom-lb     # Service name, which is customizable.
+  namespace: monitoring
+  labels:
+    app: prometheus
+    component: server
+  annotations:
+    kubernetes.io/elb.id: 038ff***     # Replace it with the ID of the public load balancer in the VPC that the cluster belongs to.
+spec:
+  ports:
+    - name: cce-service-0
+      protocol: TCP
+      port: 88             # Service port, which is user-defined.
+      targetPort: 9090     # Default Prometheus port. Retain the default value.
+  selector:                # The label selector can be adjusted based on the label of a Prometheus server instance.
+    app.kubernetes.io/name: prometheus
+    prometheus: server
+  type: LoadBalancer
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                        2. After the Service is created, enter Public IP address of the load balancer:Service port in your browser's address bar to access Prometheus.
                                                                                                                                                                                                                                                                                                                                                                                        3. Click Graph in the upper part of the page, search for the required GPU metric, and view its details.
                                                                                                                                                                                                                                                                                                                                                                                        4. Choose Status > Targets to view all metrics monitored by Prometheus.
                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                        Accessing Grafana
                                                                                                                                                                                                                                                                                                                                                                                        To view GPU metrics in Grafana, install Grafana and enable Public Access.  Grafana supports AOM and Prometheus data sources.
                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                        • To use an AOM data source, enable Report Monitoring Data to AOM in Cloud Native Cluster Monitoring and Interconnect with AOM in Grafana. In addition, make sure to use the same AOM instances for both add-ons. Then, Grafana will automatically generate the prometheus-aom data source.
                                                                                                                                                                                                                                                                                                                                                                                        • To use a Prometheus data source, enable Local Data Storage in Cloud Native Cluster Monitoring. Then, you can directly use the prometheus data source provided by Grafana.
                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                        1. Test connectivity of the data source. Ensure the prometheus-aom or prometheus data source is accessible to Grafana. Otherwise, it will not be available in Grafana.
                                                                                                                                                                                                                                                                                                                                                                                          1. In the navigation pane, choose Cluster > Add-ons. In the right pane, find the Grafana add-on and click Access to go to its GUI.
                                                                                                                                                                                                                                                                                                                                                                                          2. Enter the username and password when you access the Grafana GUI for the first time. The default username and password are both admin. After logging in, reset the password as prompted.
                                                                                                                                                                                                                                                                                                                                                                                          3. In the upper left corner of the page, click . Then, click  on the left of Connections. Click Data sources to access the Data sources page.
                                                                                                                                                                                                                                                                                                                                                                                          4. In the data source list, click prometheus-aom or prometheus. Click Save & test at the bottom of the data source page to verify connectivity. If "Successfully queried the Prometheus API" is displayed, the connectivity test has been passed.
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                        2. In the navigation pane, choose Dashboards. Then, choose GPU XGPU View in the right pane to view GPU resource statuses. You can also customize the dashboard as needed.
                                                                                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                                                                                          Cloud Native Cluster Monitoring does not automatically collect GPU pod monitoring metrics. To view data in Grafana, set up a dashboard. For details, see "Monitoring > Collecting GPU Pod Monitoring Metrics and Setting Up a Grafana Dashboard" in Best Practices.
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                      Parent topic: GPU Monitoring
                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                      
+
diff --git a/docs/cce/umn/cce_10_0742.html b/docs/cce/umn/cce_10_0742.html
new file mode 100644
index 000000000..521668177
--- /dev/null
+++ b/docs/cce/umn/cce_10_0742.html
@@ -0,0 +1,76 @@
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                      Enabling Kubernetes' Default GPU Scheduling in GPU Virtualization
                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                      With GPU virtualization enabled, workloads can still use nvidia.com/gpu (Kubernetes' default GPU scheduling) while optionally adding fine-grained isolation via volcano.sh/gpu-mem.128Mi (memory only) or both volcano.sh/gpu-mem.128Mi and volcano.sh/gpu-core.percentage (both compute and memory).
                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                      With Kubernetes' default GPU scheduling and virtualization enabled, nvidia.com/gpu can be expressed as either a fraction or an integer.
                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                      • When nvidia.com/gpu is set to a fraction:
                                                                                                                                                                                                                                                                                                                                                                                        • If workload pods are scheduled to a node that does not support GPU virtualization (for details, see Prerequisites), all pods requesting fractions simply share the entire physical GPU, including its compute and memory resources. This is suitable for scenarios with low compute demands, such as lightweight inference tasks.
                                                                                                                                                                                                                                                                                                                                                                                        • If workload pods are scheduled to a node that supports GPU virtualization (for details, see Prerequisites), pods run in memory-isolation mode and can coexist only with other memory-isolated pods. They cannot share the GPU with pods that also isolate compute. GPU memory is allocated in 128-MiB blocks, rounded down to the nearest multiple of 128 MiB based on the requested nvidia.com/gpu ratio. For example, on a 16-GiB GPU, if nvidia.com/gpu is set to 0.5, the containers will be allocated 8 GiB of GPU memory (0.5 x 16 GiB), or 8192 MiB (64 x 128 MiB).
                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                      • If nvidia.com/gpu is set to an integer, an entire physical GPU will be exclusively allocated to the target pod. This is ideal for scenarios requiring high performance and strict isolation.
                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                       
                                                                                                                                                                                                                                                                                                                                                                                      Pods requesting GPUs under different resource names cannot share a node. For example, the pods requesting nvidia.com/gpu resources and the pods requesting volcano.sh/gpu-mem.128Mi resources cannot be co-located on the same node. The scheduler treats them as distinct resource types and will not bin-pack them.
                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                      Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                                      To support Kubernetes' default GPU scheduling on GPU nodes, the CCE AI Suite (NVIDIA GPU) add-on must be of v2.0.10 or later, and the Volcano Scheduler add-on must be of v1.10.5 or later.
                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                      Example of Shared GPU Scheduling
                                                                                                                                                                                                                                                                                                                                                                                      1. Use kubectl to access the cluster.
                                                                                                                                                                                                                                                                                                                                                                                      2. Create a workload that uses nvidia.com/gpu resources.
                                                                                                                                                                                                                                                                                                                                                                                        Create a gpu-app.yaml file. The following is an example:
                                                                                                                                                                                                                                                                                                                                                                                        apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: gpu-app
+  namespace: default
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: gpu-app
+  template:
+    metadata:
+      labels:
+        app: gpu-app
+    spec:
+      schedulerName: volcano
+      containers:
+        image: <your_image_address>     # Replace it with your image address.
+        name: container-0
+        resources:
+          requests:
+            cpu: 250m
+            memory: 512Mi
+            nvidia.com/gpu: 0.1   # The value must be the same as that of limits.nvidia.com/gpu.
+          limits:
+            cpu: 250m
+            memory: 512Mi
+            nvidia.com/gpu: 0.1   # The requested GPUs
+      imagePullSecrets:
+      - name: default-secret
                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                      3. Run the following command to create an application:
                                                                                                                                                                                                                                                                                                                                                                                        kubectl apply -f gpu-app.yaml
                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                      4. Log in to the pod and check the total GPU memory allocated to the pod.
                                                                                                                                                                                                                                                                                                                                                                                        kubectl exec -it gpu-app -- nvidia-smi
                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                        Expected output:
                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                        Thu Jul 27 07:53:49 2023       
++-----------------------------------------------------------------------------+
+| NVIDIA-SMI 470.57.02    Driver Version: 470.57.02    CUDA Version: 11.4     |
+|-------------------------------+----------------------+----------------------+
+| GPU  Name        Persistence-M| Bus-Id        Disp.A | Volatile Uncorr. ECC |
+| Fan  Temp  Perf  Pwr:Usage/Cap|         Memory-Usage | GPU-Util  Compute M. |
+|                               |                      |               MIG M. |
+|===============================+======================+======================|
+|   0  NVIDIA A30          Off  | 00000000:00:0D.0 Off |                    0 |
+| N/A   47C    P0    34W / 165W |      0MiB /  2304MiB |      0%      Default |
+|                               |                      |             Disabled |
++-------------------------------+----------------------+----------------------+
+
++-----------------------------------------------------------------------------+
+| Processes:                                                                  |
+|  GPU   GI   CI        PID   Type   Process name                  GPU Memory |
+|        ID   ID                                                   Usage      |
+|=============================================================================|
+|  No running processes found                                                 |
++-----------------------------------------------------------------------------+
                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                        The output shows that the total GPU memory that can be used by the pod is 2304 MiB.
                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                        In this example, the node offers 24258 MiB of GPU memory in total. A 0.1-GPU request (2425.8 MiB) is rounded down to the nearest 128 MiB block, yielding 2304 MiB (18 x 128 MiB).
                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                      Parent topic: GPU Virtualization
                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                      
+
diff --git a/docs/cce/umn/cce_10_0744.html b/docs/cce/umn/cce_10_0744.html
index 91261b7f5..c25baaa44 100644
--- a/docs/cce/umn/cce_10_0744.html
+++ b/docs/cce/umn/cce_10_0744.html
@@ -10,10 +10,10 @@
 
                                                                                                                                                                                                                                                                                                                                                                                      Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                      A cluster of v1.19.16-r50, v1.21.11-r10, v1.23.9-r10, v1.25.4-r10, v1.27.1-r10, or later is available.
                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                      Operations Performed by IAM Users
                                                                                                                                                                                                                                                                                                                                                                                      IAM users can only revoke their own credentials. To revoke a credential, perform the following operations:
                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                      1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                      2. Choose Overview in the navigation pane. In the Connection Info area on the right of the page, click Revoke.
                                                                                                                                                                                                                                                                                                                                                                                      3. In the dialog box displayed, enter REVOKE in the confirmation box and click OK if you are sure you want to revoke the credential.
                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                      1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                      2. Choose Overview in the navigation pane. In the Connection Info area on the right of the page, click Revoke.
                                                                                                                                                                                                                                                                                                                                                                                      3. In the dialog box displayed, enter REVOKE in the confirmation box and click OK if you are sure you want to revoke the credential.
                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                      Operations Performed by Accounts or Administrators
                                                                                                                                                                                                                                                                                                                                                                                      Accounts or administrators (users in the admin user group) can revoke the credentials of other users or delegated accounts. To revoke a credential, see the following operations:
                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                      1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                      2. Choose Overview in the navigation pane. In the Connection Info area on the right of the page, click Revoke.
                                                                                                                                                                                                                                                                                                                                                                                      3. Select a certificate applicant to revoke the certificate. For details about the parameters, see Table 1. After the certificate is revoked, the original X.509 certificate and kubectl configuration file become invalid. If the certificate applicant needs to regain access to the cluster, they must download the certificate or kubectl configuration file again.
                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                        Operations Performed by Accounts or Administrators
                                                                                                                                                                                                                                                                                                                                                                                        Accounts or administrators (users in the admin user group) can revoke the credentials of other users or delegated accounts. To revoke a credential, perform the following operations:
                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                        2. Choose Overview in the navigation pane. In the Connection Info area on the right of the page, click Revoke.
                                                                                                                                                                                                                                                                                                                                                                                        3. Select a certificate applicant to revoke the certificate. For details about the parameters, see Table 1. After the certificate is revoked, the original X.509 certificate and kubectl configuration file become invalid. If the certificate applicant needs to regain access to the cluster, they must download the certificate or kubectl configuration file again.
                                                                                                                                                                                                                                                                                                                                                                                          
 
 
                                                                                                                                                                                                                                                                                                                                                                                          
@@ -46,7 +46,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                          Parent topic: Connecting to a Cluster
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          Parent topic: Accessing a Cluster
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          
 
diff --git a/docs/cce/umn/cce_10_0766.html b/docs/cce/umn/cce_10_0766.html
index 0e2278f15..34b08e0bf 100644
--- a/docs/cce/umn/cce_10_0766.html
+++ b/docs/cce/umn/cce_10_0766.html
@@ -5,18 +5,18 @@
 
                                                                                                                                                                                                                                                                                                                                                                                          CCE has resolved this issue by using Volcano Scheduler to evict pods that do not comply with the configured policy so that pods can be rescheduled. In this way, the cluster load is balanced and resource fragmentation is minimized.
                                                                                                                                                                                                                                                                                                                                                                                          Features
                                                                                                                                                                                                                                                                                                                                                                                          Load-aware Descheduling
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          During Kubernetes cluster management, over-utilized nodes are due to high CPU or memory usage, which affects the stable running of pods on these nodes and increases the probability of node faults. To dynamically balance the resource usage between nodes in a cluster, a cluster resource view is required based on node monitoring metrics. During cluster management, real-time monitoring can be used to detect issues such as high resource usage on a node, node faults, and excessive number of pods on a node so that the system can take measures promptly, for example, by migrating some pods from an over-utilized node to under-utilized nodes.
                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                          Figure 1 Load-aware descheduling
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          Figure 1 Load-aware descheduling
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          When using this add-on, ensure the highThresholds value is greater than the lowThresholds value. Otherwise, the descheduler cannot work.
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          • Appropriately utilized node: a node whose resource usage is greater than or equal to 30% and less than or equal to 80%. The resource usage of appropriately utilized nodes is within the expected range.
                                                                                                                                                                                                                                                                                                                                                                                          • Over-utilized node: a node whose resource usage is higher than 80%. Some pods will be evicted from over-utilized nodes to reduce its resource usage to be less than or equal to 80%. The descheduler will schedule the evicted pods to under-utilized nodes.
                                                                                                                                                                                                                                                                                                                                                                                          • Under-utilized node: a node whose resource usage is lower than 30%.
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          HighNodeUtilization
                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                          This policy finds nodes that are under-utilized and evicts pods from the nodes in the hope that these pods will be scheduled compactly into fewer nodes. This policy must be used with the bin packing policy of Volcano Scheduler or the MostAllocated policy of the kube-scheduler scheduler. Thresholds can be configured for CPU and memory.
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          This policy finds nodes that are under-utilized and evicts pods from the nodes in the hope that these pods will be scheduled compactly into fewer nodes. This policy must be used with the bin packing policy of Volcano or the MostAllocated policy of the kube-scheduler. Thresholds can be configured for CPU and memory.
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                                          • Pods need to be rescheduled using a scheduler, and no scheduler can label pods or nodes. Therefore, an evicted pod might be rescheduled to the original node.
                                                                                                                                                                                                                                                                                                                                                                                          • Descheduling does not support anti-affinity between pods. An evicted pod is in anti-affinity relationship with other running pods. Therefore, the scheduler may still schedule the pod back to the node where the pod was evicted from.
                                                                                                                                                                                                                                                                                                                                                                                          • When configuring load-aware descheduling, you are required to enable load-aware scheduling on Volcano Scheduler. When configuring HighNodeUtilization, you are required to enable bin packing on Volcano Scheduler.
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          Configuring a Load-aware Descheduling Policy
                                                                                                                                                                                                                                                                                                                                                                                          When configuring a load-aware descheduling policy, do as follows to enable load-aware scheduling on Volcano Scheduler:
                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster details page. Choose Add-ons in the navigation pane, locate Volcano Scheduler on the right, and click Edit. In the Extended Functions area, enable descheduling and click OK to update the add-on configuration.
                                                                                                                                                                                                                                                                                                                                                                                          2. In the navigation pane, choose Settings. On the Scheduling tab page, enable load-aware scheduling. For details, see Load-aware Scheduling.
                                                                                                                                                                                                                                                                                                                                                                                          3. On the Scheduling tab page, select Volcano scheduler, find the expert mode, and click Try Now.
                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                            2. Choose Add-ons in the navigation pane, locate Volcano Scheduler on the right, and click Edit. In the Extended Functions area, enable descheduling and click OK to update the add-on configuration.
                                                                                                                                                                                                                                                                                                                                                                                            3. In the navigation pane, choose Settings. On the Scheduling tab page, enable load-aware scheduling. For details, see Load-aware Scheduling.
                                                                                                                                                                                                                                                                                                                                                                                            4. On the Scheduling tab, find the expert mode and click Try Now.
                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                            5. Configure a load-aware descheduling policy. If you are using Volcano v1.11.21 or later, refer to the example JSON parameter settings below. For more parameters, see the JSON example in Getting Started on the console.
                                                                                                                                                                                                                                                                                                                                                                                              {
 ...
@@ -68,47 +68,47 @@
 ...
 }
                                                                                                                                                                                                                                                                                                                                                                                              
 
-
                                                                                                                                                                                                                                                                                                                                                                                          Table 1 Certificate applicant
                                                                                                                                                                                                                                                                                                                                                                                          Parameter
                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                           		
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                          Table 1 Key parameters of a cluster descheduling policy
                                                                                                                                                                                                                                                                                                                                                                                          Parameter
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          
-
-
-
-
-
                                                                                                                                                                                                                                                                                                                                                                                          Table 1 Key parameters of a cluster descheduling policy
                                                                                                                                                                                                                                                                                                                                                                                          Parameter
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          Description
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          Description
                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          deschedulingInterval
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          deschedulingInterval
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          Descheduling period.
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          Descheduling period.
                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                          deschedulerPolicy
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          deschedulerPolicy
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          Cluster descheduling policy. For details, see Table 2.
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          Cluster descheduling policy. For details, see Table 2.
                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                           
 
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          
 
-
                                                                                                                                                                                                                                                                                                                                                                                          Table 2 deschedulerPolicy parameters
                                                                                                                                                                                                                                                                                                                                                                                          Parameter
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          
-
-
-
-
-
-
-
                                                                                                                                                                                                                                                                                                                                                                                          Table 2 deschedulerPolicy parameters
                                                                                                                                                                                                                                                                                                                                                                                          Parameter
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          Description
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          Description
                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          profiles.[].plugins.balance.enable.[]
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          profiles.[].plugins.balance.enable.[]
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          Descheduling policy for a cluster.
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          Descheduling policy for a cluster.
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          LoadAware: a load-aware descheduling policy is used.
                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                          profiles.[].pluginConfig.[].name
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          profiles.[].pluginConfig.[].name
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          Configuration of a load-aware descheduling policy. Options:
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          Configuration of a load-aware descheduling policy. Options:
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          • DefaultEvictor: default eviction policy
                                                                                                                                                                                                                                                                                                                                                                                          • LoadAware: a load-aware descheduling policy
                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                          profiles.[].pluginConfig.[].args
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          profiles.[].pluginConfig.[].args
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          Descheduling policy configuration of a cluster.
                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                          Descheduling policy configuration of a cluster.
                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                          • Configurations for the DefaultEvictor policy:
                                                                                                                                                                                                                                                                                                                                                                                            • ignorePvcPods: whether PVC pods should be ignored or evicted. Value true indicates that the pods are ignored, and value false indicates that the pods are evicted. This configuration does not differentiate PVC types (local PVs, SFS, or EVS).
                                                                                                                                                                                                                                                                                                                                                                                            • nodeFit: whether to consider the existing scheduling configurations such as node affinity and taint on the node during descheduling. Value true indicates that the existing scheduling configurations will be considered, and value false indicates that those will be ignored.
                                                                                                                                                                                                                                                                                                                                                                                            • priorityThreshold: priority setting. If the priority of a pod is greater than or equal to the value of this parameter, the pod will not be evicted. Example:
                                                                                                                                                                                                                                                                                                                                                                                              {
   "value": 100
 }
                                                                                                                                                                                                                                                                                                                                                                                              
@@ -143,7 +143,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                            • Click OK.
                                                                                                                                                                                                                                                                                                                                                                                              • 
 
 
                                                                                                                                                                                                                                                                                                                                                                                              Configuring a HighNodeUtilization Policy
                                                                                                                                                                                                                                                                                                                                                                                              When configuring a HighNodeUtilization policy, do as follows to enable the bin packing policy on Volcano Scheduler:
                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                              1. Log in to the CCE console and click the cluster name to access the cluster details page. Choose Add-ons in the navigation pane, locate Volcano Scheduler on the right, and click Edit. In the Extended Functions area, enable descheduling and click OK to update the add-on configuration.
                                                                                                                                                                                                                                                                                                                                                                                              2. In the navigation pane, choose Settings. On the Scheduling tab page, enable bin packing. For details, see Bin Packing.
                                                                                                                                                                                                                                                                                                                                                                                              3. On the Scheduling tab page, select Volcano scheduler, find the expert mode, and click Try Now.
                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                2. Choose Add-ons in the navigation pane, locate Volcano Scheduler on the right, and click Edit. In the Extended Functions area, enable descheduling and click OK to update the add-on configuration.
                                                                                                                                                                                                                                                                                                                                                                                                3. In the navigation pane, choose Settings. On the Scheduling tab page, enable bin packing. For details, see Bin Packing.
                                                                                                                                                                                                                                                                                                                                                                                                4. On the Scheduling tab, find the expert mode and click Try Now.
                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                5. If you are using a resource defragmentation policy, refer to the example JSON parameter settings below. For more parameters, see the JSON example in Getting Started on the console.
                                                                                                                                                                                                                                                                                                                                                                                                  {
 ... 
@@ -188,47 +188,47 @@
 ...
 }
                                                                                                                                                                                                                                                                                                                                                                                                  
 
-
                                                                                                                                                                                                                                                                                                                                                                                                  Table 3 Key parameters of a cluster descheduling policy
                                                                                                                                                                                                                                                                                                                                                                                                  Parameter
                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                  
-
-
-
-
-
                                                                                                                                                                                                                                                                                                                                                                                                  Table 3 Key parameters of a cluster descheduling policy
                                                                                                                                                                                                                                                                                                                                                                                                  Parameter
                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                  Description
                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                  Description
                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                  deschedulingInterval
                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                  deschedulingInterval
                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                  Descheduling period.
                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                  Descheduling period.
                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                  deschedulerPolicy
                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                  deschedulerPolicy
                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                  Cluster descheduling policy. For details, see Table 4.
                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                  Cluster descheduling policy. For details, see Table 4.
                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                   
 
                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                  
 
-
                                                                                                                                                                                                                                                                                                                                                                                                  Table 4 deschedulerPolicy parameters
                                                                                                                                                                                                                                                                                                                                                                                                  Parameter
                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                  
-
-
-
-
-
-
-
                                                                                                                                                                                                                                                                                                                                                                                                  Table 4 deschedulerPolicy parameters
                                                                                                                                                                                                                                                                                                                                                                                                  Parameter
                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                  Description
                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                  Description
                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                  profiles.[].plugins.balance.enable.[]
                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                  profiles.[].plugins.balance.enable.[]
                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                  Descheduling policy for a cluster.
                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                  Descheduling policy for a cluster.
                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                  HighNodeUtilization: the policy for minimizing CPU and memory fragments is used.
                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                  profiles.[].pluginConfig.[].name
                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                  profiles.[].pluginConfig.[].name
                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                  Configuration of a load-aware descheduling policy. Options:
                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                  Configuration of a load-aware descheduling policy. Options:
                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                  • DefaultEvictor: default eviction policy
                                                                                                                                                                                                                                                                                                                                                                                                  • HighNodeUtilization: policy for minimizing CPU and memory fragments
                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                  profiles.[].pluginConfig.[].args
                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                  profiles.[].pluginConfig.[].args
                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                  Descheduling policy configuration of a cluster.
                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                  Descheduling policy configuration of a cluster.
                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                  • Configurations for the DefaultEvictor policy:
                                                                                                                                                                                                                                                                                                                                                                                                    • ignorePvcPods: whether PVC pods should be ignored or evicted. Value true indicates that the pods are ignored, and value false indicates that the pods are evicted. This configuration does not differentiate PVC types (local PVs, SFS, or EVS).
                                                                                                                                                                                                                                                                                                                                                                                                    • nodeFit: whether to consider the existing scheduling configurations such as node affinity and taint on the node during descheduling. Value true indicates that the existing scheduling configurations will be considered, and value false indicates that those will be ignored.
                                                                                                                                                                                                                                                                                                                                                                                                    • priorityThreshold: priority setting. If the priority of a pod is greater than or equal to the value of this parameter, the pod will not be evicted. Example:
                                                                                                                                                                                                                                                                                                                                                                                                      {
   "value": 100
 }
                                                                                                                                                                                                                                                                                                                                                                                                      
@@ -251,12 +251,12 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                      Use Cases
                                                                                                                                                                                                                                                                                                                                                                                                      HighNodeUtilization
                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                      1. In the navigation pane of the cluster console, choose Nodes. Check the node list for nodes with minimal resource allocation.
                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                      2. In the navigation pane, choose Settings and click the Scheduling tab. Select Volcano scheduler, find the expert mode, and click Try Now.
                                                                                                                                                                                                                                                                                                                                                                                                      3. Edit Volcano parameters and set both the CPU and memory thresholds to 25. When the CPU and memory usage of a node is less than 25%, pods on the node will be evicted.
                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                      4. In the navigation pane, choose Settings and click the Scheduling tab. Find the expert mode and click Try Now.
                                                                                                                                                                                                                                                                                                                                                                                                      5. Edit Volcano parameters and set both the CPU and memory thresholds to 25. When the CPU and memory usage of a node is less than 25%, pods on the node will be evicted.
                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                      6. After the policy takes effect, pods on the node with IP address 192.168.44.152 will be migrated to the node with IP address 192.168.54.65 for minimized resource fragments.
                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                      Common Issues
                                                                                                                                                                                                                                                                                                                                                                                                      If an input parameter is incorrect, for example, the entered value is beyond the accepted value range or in an incorrect format, an event will be generated. In this case, modify the parameter setting as prompted.
                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                      
 
 
                                                                                                                                                                                                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_10_0767.html b/docs/cce/umn/cce_10_0767.html
index 1f720ff8e..b927c3be9 100644
--- a/docs/cce/umn/cce_10_0767.html
+++ b/docs/cce/umn/cce_10_0767.html
@@ -12,8 +12,8 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                      Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                      Configuring Soft Affinity Scheduling for Volcano Node Pools
                                                                                                                                                                                                                                                                                                                                                                                                      1. Configure labels for affinity scheduling in the node pool.
                                                                                                                                                                                                                                                                                                                                                                                                        1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                                                                                                        2. Click the cluster name to access the cluster console. Choose Nodes in the navigation pane. In the right pane, click the Node Pools tab.
                                                                                                                                                                                                                                                                                                                                                                                                        3. Click Update of the target node pool. On the page that is displayed, configure labels in the Kubernetes Label area.
                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                      2. In the navigation pane, choose Settings and click the Scheduling tab. Select Volcano scheduler, find the expert mode, and click Try Now.
                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                        Configuring Soft Affinity Scheduling for Volcano Node Pools
                                                                                                                                                                                                                                                                                                                                                                                                        1. Configure labels for affinity scheduling in the node pool.
                                                                                                                                                                                                                                                                                                                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                          2. Choose Nodes in the navigation pane and click the Node Pools tab on the right.
                                                                                                                                                                                                                                                                                                                                                                                                          3. Click Update of the target node pool. On the page that is displayed, configure labels in the Kubernetes Label area.
                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                        2. In the navigation pane, choose Settings and click the Scheduling tab. Find the expert mode and click Try Now.
                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                        3. Configure Volcano scheduler parameters. The following shows a configuration example in JSON format:
                                                                                                                                                                                                                                                                                                                                                                                                          ...
     "default_scheduler_conf": {
diff --git a/docs/cce/umn/cce_10_0773.html b/docs/cce/umn/cce_10_0773.html
index c3ed5f844..c3dbcfd00 100644
--- a/docs/cce/umn/cce_10_0773.html
+++ b/docs/cce/umn/cce_10_0773.html
@@ -1,13 +1,14 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                          Bin Packing
                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                          Bin packing is an optimization algorithm that aims to properly allocate resources to each job and get the jobs done using the minimum amount of resources. After bin packing is enabled for cluster workloads, the scheduler preferentially schedules pods to nodes with high resource allocation. This reduces resource fragments on each node and improves cluster resource utilization.
                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                          Bin packing is an optimization algorithm that aims to properly allocate resources to each job and get the jobs done using the minimum number of resources. After bin packing is enabled for cluster workloads, the scheduler preferentially schedules pods to nodes with high resource allocation. This reduces resource fragments on each node and improves cluster resource utilization.
                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                          Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                          Features
                                                                                                                                                                                                                                                                                                                                                                                                          Bin packing aims to fill as many existing nodes as possible (try not to allocate blank nodes). In the concrete implementation, the bin packing algorithm scores the nodes that can be delivered, and a higher score indicates a higher resource utilization rate of nodes. Bin packing intends to centrally schedule application workloads onto some nodes in a cluster, which facilitates auto scaling of cluster nodes.
                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                          The bin packing add-on works with other scheduling add-ons of the scheduler to score nodes. You can customize the overall weight of the add-on and the weight of each resource to modify the influence in the node score. When using bin packing to calculate node scores, the scheduler considers extended resources such as CPUs, memory, and GPUs requested by pods, and calculates the scores based on the weights configured for each resource.
                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                          Features
                                                                                                                                                                                                                                                                                                                                                                                                          The bin packing algorithm maximizes resource utilization per node and minimizes idle nodes. It scores nodes based on resource usage. Higher usage results in higher scores and priority. This centralizes application workloads on selected cluster nodes, aiding in auto-scaling.
                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                          As a Volcano scheduler add-on, bin packing collaborates with other add-ons to set node scores. You can customize its global weight and configure weights for resources like CPU, memory, and GPU to influence scheduling. The scheduler calculates bin packing scores by considering all pod-requested resources, performing a weighted average based on each resource's weight to finalize the node score.
                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                          How It Works
                                                                                                                                                                                                                                                                                                                                                                                                          A node is scored based on the overall weight of the bin packing add-on and the weight of each resource. Each type of resource requested by the to-be-scheduled pods is scored. Take CPUs as an example, the CPU score is calculated using the following formula:
                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                          How It Works
                                                                                                                                                                                                                                                                                                                                                                                                          When scoring nodes, the scheduler calculates bin packing scores by considering the global weight of the add-on and the weight of each resource type such as CPU, memory, and GPU. The scoring process is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                          Each type of resource requested by the to-be-scheduled pods is scored. Take CPUs as an example, the CPU score is calculated using the following formula:
                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                          CPU.weight x (Requested + Used)/Allocatable
                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                          A larger CPU weight leads to a higher score. A higher resource usage of a node leads to a higher node score. The same rule applies to memory and GPU resources. The parameters in the formula for scoring a resource are as follows:
                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                          • CPU.weight: customized CPU weight
                                                                                                                                                                                                                                                                                                                                                                                                          • Requested: CPU resources requested by the pods to be scheduled
                                                                                                                                                                                                                                                                                                                                                                                                          • Used: CPU resources that have been used on the current node
                                                                                                                                                                                                                                                                                                                                                                                                          • Allocatable: total CPU resources available on the current node
                                                                                                                                                                                                                                                                                                                                                                                                          
@@ -15,9 +16,9 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                          Binpack.weight x (CPU.score + Memory.score + GPU.score)/(CPU.weight + Memory.weight + GPU.weight) x 100
                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                          A larger bin packing weight leads to a higher score. A larger resource weight leads to a greater influence in the node score. The parameters in the formula for scoring a node are as follows:
                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                          • Binpack.weight: bin packing weight
                                                                                                                                                                                                                                                                                                                                                                                                          • CPU.score: calculated CPU score; CPU.weight: customized CPU weight
                                                                                                                                                                                                                                                                                                                                                                                                          • Memory.score: calculated memory score; Memory.weight: customized memory weight
                                                                                                                                                                                                                                                                                                                                                                                                          • GPU.score: calculated GPU score; GPU.weight: customized GPU weight
                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                          Figure 1 Bin packing example
                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                          Figure 1 Bin packing example
                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                          In this figure, there are two nodes in the cluster. When pods need to be scheduled, the bin packing policy scores the two nodes separately.
                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                          In Figure 1, there are two nodes in the cluster, node 1 and node 2. A pod requests CPU, memory, and GPU resources. Before scheduling the pod, CCE uses the bin packing policy to score the two nodes.
                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                          For example, CPU.weight is set to 1, Memory.weight is set to 1, GPU.weight is set to 2, and binpack.weight is set to 5 in a cluster.
                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                          1. Scoring for node 1
                                                                                                                                                                                                                                                                                                                                                                                                            The score of each resource type is calculated using the following formulas:
                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                            • CPU: CPU.weight x (Requested + Used)/Allocatable = 1 x (2 + 4)/8 = 0.75
                                                                                                                                                                                                                                                                                                                                                                                                            • Memory: Memory.weight x (Requested + Used)/Allocatable = 1 x (4 + 8)/16 = 0.75
                                                                                                                                                                                                                                                                                                                                                                                                            • GPU: GPU.weight x (Requested + Used)/Allocatable = 2 x (4 + 4)/8 = 2
                                                                                                                                                                                                                                                                                                                                                                                                            
@@ -28,7 +29,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                          The calculation results show that the score of node 2 is greater than that of node 1. According to the bin packing policy, new pods will be preferentially scheduled to node 2.
                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                          Configuring Bin Packing
                                                                                                                                                                                                                                                                                                                                                                                                          After Volcano is installed, bin packing takes effect by default. If the default configuration cannot meet your requirements, you can customize the weight of bin packing and the weight of each resource on the Scheduling page. To do so, perform the following operations:
                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                          1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                                                                                                          2. Click the cluster name to access the cluster console. Choose Settings in the navigation pane. In the right pane, click the Scheduling tab.
                                                                                                                                                                                                                                                                                                                                                                                                          3. In the Resource utilization optimization scheduling configuration, enable bin packing.
                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                            2. Choose Settings in the navigation pane and click the Scheduling tab.
                                                                                                                                                                                                                                                                                                                                                                                                            3. In the Resource utilization optimization scheduling configuration, enable bin packing.
                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                              Table 1 Bin packing weights
                                                                                                                                                                                                                                                                                                                                                                                                              Item
                                                                                                                                                                                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                                                                                                                                                                                               		
 
                                                                                                                                                                                                                                                                                                                                                                                                              Description
                                                                                                                                                                                                                                                                                                                                                                                                              
diff --git a/docs/cce/umn/cce_10_0775.html b/docs/cce/umn/cce_10_0775.html
index e63f62ddd..cc2ab7e5d 100644
--- a/docs/cce/umn/cce_10_0775.html
+++ b/docs/cce/umn/cce_10_0775.html
@@ -22,7 +22,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                          Configuring Priority-based Scheduling Policies
                                                                                                                                                                                                                                                                                                                                                                                                          1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                                                                                                          2. Click the cluster name to access the cluster console. Choose Settings in the navigation pane. In the right pane, click the Scheduling tab.
                                                                                                                                                                                                                                                                                                                                                                                                          3. In the Business priority scheduling area, configure priority-based scheduling.
                                                                                                                                                                                                                                                                                                                                                                                                            • Scheduling based on priority: The scheduler preferentially guarantees the running of high-priority pods, but will not evict low-priority pods that are running. Priority-based scheduling is enabled by default and cannot be disabled.
                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                            Configuring Priority-based Scheduling Policies
                                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                            2. Choose Settings in the navigation pane and click the Scheduling tab.
                                                                                                                                                                                                                                                                                                                                                                                                            3. In the Service Priority-based Scheduling area, configure priority-based scheduling.
                                                                                                                                                                                                                                                                                                                                                                                                              • Priority-based Scheduling: The scheduler preferentially guarantees the running of high-priority pods, but will not evict low-priority pods that are running. Priority-based scheduling is enabled by default and cannot be disabled.
                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                            4. After the configuration, you can use PriorityClasses to schedule the pods of workloads or Volcano jobs based priorities.
                                                                                                                                                                                                                                                                                                                                                                                                              1. Create one or more PriorityClasses.
                                                                                                                                                                                                                                                                                                                                                                                                                apiVersion: scheduling.k8s.io/v1
 kind: PriorityClass
 metadata:
@@ -214,7 +214,7 @@ priority-medium-test-0   0/1     Pending   0          2m36s
 priority-medium-test-1   0/1     Pending   0          2m36s
 priority-medium-test-2   0/1     Pending   0          2m36s
 priority-medium-test-3   0/1     Pending   0          2m36s
                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                              2. Delete the high-priority job to release cluster resources. The medium-priority job will be scheduled next.
                                                                                                                                                                                                                                                                                                                                                                                                                Run the kubectl delete -f high-priority-job.yaml command to release cluster resources and check pod scheduling.
                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                              3. Delete the high-priority job to release cluster resources. The medium-priority job will be scheduled next.
                                                                                                                                                                                                                                                                                                                                                                                                                Run the kubectl delete -f high-priority-job.yaml command to release cluster resources and check pod scheduling.
                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                NAME                     READY   STATUS    RESTARTS   AGE
 priority-low-test-0      0/1     Pending   0          5m18s
 priority-low-test-1      0/1     Pending   0          5m18s
diff --git a/docs/cce/umn/cce_10_0777.html b/docs/cce/umn/cce_10_0777.html
index 64a4134ed..b62727b8c 100644
--- a/docs/cce/umn/cce_10_0777.html
+++ b/docs/cce/umn/cce_10_0777.html
@@ -12,9 +12,9 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                Share = Total requested resources/Cluster resources
                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                If a job involves multiple resources, the resource with the largest share value is the dominant resource. The share value of the dominant resource will be used in priority-based scheduling.
                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                For example, there are two workloads, job 1 and job 2. The following figure shows the resources requested by the two jobs. After DRF calculation, the dominant resource of job 1 is memory, and its share value is 0.4; the dominant resource of job 2 is CPU, and its share value is 0.5. Since the dominant resource share of job 1 is less than that of job 2, job 1 takes precedence over job 2 in scheduling according to the max-min fairness policy.
                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                Figure 1 DRF scheduling
                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                Figure 1 DRF scheduling
                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                Configuring DRF
                                                                                                                                                                                                                                                                                                                                                                                                                After Volcano is installed, you can enable or disable DRF scheduling on the Scheduling page. This function is enabled by default.
                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                                                                                                                2. Click the cluster name to access the cluster console. Choose Settings in the navigation pane. In the right pane, click the Scheduling tab.
                                                                                                                                                                                                                                                                                                                                                                                                                3. In the AI task performance enhanced scheduling pane, select whether to enable DRF.
                                                                                                                                                                                                                                                                                                                                                                                                                  This function helps you enhance the service throughput of the cluster and improve service running performance.
                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                  2. Choose Settings in the navigation pane and click the Scheduling tab.
                                                                                                                                                                                                                                                                                                                                                                                                                  3. In the AI task performance enhanced scheduling pane, select whether to enable DRF.
                                                                                                                                                                                                                                                                                                                                                                                                                    This function helps you enhance the service throughput of the cluster and improve service running performance.
                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                  4. Click Confirm.
                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                            
diff --git a/docs/cce/umn/cce_10_0778.html b/docs/cce/umn/cce_10_0778.html
index 616752af0..7cd36c3b2 100644
--- a/docs/cce/umn/cce_10_0778.html
+++ b/docs/cce/umn/cce_10_0778.html
@@ -5,10 +5,10 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                            Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                            How It Works
                                                                                                                                                                                                                                                                                                                                                                                                            The Gang scheduling policy is one of the core scheduling algorithms of Volcano. It meets the scheduling requirements of "All or nothing" in the scheduling process and avoids the waste of cluster resources caused by arbitrary scheduling of pods. The Gang scheduler algorithm checks whether the number of scheduled pods in a job meets the minimum requirements for running the job. If yes, all pods in the job will be scheduled. If no, the pods will not be scheduled.
                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                            The Gang scheduling algorithm based on container groups is well suitable for scenarios where multi-process collaboration is required. AI scenarios typically involve complex processes. Data ingestion, data analysts, data splitting, trainers, serving, and logging which require a group of containers to work together are suitable for container-based Gang scheduling. Multi-thread parallel computing communication scenarios under MPI computing framework are also suitable for Gang scheduling because master and slave processes need to work together. Containers in a pod group are highly correlated, and there may be resource contention. The overall scheduling allocation can effectively resolve deadlocks. If cluster resources are insufficient, Gang scheduling can significantly improve the utilization of cluster resources.
                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                            The Gang scheduling algorithm based on container groups is well suited for scenarios where multi-process collaboration is required. AI scenarios typically involve complex processes. Data ingestion, data analysts, data splitting, trainers, serving, and logging which require a group of containers to work together are suitable for container-based Gang scheduling. Multi-thread parallel computing communication scenarios under MPI computing framework are also suitable for Gang scheduling because primary and secondary processes need to work together. Containers in a pod group are highly correlated, and there may be resource contention. The overall scheduling allocation can effectively resolve deadlocks. If cluster resources are insufficient, Gang scheduling can significantly improve the utilization of cluster resources.
                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                            Configuring Gang
                                                                                                                                                                                                                                                                                                                                                                                                            After Volcano is installed, you can enable or disable Gang scheduling on the Scheduling page. This function is enabled by default.
                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                                                                                                            2. Click the cluster name to access the cluster console. Choose Settings in the navigation pane. In the right pane, click the Scheduling tab.
                                                                                                                                                                                                                                                                                                                                                                                                            3. In the AI task performance enhanced scheduling pane, select whether to enable Gang.
                                                                                                                                                                                                                                                                                                                                                                                                              This function helps you enhance the service throughput of the cluster and improve service running performance.
                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                              1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                              2. Choose Settings in the navigation pane and click the Scheduling tab.
                                                                                                                                                                                                                                                                                                                                                                                                              3. In the AI task performance enhanced scheduling pane, select whether to enable Gang.
                                                                                                                                                                                                                                                                                                                                                                                                                This function helps you enhance the service throughput of the cluster and improve service running performance.
                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                              4. Click Confirm.
                                                                                                                                                                                                                                                                                                                                                                                                              5. After the configuration, use Gang scheduling in workloads or Volcano jobs.
                                                                                                                                                                                                                                                                                                                                                                                                                • Create a workload using Gang scheduling.
                                                                                                                                                                                                                                                                                                                                                                                                                  1. Create a pod group and specify minMember and minResources as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                    apiVersion: scheduling.volcano.sh/v1beta1
 kind: PodGroup
 metadata:
diff --git a/docs/cce/umn/cce_10_0779.html b/docs/cce/umn/cce_10_0779.html
new file mode 100644
index 000000000..eacc6b29d
--- /dev/null
+++ b/docs/cce/umn/cce_10_0779.html
@@ -0,0 +1,304 @@
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                    GPU Fault Handling
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    In a Kubernetes environment, managing GPU resources is complex, and diagnosing and recovering from faults can be challenging and costly. When a GPU becomes faulty, the CCE cluster can quickly report an event and isolate the faulty GPU. This isolation ensures that other functional GPUs continue to provide services with minimal disruption. This section describes common GPU events, isolation outcomes, and solutions to help you respond to faults quickly, minimize downtime, and maintain service continuity and high performance.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                    • The cluster version must be v1.27 or later.
                                                                                                                                                                                                                                                                                                                                                                                                                    • Cloud Native Log Collection has been installed in the cluster so that GPU events can be synchronously reported to AOM.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    CCE AI Suite (NVIDIA GPU) Exception Event Reporting and Isolation
                                                                                                                                                                                                                                                                                                                                                                                                                    When a GPU malfunctions, CCE AI Suite (NVIDIA GPU) reports an exception event and CCE isolates the affected GPU device based on the event. Kubernetes then cannot allocate the isolated GPU, making the GPU resource temporarily unavailable. After the fault is rectified, the GPU resumes normal operation. Table 1 lists CCE AI Suite (NVIDIA GPU) exception events and isolation results.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                    Table 1 CCE AI Suite (NVIDIA GPU) exception events
                                                                                                                                                                                                                                                                                                                                                                                                                    Event Cause
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    Error Details
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    Description
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    Result
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    Solution
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    GPUMemoryError
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    GPUServerId=xxx; MemoryErrorType=FailedRemappedRows; Device=xxx; UUID=xxx; SN=xxx; Message=The device has failed remapped rows, it will go unhealthy.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    Failed to obtain the number of remapped rows in NVML: Row remapping is used to handle memory faults. If row remapping fails, GPU memory access will be affected.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    The faulty GPU device is isolated.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    Failed to obtain the number of remapped rows in NVML.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    GPUServerId=xxx; MemoryErrorType=OverThresholdRetiredPages; Device=xxx; UUID=xxx; SN=xxx; Message=The device has more than 60 retired pages caused by both multiple single bit ecc error and double bit ecc error, DBE error number: xxx, SBE error number: xxx, it will go unhealthy.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    High DBEs and SBEs in a GPU: When the total number of Double Bit Errors (DBEs) and Single Bit Errors (SBEs) in a GPU exceeds the preset threshold (60), CCE determines that a memory fault has occurred on the device.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    The faulty GPU device is isolated.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    The total number of DBEs and SBEs of a GPU is high.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    GPUServerId=xxx; MemoryErrorType=OverLimitSramEccErrors; Device=xxx; UUID=xxx; SN=xxx; Message=The device has more than xxx SRAM uncorrectable ecc errors count, it will go unhealthy.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    Uncorrectable ECC errors in a GPU: When uncorrectable ECC errors occur in SRAM and the number of errors exceeds four, the GPU is considered to be abnormal.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    The faulty GPU device is isolated.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    Uncorrectable ECC errors have been detected in a GPU.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    GPUServerId=xxx; MemoryErrorType=PendingRetiredPages; Device=xxx; UUID=xxx; SN=xxx; Message=The device has pending retired pages.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    Pages to be isolated in a GPU: CCE automatically checks for pages that need to be isolated in a GPU. If such pages are found, memory inconsistencies or errors may occur.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    The affected GPU device is not isolated.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    There are pages to be isolated in a GPU.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    GPUServerId=xxx; MemoryErrorType=InfoROMCorrupted; Device=xxx; UUID=xxx; SN=xxx; Message=InfoROM is corrupted.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    Damaged GPU InfoROM: The InfoROM is a storage area in the GPU memory that holds critical configuration and status information. If the InfoROM is damaged, the GPU may not function correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    The affected GPU device is not isolated.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    GPU InfoROM is damaged.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    GPUXidError
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    GPUServerId=xxx; XidErrorType=GetUuidError; Xid=xxx; Message=Failed to determine gpu device uuid for Xid xxx, all devices will go unhealthy.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    Failed to obtain a GPU UUID from NVML: When parsing an Xid event reported by the driver, the NVIDIA Management Library (NVML) cannot retrieve the UUID of the affected GPU. This issue is not caused by an Xid error but may be due to driver, hardware, or permission problems.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    The GPU device of the faulty GPU node is isolated.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    Failed to obtain the UUID using NVML.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    GPUServerId=xxx; XidErrorType=FatalXidError; Xid=xxx; Device=xxx; UUID=xxx; SN=xxx; Message=The device will go unhealthy.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    Critical Xid error in a GPU: A critical Xid error in a GPU, such as Xid 74 or 79, indicates a severe hardware issue that requires fault isolation. 
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    The faulty GPU device is isolated.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    An Xid error has occurred in a GPU.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    GPUServerId=xxx; XidErrorType=ApplicationXidError; Xid=xxx; Message=Event could be caused by an application error, not a device error.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    Xid error caused by applications on a GPU: Such Xid errors are not caused by the GPU itself. Therefore, the GPU does not need to be isolated. These Xids include 13, 31, 43, 45, 68, and 137. 
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    The affected GPU device is not isolated.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    An Xid error has occurred in a GPU.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    GPUServerId=xxx; XidErrorType=OtherXidError; Xid=xxx; Device=xxx; UUID=xxx; SN=xxx; Message=The device may be unhealthy.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    Other common Xid errors in a GPU: Such Xid errors may be caused by issues with the GPU device or driver, or they may indicate error correction information.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    The affected GPU device is not isolated.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    An Xid error has occurred in a GPU.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    GPUHealthWarning
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    GPUServerId=xxx; HealthWarningType=GetFanStateError; Device=xxx; UUID=xxx; SN=xxx; Message=The device failed to get fan state.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    Malfunctional fan on a GPU: GPU's fan usage cannot be obtained. The fan may be faulty.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    The affected GPU device is not isolated.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    None
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    GPUServerId=xxx; HealthWarningType=GetPowerStateError; Device=xxx; UUID=xxx; SN=xxx; Message=The device failed to get power state.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    Malfunctional GPU power supply: GPU's power usage cannot be obtained. The power supply may be faulty.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    The affected GPU device is not isolated.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    None
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    GPUNvmlError
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    GPUServerId=xxx; NvmlErrorType=GetDeviceHandleError; Device=xxx; UUID=xxx; SN=xxx; Message=The device cannot be reached through NVML, it may be unhealthy.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    GPU failed to communicate with NVML: CCE cannot access a specified GPU through NVML. This issue typically indicates that the GPU device is unhealthy.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    The affected GPU device is not isolated.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    GPU failed to communicate with NVML.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    Fault Locating
                                                                                                                                                                                                                                                                                                                                                                                                                    • Failed to obtain the number of remapped rows in NVML.
                                                                                                                                                                                                                                                                                                                                                                                                                      The GPU driver or GPU device malfunctions. Contact customer service based on the type of the node (ECS) where the GPU device resides.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                    • The total number of DBEs and SBEs of a GPU is high.
                                                                                                                                                                                                                                                                                                                                                                                                                      The GPU driver or GPU device malfunctions. Contact customer service based on the type of the node (ECS) where the GPU device resides.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                    • Uncorrectable ECC errors have been detected in a GPU.
                                                                                                                                                                                                                                                                                                                                                                                                                      1. Log in to the node where the GPU isolation event occurred.
                                                                                                                                                                                                                                                                                                                                                                                                                      2. Go to the /usr/local/nvidia/bin directory and run the nvidia-smi  -q command.
                                                                                                                                                                                                                                                                                                                                                                                                                        If the nvidia-smi command is unavailable or fails to be executed, the failure may be caused by the lack of GPU driver. Reinstall the GPU driver and try again.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                      3. Check the ECC ERROR in the command output.
                                                                                                                                                                                                                                                                                                                                                                                                                        • Correctable Error: Such an error will not interrupt services or trigger GPU isolation.
                                                                                                                                                                                                                                                                                                                                                                                                                        • Uncorrectable Error: Such an error will interrupt services and trigger GPU isolation.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                      4. If there are uncorrectable errors, perform the following operations to rectify the fault:
                                                                                                                                                                                                                                                                                                                                                                                                                        1. Configure taints on the target node to evict the existing service load from the node.
                                                                                                                                                                                                                                                                                                                                                                                                                        2. Restart the target node.
                                                                                                                                                                                                                                                                                                                                                                                                                        3. If the fault persists, collect the output of the nvidia-smi  -q command and contact customer service based on the type of the node (ECS) where the GPU device resides.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                    • There are pages to be isolated in a GPU.
                                                                                                                                                                                                                                                                                                                                                                                                                      The GPU driver or GPU device malfunctions. Contact customer service based on the type of the node (ECS) where the GPU device resides.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      1. Log in to the node where the GPU isolation event occurred.
                                                                                                                                                                                                                                                                                                                                                                                                                      2. Go to the /usr/local/nvidia/bin directory and run the nvidia-smi -i <target gpu> -q -d  PAGE_RETIREMENT command.
                                                                                                                                                                                                                                                                                                                                                                                                                        If the nvidia-smi command is unavailable or fails to be executed, the failure may be caused by the lack of GPU driver. Reinstall the GPU driver and try again.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                      3. Check the Pending Page Blacklist in the command output. If there is data in it, there are pages to be isolated. Try the following methods to resolve this issue:
                                                                                                                                                                                                                                                                                                                                                                                                                        1. Configure taints on the target node to evict the existing service load from the node.
                                                                                                                                                                                                                                                                                                                                                                                                                        2. Reconnect to the GPU and start a new program on the GPU.
                                                                                                                                                                                                                                                                                                                                                                                                                          If the reconnected GPU does not work, reset it and restart the node. If the fault persists, contact customer service based on the type of the node (ECS) where the GPU device resides.
                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                    • GPU InfoROM is damaged.
                                                                                                                                                                                                                                                                                                                                                                                                                      The GPU device malfunctions. Contact customer service based on the type of the node (ECS) where the GPU device resides.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                    • Failed to obtain the UUID using NVML.
                                                                                                                                                                                                                                                                                                                                                                                                                      1. Log in to the node where the GPU isolation event occurred.
                                                                                                                                                                                                                                                                                                                                                                                                                      2. Access /usr/local/nvidia/bin.
                                                                                                                                                                                                                                                                                                                                                                                                                      3. Run the nvidia-smi command and check the device ID in the command output, for example, 00:0D.0.
                                                                                                                                                                                                                                                                                                                                                                                                                        If the nvidia-smi command is unavailable or fails to be executed, the failure may be caused by the lack of GPU driver. Reinstall the GPU driver and try again.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                      4. Run the lspci | grep NVIDIA command and check the device ID in the command output.
                                                                                                                                                                                                                                                                                                                                                                                                                      5. Compare the two results. If they do not match, contact customer service based on the type of the node (ECS) where the GPU device is located.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                    • An Xid error has occurred in a GPU.
                                                                                                                                                                                                                                                                                                                                                                                                                      Select a troubleshooting method based on Xid errors.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      • Critical Xid errors: The GPU device malfunctions. Contact customer service based on the type of the node (ECS) where the GPU device resides.
                                                                                                                                                                                                                                                                                                                                                                                                                      • Application-caused Xid errors: Identify possible fault causes based on Table 2 and verify the functionality of related applications. If the fault persists, restart the application to restore the GPU.
                                                                                                                                                                                                                                                                                                                                                                                                                      • Other common Xid errors: Identify possible fault causes based on Table 3 and try to recover the GPU accordingly. If the fault persists, contact customer service based on the type of the node (ECS) where the GPU device resides.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                    • GPU failed to communicate with NVML.
                                                                                                                                                                                                                                                                                                                                                                                                                      If a GPU fails to communicate with NVML, possible causes are as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      • The GPU UUID does not match the valid GPU in the system.
                                                                                                                                                                                                                                                                                                                                                                                                                      • The GPU device is not properly powered, which prevents it from functioning correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                      • The GPU device goes offline unexpectedly. As a result, it is inaccessible.
                                                                                                                                                                                                                                                                                                                                                                                                                      • The running GPU device is interrupted, which may be caused by a hardware fault or driver issue.
                                                                                                                                                                                                                                                                                                                                                                                                                      • The driver detects an unknown hardware or software error that cannot be classified.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      Contact customer service based on the type of the node (ECS) where the GPU device resides.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                    • Other common error: The available memory of virtual GPU devices is far less than the physical GPU memory.
                                                                                                                                                                                                                                                                                                                                                                                                                      Compare the physical GPU memory with the available GPU memory to check whether non-virtualized GPU containers are using the GPU memory. To do so, perform the following operations:
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      1. Log in to the virtual GPU node.
                                                                                                                                                                                                                                                                                                                                                                                                                      2. Run the /usr/local/nvidia/bin/nvidia-smi command to obtain the physical GPU memory of the target GPU and record its serial number.
                                                                                                                                                                                                                                                                                                                                                                                                                      3. Run the cat /proc/xgpu/{GPU serial number}/meminfo command to obtain the available virtualized GPU memory. Replace {GPU serial number} with the one obtained in 2.
                                                                                                                                                                                                                                                                                                                                                                                                                      4. Compare the obtained GPU memory.
                                                                                                                                                                                                                                                                                                                                                                                                                         
                                                                                                                                                                                                                                                                                                                                                                                                                        The driver of the GPU vendor occupies a certain amount of physical GPU memory, which is about 300 MiB. This is normal. For example, if Tesla T4 GPUs run with NVIDIA driver 510.47.03, the driver occupies 280 MiB of GPU memory by default. The value varies depending on the driver version. For example, the 535 series driver occupies more memory than the 470 series driver.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        If the available virtualized GPU memory is far less than the physical GPU memory, some containers that are not provisioned using GPU virtualization occupy the GPU memory.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                      5. Evict GPU workloads from the target node using the CCE console or kubectl command.
                                                                                                                                                                                                                                                                                                                                                                                                                      6. Run the rmmod xgpu_km command to delete GPU virtualization.
                                                                                                                                                                                                                                                                                                                                                                                                                      7. Delete nvidia-gpu-device-plugin pods from the target node using the CCE console or kubectl command.
                                                                                                                                                                                                                                                                                                                                                                                                                      8. After the nvidia-gpu-device-plugin pods are rebuilt, perform steps 2 and 3 again to verify the result.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    Common GPU Xid Errors
                                                                                                                                                                                                                                                                                                                                                                                                                    Xid errors are reported by the NVIDIA driver. By capturing and analyzing these error codes, you can accurately identify and resolve GPU hardware or driver issues. The following describes common Xid errors. For details, see NVIDIA Xid Errors.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    • Xid errors caused by user programs: These errors may be caused by program faults or resource management issues. For details, see Table 2.
+
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                      Table 2 Xid errors (user programs)
                                                                                                                                                                                                                                                                                                                                                                                                                      Xid
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      Error Description
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      13
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      The GR: SW Notify Error message indicates a GPU engine error, typically caused by an out-of-bounds access (for example, exceeding array limits) but could also stem from illegal instructions, registers, or rare hardware faults.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      31
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      The FIFO: MMU Error message indicates that the GPU encountered an error while processing memory access or command queues. This is typically due to unauthorized application access to memory but may also result from rare driver or hardware faults.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      43
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      The Reset Channel Verif Error message may be caused by a user application error.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      45
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      The OS: Preemptive Channel Removal message indicates that a task running on the GPU has been forcibly terminated. This typically occurs when the user program is terminated, the GPU is reset, or a system signal (such as Control-C or SIGKILL) is received.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      68
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      The NVDEC0 Exception message indicates that an error occurred during video decoding, which may be caused by hardware, driver, or user program issues.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      137
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      The NVLink FLA privilege error message indicates that a fault has been reported by the remote MMU, typically due to an application-level bug. However, it can also be caused by driver or hardware issues.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    • Other Xid errors: These errors are typically caused by GPU hardware, driver, or system configuration faults. For details, see Table 3.
+
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                      Table 3 Other Xid errors
                                                                                                                                                                                                                                                                                                                                                                                                                      Xid
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      Error Description
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      32
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      The PBDMA Error message primarily indicates issues related to the quality of the PCI-E bus, which can affect the proper functioning of the GPU device.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      48
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      The DBE (Double Bit Error) ECC Error message indicates that an uncorrectable ECC error has been detected on the GPU. To handle this error, reset the GPU.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      63
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      The ECC Page Retirement or Row Remapping message indicates that NVIDIA's self-correction mechanism has detected a GPU memory hardware error and has either retired the faulty memory page or remapped it to prevent further issues. Additionally, NVIDIA records the retirement and remapped information in the InfoROM. If the same problem occurs again, no error will be reported. Typically, this error does not affect normal functioning of the GPU.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      64
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      The triggering scenario of this Xid is similar to that of Xid 63. Xid 63 indicates that the retirement and remapped information has been recorded in the InfoROM. Therefore, no similar error will be reported for the same memory area. Xid 64 indicates a failure in recording ECC page retirement or row remapping information to the InfoROM. If the same issue occurs again later, the error will be reported again because the information was not recorded properly. Typically, this error does not affect normal functioning of the GPU.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      74
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      The NVLink Error message indicates a connectivity issue between GPUs or between GPUs and an NVSwitch over NVLink. This error can significantly impact the normal functioning of the GPU.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      79
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      The GPU has fallen off the bus message indicates that the GPU is no longer accessible over its PCI Express connection. This is typically due to a hardware fault.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      93
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      The Non-fatal violation of provisioned InfoROM wear limit message indicates that the number of write operations to the InfoROM (a read-only memory used for storing device configuration and status information) on the GPU is approaching or has exceeded a predefined wear limit. Typically, this error does not affect normal functioning of the GPU.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      94
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      The Contained ECC error occurred message indicates that the GPU has suppressed uncorrectable ECC errors to prevent them from spreading to the entire system. Typically, this error does not affect normal functioning of the GPU.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      95
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      The Uncontained ECC error occurred message indicates the GPU failed to suppress uncorrectable ECC errors. As a result, all applications running on the GPU are affected.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      110
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      The Security fault error message indicates a hardware fault.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      119
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      The GSP RPC Timeout message indicates that the GPU system processor timed out. If the fault persists, restart the GPU or node.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      120
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      The GSP Error message indicates that an error has occurred in the GPU system processor. If the fault persists, restart the GPU or node.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      121
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      The C2C Link corrected error message indicates that an error occurred in the C2C NVLink connection, but the error has been corrected. Restart the GPU at your earliest convenience to ensure a long-term stable connection.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      140
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      The ECC unrecovered error message indicates that the GPU driver has detected an uncorrectable error in the GPU memory. This type of error typically requires a GPU reset.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    Parent topic: GPU Scheduling
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
diff --git a/docs/cce/umn/cce_10_0782.html b/docs/cce/umn/cce_10_0782.html
index d43e993b8..b7f5ca88c 100644
--- a/docs/cce/umn/cce_10_0782.html
+++ b/docs/cce/umn/cce_10_0782.html
@@ -2,13 +2,13 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                    Dashboard
                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                    Settings offers you an entry to check and modify the basic settings of clusters. It includes information from dimension like Cluster Information, Cluster Settings, Master Node AZs, and Installed Add-ons.
                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                    Accessing the Settings
                                                                                                                                                                                                                                                                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                    2. In the navigation pane, choose Settings and click the Dashboard tab.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    Accessing the Settings
                                                                                                                                                                                                                                                                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                    2. In the navigation pane, choose Settings and click the Dashboard tab.
                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                    Cluster Information
                                                                                                                                                                                                                                                                                                                                                                                                                    It includes:
                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                    • ID: uniquely identifies a cluster resource. It is automatically generated after a cluster is created and can be used in scenarios such as API calling.
                                                                                                                                                                                                                                                                                                                                                                                                                    • Current Name: After a cluster is created, you can click  to change its name.
                                                                                                                                                                                                                                                                                                                                                                                                                    • Original Name: specifies a cluster's original name after its current name is changed. The current name of a cluster must be unique.
                                                                                                                                                                                                                                                                                                                                                                                                                    • Status: specifies the status of a cluster. For details, see Cluster Lifecycle.
                                                                                                                                                                                                                                                                                                                                                                                                                    • Type: specifies whether a cluster is a CCE standard cluster or a CCE Turbo cluster. For details about the differences between CCE standard and CCE Turbo clusters, see Comparison Between Cluster Types.
                                                                                                                                                                                                                                                                                                                                                                                                                    • Created On: specifies the time when a cluster was created. You will be billed based on the creation time of clusters.
                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                    • ID: uniquely identifies a cluster resource. It is automatically generated after a cluster is created and can be used in scenarios such as API calling.
                                                                                                                                                                                                                                                                                                                                                                                                                    • Current Name: After a cluster is created, you can click  to change its name.
                                                                                                                                                                                                                                                                                                                                                                                                                    • Original Name: specifies a cluster's original name after its current name is changed. The current name of a cluster must be unique.
                                                                                                                                                                                                                                                                                                                                                                                                                    • Status: specifies the status of a cluster. For details, see Cluster Lifecycle.
                                                                                                                                                                                                                                                                                                                                                                                                                    • Type: specifies whether a cluster is a CCE standard cluster or a CCE Turbo cluster. For details about the differences between CCE standard and CCE Turbo clusters, see Comparison Between Cluster Types.
                                                                                                                                                                                                                                                                                                                                                                                                                    • Created On: specifies the time when a cluster was created. You will be billed based on the creation time of clusters.
                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                    Cluster Settings
                                                                                                                                                                                                                                                                                                                                                                                                                    After a cluster is created, you can modify the following items for it:
                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                    • Cluster Scale: specifies how many nodes a cluster can manage at most. You can change the cluster scale as needed. For details, see Changing a Cluster Scale.
                                                                                                                                                                                                                                                                                                                                                                                                                    • Cluster Version | Patch Version: specifies the Kubernetes version and CCE patch version of a cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                    • Network Model: specifies the network model of a cluster, which cannot be changed. For details about network models, see Container Network.
                                                                                                                                                                                                                                                                                                                                                                                                                    • Resource Tag: You can add resource tags to classify resources.
                                                                                                                                                                                                                                                                                                                                                                                                                    • Cluster Description: specifies the description that you entered for a cluster. A maximum of 200 characters are allowed.
                                                                                                                                                                                                                                                                                                                                                                                                                    • Global OBS Access Secret (paas.longaksk): If you have created a global access key while using OBS volumes in a cluster, the system will create a secret called paas.longaksk in the kube-system namespace of the cluster. This secret is used to store the global AK and SK.
                                                                                                                                                                                                                                                                                                                                                                                                                      The global access key (paas.longaksk) is used by project. Once a global access key is used, it is automatically created for each cluster within the same project. However, this can lead to security and management complexities. Therefore, it is not recommended that you use global access secrets. To disable global access keys, check whether the cluster uses global access keys. For details, see What Is an OBS Global Access Key and How Do I Check Whether a Global Access Key Is Used in a Cluster?
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      • Cluster Scale: specifies how many nodes a cluster can manage at most. You can change the cluster scale as needed. For details, see Changing a Cluster Scale.
                                                                                                                                                                                                                                                                                                                                                                                                                      • Cluster Version | Patch Version: specifies the Kubernetes version and CCE patch version of a cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                      • Network Model: specifies the network model of a cluster, which cannot be changed. For details about network models, see Container Networks.
                                                                                                                                                                                                                                                                                                                                                                                                                      • Resource Tag: You can add resource tags to classify resources.
                                                                                                                                                                                                                                                                                                                                                                                                                      • Cluster Description: specifies the description that you entered for a cluster. A maximum of 200 characters are allowed.
                                                                                                                                                                                                                                                                                                                                                                                                                      • Global OBS Access Secret (paas.longaksk): If you have created a global access secret while using OBS volumes in a cluster, the system will create a secret called paas.longaksk in the kube-system namespace of the cluster. This secret is used to store the global AK and SK.
                                                                                                                                                                                                                                                                                                                                                                                                                        The global access secret (paas.longaksk) is used by project. Once a global access secret is used, it is automatically created for each cluster within the same project. However, this can lead to security and management complexities. Therefore, it is not recommended that you use global access secrets. To disable global access keys, check whether the cluster uses global access keys. For details, see What Is an OBS Global Access Key and How Do I Check Whether a Global Access Key Is Used in a Cluster?
                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                      • Cluster Deletion Protection: A measure taken to prevent accidental deletion of clusters through the console or APIs. After this function is enabled, you will not be able to delete or unsubscribe from clusters.
                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                    Master Node AZs
                                                                                                                                                                                                                                                                                                                                                                                                                    You can check how many master nodes are supported in a cluster. 
                                                                                                                                                                                                                                                                                                                                                                                                                    
diff --git a/docs/cce/umn/cce_10_0783.html b/docs/cce/umn/cce_10_0783.html
index c38e301d1..c7ed76087 100644
--- a/docs/cce/umn/cce_10_0783.html
+++ b/docs/cce/umn/cce_10_0783.html
@@ -1,15 +1,89 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                    Cluster Access
                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                    Access Mode
                                                                                                                                                                                                                                                                                                                                                                                                                    • kubectl: You need to download and configure the kubectl and kubeconfig configuration files first, and then use kubectl to access a Kubernetes cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                                                                                                                                                                                                                    • EIP: You can bind an EIP to the cluster API server. Then, the cluster API server can access the public network.
                                                                                                                                                                                                                                                                                                                                                                                                                       
                                                                                                                                                                                                                                                                                                                                                                                                                      • Binding an EIP to a cluster could bring the cluster potential access risks from the public network. You are advised to harden the inbound rule of port 5443 for the master node security group. 
                                                                                                                                                                                                                                                                                                                                                                                                                      • This operation will restart kube-apiserver and update the cluster access certificate (kubeconfig). Do not perform any operations on the cluster during this time.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      Access Mode
                                                                                                                                                                                                                                                                                                                                                                                                                      • kubectl: You need to download and configure the kubectl and kubeconfig configuration files first, and then use kubectl to access a Kubernetes cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                                                                                                                                                                                                                      • EIP: You can bind an EIP to the cluster API server. Then, the cluster API server can access the public network. If no EIP is available, assign an EIP.
                                                                                                                                                                                                                                                                                                                                                                                                                         
                                                                                                                                                                                                                                                                                                                                                                                                                        • Binding an EIP to a cluster could bring the cluster potential access risks from the Internet. You are advised to harden the inbound rule of port 5443 for the master node security group. 
                                                                                                                                                                                                                                                                                                                                                                                                                        • This operation will restart kube-apiserver and update the cluster access certificate (kubeconfig). Do not perform any operations on the cluster during this time.
                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                      • Custom SAN: The Subject Alternative Name (SAN) allows multiple values (including IP addresses and domain names) to be associated with certificates. After the custom SAN is configured in the cluster access certificate, the cluster can be accessed using the domain names or IP addresses specified by the SAN. For details, see Accessing a Cluster Using a Custom Domain Name.
                                                                                                                                                                                                                                                                                                                                                                                                                         
                                                                                                                                                                                                                                                                                                                                                                                                                        This operation will restart kube-apiserver and update the cluster access certificate (kubeconfig). Do not perform any operations on the cluster during this time.
                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                      Authentication
                                                                                                                                                                                                                                                                                                                                                                                                                      CCE allows you to download the X.509 certificate, which contains the client.key, client.crt, and ca.crt files. Keep your certificate secure.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      Authentication
                                                                                                                                                                                                                                                                                                                                                                                                                      • Certificate Authentication
                                                                                                                                                                                                                                                                                                                                                                                                                        CCE allows you to download the X.509 certificate, which contains the client.key, client.crt, and ca.crt files. Keep your certificate secure.
                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                        For details about how to use a certificate to access clusters, see Accessing a Cluster Using an X.509 Certificate.
                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                        CCE supports X.509 certificate revocation. For details about how to revoke a cluster credential, see Revoking a Cluster Access Credential.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                      • OIDC
                                                                                                                                                                                                                                                                                                                                                                                                                        CCE supports OpenID Connect (OIDC) authentication. You can configure the necessary identity authentication information to obtain an access token (known as an ID token) and add it to kubectl. For details, see Using Dex for OIDC Authentication on CCE.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                        Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        Description
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        Example Value
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        Issuer URL (oidc-issuer-url)
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        The URL for OIDC authentication. It must be HTTPS-compliant.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        https://dex.k8s.example.com
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        Client ID (oidc-client-id)
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        Client ID registered with the OIDC authentication service. For example, the client ID registered in Step 2: Deploy a Dex Application is kubernetes.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        kubernetes
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        Username (oidc-username-claim)
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        The value to be used as the username. You need to specify a field in JWT claims for it. The default value is sub. It is typically the unique identifier of the end user. You can also select other fields, such as email or name.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        You can grant Kubernetes permissions based on the username in the cluster. For details, see Step 6: Grant Kubernetes Permissions to a Third-Party User.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        email
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        Setting the parameter to email means that the value of the email field (the email address) in the JWT claim is used as the username.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        OIDC Group (oidc-groups-claim)
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        The value to be used as the user group. You need to specify a field in JWT claims for it. The field name of the user group is typically groups. You can grant Kubernetes permissions based on the user group. For details, see Step 6: Grant Kubernetes Permissions to a Third-Party User.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        groups
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        Setting this parameter to groups means that the value of groups in the JWT claim is used as the user group.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        CA File (oidc-ca-pem)
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        A CA certificate in PEM format. It is used to sign the identity provider's web certificate.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        CA certificate of the Dex domain name in Step 1: Create a Key (Skip This Step If You Already Have a Certificate)
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        Username Prefix (oidc-username-prefix)
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        The prefix of the username. It is used to prevent clashes with existing names (such as system:users). Do not include a colon (:). For example, the value oidc indicates the prefix oidc:, which will create usernames like oidc:foo and oidc:bar.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        • The value you specified will apply to all usernames.
                                                                                                                                                                                                                                                                                                                                                                                                                        • If this parameter is not specified, usernames that are not email addresses will be prefixed with the issuer URL to avoid conflicts.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        oidc
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        OIDC Group Prefix (oidc-groups-prefix)
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        The prefix of the user group. It is used to prevent clashes with existing groups (such as system:groups). Do not include a colon (:). For example, the value oidc indicates the prefix oidc:, which will create user groups like oidc:engineering and oidc:infra.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        oidc
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        Required Key-Value Claim (oidc-required-claim)
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        A key-value pair that describes a required claim in the ID token. If no value is provided or the value does not match, the authentication will fail.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        key:value
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                      Server Request Settings
                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                      
@@ -70,7 +70,7 @@
 
-
@@ -109,7 +109,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                      Table 1 Parameters
                                                                                                                                                                                                                                                                                                                                                                                                                      Item
                                                                                                                                                                                                                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_10_0784.html b/docs/cce/umn/cce_10_0784.html
index 51fabc7bd..77d619bfc 100644
--- a/docs/cce/umn/cce_10_0784.html
+++ b/docs/cce/umn/cce_10_0784.html
@@ -12,7 +12,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                      VPC
                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                      VPC where a cluster resides
                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                      VPC enables you to provision logically isolated, configurable, manageable virtual networks for cloud servers, cloud containers, and cloud databases. The VPC gives you complete control over your virtual network, allowing you to select your own IP address range, create subnets, configure security groups, and even assign EIPs and allocate bandwidth in your network, enabling secure and easy access to your business system.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      VPC enables you to provision logically isolated, configurable, manageable virtual networks for cloud servers, cloud containers, and cloud databases. You can configure IP address ranges, subnets, security groups, and more in a VPC, and assign EIPs and bandwidth to build your service system.
                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                      VPC CIDR Block
                                                                                                                                                                                                                                                                                                                                                                                                                      
@@ -23,7 +23,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                      Default Node Subnet
                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                      Node subnet of a cluster
                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                      A subnet is a network that manages ECS network planes. It supports IP address management and DNS. ECSs in a subnet are assigned with its IP addresses.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      A subnet is a network that manages ECS network planes. It supports IP address management and DNS. ECSs in a subnet are assigned IP addresses from this subnet.
                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                      By default, ECSs in all subnets of the same VPC can communicate with one another, but ECSs in different VPCs cannot.
                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                      You can create a VPC peering connection to enable ECSs in different VPCs to communicate with each other.
                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                      Network Policies (supported by clusters using the container tunnel network model)
                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                      Whether to enable network policies. This configuration is supported by clusters of v1.25.16-r10, v1.27.16-r10, v1.28.15-r0, v1.29.10-r0, v1.30.6-r0, v1.31.1-r0, and later versions.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      Whether to enable network policies. The change works within 10 seconds. This configuration is supported by clusters of v1.25.16-r10, v1.27.16-r10, v1.28.15-r0, v1.29.10-r0, v1.30.6-r0, v1.31.1-r0, and later versions.
                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                      • Disabled: The network policy capability is not supported, and the created policies do not take effect.
                                                                                                                                                                                                                                                                                                                                                                                                                      • Enabled: If the CIDR blocks of a customer's service conflict with the on-premises CIDR blocks, the link to a newly added gateway may not be established.
                                                                                                                                                                                                                                                                                                                                                                                                                        For example, when a cluster accesses an external address through a Direct Connect connection, the switch outside the cloud does not support ip-option. If the network policy is enabled, the network access may fail.
                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                      Container CIDR Blocks (Available only in Clusters Using the VPC Network Model)
                                                                                                                                                                                                                                                                                                                                                                                                                      If a container CIDR block configured during cluster creation cannot meet service expansion requirements, you can add more container CIDR blocks. For details, see Adding a Container CIDR Block for a Cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                      Container CIDR Blocks (Available only in Clusters Using the VPC Network Model)
                                                                                                                                                                                                                                                                                                                                                                                                                      If a container CIDR block configured during cluster creation cannot meet service expansion requirements, you can add more container CIDR blocks. For details, see Expanding the Container CIDR Block of a Cluster That Uses a VPC Network.
                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                       
                                                                                                                                                                                                                                                                                                                                                                                                                      • This function is available only for clusters of v1.19 or later using a VPC network.
                                                                                                                                                                                                                                                                                                                                                                                                                      • An added container CIDR block cannot be deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                      
@@ -123,7 +123,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                      All Container ENI Pre-binding
                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                      • After this function is enabled, your cluster nodes will request for and bind the maximum number of ENIs supported by the node flavor. For example, if the maximum number of sub-ENIs supported by s7.large.2 nodes is 16, CCE will dynamically pre-bind 16 sub-ENIs to each node of this flavor.
                                                                                                                                                                                                                                                                                                                                                                                                                      • After this function is disabled, you can customize the pre-binding parameters on the console.
-
                                                                                                                                                                                                                                                                                                                                                                                                                        Table 3 Parameters of the dynamic ENI pre-binding policy
                                                                                                                                                                                                                                                                                                                                                                                                                        Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        
@@ -137,8 +137,8 @@
 
-
@@ -147,9 +147,9 @@
 
-
@@ -158,8 +158,8 @@
 
-
@@ -168,8 +168,8 @@
 
-
diff --git a/docs/cce/umn/cce_10_0785.html b/docs/cce/umn/cce_10_0785.html
index 4f545bf9d..a48ff08de 100644
--- a/docs/cce/umn/cce_10_0785.html
+++ b/docs/cce/umn/cce_10_0785.html
@@ -43,7 +43,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                        Priority-based Scheduling
                                                                                                                                                                                                                                                                                                                                                                                                                        Scheduling based on priority
                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                        This is a basic scheduling capability and cannot be disabled. The scheduler preferentially guarantees the running of high-priority pods, and will not evict low-priority pods that are running. For details, see Priority-based Scheduling.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        This is a basic scheduling capability and cannot be disabled. The scheduler preferentially guarantees the running of high-priority pods, and will not evict low-priority pods that are running. 
                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                        Resource Utilization Optimization Scheduling (Supported by the Volcano Scheduler)
                                                                                                                                                                                                                                                                                                                                                                                                                        Bin packing
                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                        With this option enabled, the cluster scheduler schedules pods to nodes that have the most requested resources. This reduces resource fragments on each node and improves the resource utilization of the cluster. For details, see Bin Packing.
                                                                                                                                                                                                                                                                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_10_0786.html b/docs/cce/umn/cce_10_0786.html
index da8161822..63353af61 100644
--- a/docs/cce/umn/cce_10_0786.html
+++ b/docs/cce/umn/cce_10_0786.html
@@ -4,17 +4,20 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                        Auto Scale-out Configuration
                                                                                                                                                                                                                                                                                                                                                                                                                        CCE Cluster Autoscaler comprehensively checks the resource statuses of an entire cluster. When the load of a microservice is high (for example, the CPU or memory usage is too high), it will add more pods to reduce the load.
                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                        Node Capacity Expansion Conditions
                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                        • Auto scale-out when the workload cannot be scheduled: If a workload pod cannot be scheduled, the system automatically scales out the node pool with auto scaling enabled. If the pod has been configured to be affinity for a node, the system will not automatically add more nodes.
                                                                                                                                                                                                                                                                                                                                                                                                                          Such auto scaling works with an HPA policy. For details, see Using HPA and CA for Auto Scaling of Workloads and Nodes.
                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                        • User-defined policy switch: specifies whether to automatically scale out a node pool based on the node scaling policies. This function is enabled by default.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                      • Custom node auto scaling policy: specifies whether to automatically scale out a node pool based on the node scaling policies. This function is enabled by default.
                                                                                                                                                                                                                                                                                                                                                                                                                        • 
+
                                                                                                                                                                                                                                                                                                                                                                                                                         
                                                                                                                                                                                                                                                                                                                                                                                                                        When both auto scale-out on a workload scheduling failure and metric-based node scaling policies are enabled and their conditions are met, CCE prioritizes the former.
                                                                                                                                                                                                                                                                                                                                                                                                                        • If the scale-out succeeds, CCE skips the metric-based policy and waits for the next cycle.
                                                                                                                                                                                                                                                                                                                                                                                                                        • If the scale-out fails, CCE executes the metric-based policy.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                        Upper limit of resources to be expanded
                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                        • Total Nodes: specifies how many nodes can be present in a cluster during scale-out. If there are more nodes in the cluster than the specified value, the cluster will not add nodes. The default value is determined by how many nodes a cluster can manage at most.
                                                                                                                                                                                                                                                                                                                                                                                                                        • Total Cores: specifies how many cores on all nodes can be present in a cluster during scale-out. If there are more cores in the cluster than the specified value, the cluster will not add nodes. By default, the number is not limited.
                                                                                                                                                                                                                                                                                                                                                                                                                        • Total Memory (GiB): specifies the upper limit of the total memory of all nodes in a cluster during scale-out. If the total memory exceeds the specified value, the cluster will not add nodes. By default, the number is not limited.
                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                         
                                                                                                                                                                                                                                                                                                                                                                                                                        When the total number of nodes, CPUs, and memory is collected, unavailable nodes in custom node pools are included but unavailable nodes in the default node pool are not included.
                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                        Scale-out Priority
                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                        You can drag and drop node pools in the list to adjust their scale-out priorities.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        You can adjust the scale-out priority by dragging the node pool list.
                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                        Auto Scale-In Configuration
                                                                                                                                                                                                                                                                                                                                                                                                                        CCE Cluster Autoscaler comprehensively checks the resource statuses of an entire cluster. Once it confirms that workload pods can be scheduled and run properly, it automatically obtains nodes for scale-in.
                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                        Node Scale-In Conditions
                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                        Nodes in a cluster comply with the default scale-in conditions by default. If scale-in conditions are customized for a node pool, the nodes in the node pool comply with the customized scale-in conditions.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        Auto Scale-in Configuration
                                                                                                                                                                                                                                                                                                                                                                                                                        CCE Cluster Autoscaler comprehensively checks the resource statuses of an entire cluster. Once it confirms that workload pods can be scheduled and run properly, it automatically obtains nodes for scale-in.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        Node Scale-in Conditions
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        Nodes in a cluster comply with the default scale-in conditions by default. If scale-in conditions are customized for a node pool, the nodes in the node pool comply with the customized scale-in conditions.
                                                                                                                                                                                                                                                                                                                                                                                                                        
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                        Table 3 Parameters of the dynamic elastic network interface pre-binding policy
                                                                                                                                                                                                                                                                                                                                                                                                                        Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                        Default Value
                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                        10
                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                        Minimum number of container ENIs bound to a node.
                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                        The parameter value must be a positive integer. The value 10 indicates that there are at least 10 container ENIs bound to a node. If the number you entered exceeds the container ENI quota of the node, the ENI quota will be used.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        Minimum number of container elastic network interfaces bound to a node.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        The parameter value must be a positive integer. The value 10 indicates that there are at least 10 container elastic network interfaces bound to a node. If the number you entered exceeds the container elastic network interface quota of the node, the elastic network interface quota of the node will be used.
                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                        Configure these parameters based on the number of pods.
                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                        0
                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                        If the number of ENIs bound to a node exceeds the value of nic-maximum-target, the system does not proactively pre-bind ENIs.
                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                        If the value of this parameter is greater than or equal to the value of nic-minimum-target, the check on the maximum number of the pre-bound ENIs is enabled. Otherwise, the check is disabled.
                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                        The parameter value must be a positive integer. The value 0 indicates that the check on the upper limit of pre-bound container ENIs is disabled. If the number you entered exceeds the container ENI quota of the node, the ENI quota will be used.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        If the number of elastic network interfaces bound to a node exceeds the value of nic-maximum-target, the system does not proactively pre-bind elastic network interfaces.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        If the value of this parameter is greater than or equal to the value of nic-minimum-target, the check on the maximum number of the pre-bound elastic network interfaces is enabled. Otherwise, the check is disabled.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        The parameter value must be a positive integer. The value 0 indicates that the check on the upper limit of pre-bound container elastic network interfaces is disabled. If the number you entered exceeds the container elastic network interface quota of the node, the elastic network interface quota of the node will be used.
                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                        Configure these parameters based on the number of pods.
                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                        2
                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                        Minimum number of pre-bound ENIs on a node. The value must be a number.
                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                        When the value of nic-warm-target + the number of bound ENIs is greater than the value of nic-maximum-target, the system will pre-bind ENIs based on the difference between the value of nic-maximum-target and the number of bound ENIs.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        Minimum number of pre-bound elastic network interfaces on a node. The value must be a number.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        When the value of nic-warm-target + the number of bound elastic network interfaces is greater than the value of nic-maximum-target, the system will pre-bind elastic network interfaces based on the difference between the value of nic-maximum-target and the number of bound elastic network interfaces.
                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                        Set this parameter to the number of pods that can be scaled out instantaneously within 10 seconds.
                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                        2
                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                        Only when the number of idle ENIs on a node minus the value of nic-warm-target is greater than the threshold, the pre-bound ENIs will be unbound and reclaimed. The value can only be a number.
                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                        • Setting a larger value of this parameter slows down the recycling of idle ENIs and accelerates pod startup. However, the IP address usage decreases, especially when IP addresses are insufficient. Therefore, exercise caution when increasing the value of this parameter.
                                                                                                                                                                                                                                                                                                                                                                                                                        • Setting a smaller value of this parameter accelerates the recycling of idle ENIs and improves the IP address usage. However, when a large number of pods increase instantaneously, the startup of some pods slows down.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        Only when the number of idle elastic network interfaces on a node minus the value of nic-warm-target is greater than the threshold, the pre-bound elastic network interfaces will be unbound and reclaimed. The value can only be a number.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        • Setting a larger value of this parameter slows down the recycling of idle elastic network interfaces and accelerates pod startup. However, the IP address usage decreases, especially when IP addresses are insufficient. Therefore, exercise caution when increasing the value of this parameter.
                                                                                                                                                                                                                                                                                                                                                                                                                        • Setting a smaller value of this parameter accelerates the recycling of idle elastic network interfaces and improves the IP address usage. However, when a large number of pods increase instantaneously, the startup of some pods slows down.
                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                        Set this parameter based on the difference between the number of pods that are frequently scaled on most nodes within minutes and the number of pods that are instantly scaled out on most nodes within 10 seconds.
                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                        
@@ -25,19 +28,19 @@
 
-
diff --git a/docs/cce/umn/cce_10_0787.html b/docs/cce/umn/cce_10_0787.html
index 324fa2425..51734626b 100644
--- a/docs/cce/umn/cce_10_0787.html
+++ b/docs/cce/umn/cce_10_0787.html
@@ -432,7 +432,7 @@
 
diff --git a/docs/cce/umn/cce_10_0788.html b/docs/cce/umn/cce_10_0788.html
index b7e10287f..790530578 100644
--- a/docs/cce/umn/cce_10_0788.html
+++ b/docs/cce/umn/cce_10_0788.html
@@ -1,7 +1,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                        Heterogeneous Resources
                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                        GPU Settings
                                                                                                                                                                                                                                                                                                                                                                                                                        • Default Cluster Driver: specifies the default GPU driver version used by the GPU nodes in a cluster. To use a custom driver, enter the download link of the NVIDIA driver. For details, see Obtaining the Driver Link from Public Network.
                                                                                                                                                                                                                                                                                                                                                                                                                        • Node Pool Configurations: If you do not want all GPU nodes in a cluster to use the same driver, CCE allows you to install a different GPU driver for each node pool. After you customize a GPU driver for a node pool, nodes in the node pool will preferentially use the custom driver. Nodes for which no driver is specified will use the cluster's default driver.
                                                                                                                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                                                                                                                          • The system installs the driver of the version specified for the node pool. The driver applies only to new nodes in the node pool.
                                                                                                                                                                                                                                                                                                                                                                                                                          • After the driver version is updated, it takes effect on the nodes newly added to the node pool. Existing nodes must restart to apply the changes.
                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                          GPU Settings
                                                                                                                                                                                                                                                                                                                                                                                                                          • Default Cluster Driver: specifies the default GPU driver version used by the GPU nodes in a cluster. To use a custom driver, enter the download link of the NVIDIA driver. For details, see Obtaining a Driver Link from the Internet.
                                                                                                                                                                                                                                                                                                                                                                                                                          • Node Pool Configurations: If you do not want all GPU nodes in a cluster to use the same driver, CCE allows you to install a different GPU driver for each node pool. After you customize a GPU driver for a node pool, nodes in the node pool will preferentially use the custom driver. Nodes for which no driver is specified will use the cluster's default driver.
                                                                                                                                                                                                                                                                                                                                                                                                                             
                                                                                                                                                                                                                                                                                                                                                                                                                            • The system installs the driver of the version specified for the node pool. The driver applies only to new nodes in the node pool.
                                                                                                                                                                                                                                                                                                                                                                                                                            • After the driver version is updated, it takes effect on the nodes newly added to the node pool. Existing nodes must restart to apply the changes.
                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_10_0789.html b/docs/cce/umn/cce_10_0789.html
index b39f01fdb..dc204afcd 100644
--- a/docs/cce/umn/cce_10_0789.html
+++ b/docs/cce/umn/cce_10_0789.html
@@ -2,7 +2,7 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                          Load-aware Scheduling
                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                          Volcano Scheduler offers CPU and memory load-aware scheduling for pods and preferentially schedules pods to the node with the lightest load to balance node loads. This prevents an application or node failure due to heavy loads on a single node.
                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                          Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                          Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                          Features
                                                                                                                                                                                                                                                                                                                                                                                                                          The Kubernetes native scheduler schedules resources only based on requested resources. However, the actual resource usage of a pod differs greatly from the requested or limited value of the requested resources, which is the cause of cluster load imbalance.
                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                          1. The actual resource usage of certain nodes in a cluster is far lower than the resource allocation rate, but no more pods are scheduled onto the nodes, leading to resource waste.
                                                                                                                                                                                                                                                                                                                                                                                                                          2. The scheduler failed to detect that some nodes in the cluster are overloaded, which could significantly affect the stability of the service.
                                                                                                                                                                                                                                                                                                                                                                                                                          
@@ -11,16 +11,16 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                          How It Works
                                                                                                                                                                                                                                                                                                                                                                                                                          Load-aware scheduling is implemented using both Volcano and the CCE cloud native monitoring add-on (kube-prometheus-stack). After load-aware scheduling is enabled, metrics such as CPU and memory loads are defined by following Prometheus adapter rules. Then, the kube-prometheus-stack add-on collects and saves the actual CPU and memory loads of each node based on the defined metric rules. Volcano scores and sorts nodes based on the metric values provided by the kube-prometheus-stack add-on and preferentially schedules pods to the node with the lightest load.
                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                          Load-aware scheduling scores each node using the weighted average of the CPU and memory metrics as well as the load-aware scheduling policy and preferentially selects the node with the highest score for scheduling. You can create custom weights for the CPU, memory, and load-aware scheduling policy on the Scheduling tab by choosing Settings in the navigation pane of the target cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                          The formula for scoring a node is as follows: Weight of the load-aware scheduling policy × [(1 - CPU usage) x CPU weight + (1 - Memory usage) × Memory weight]/(CPU weight + Memory weight)
                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                          The formula for scoring a node is as follows: Weight of the load-aware scheduling policy x [(1 - CPU usage) x CPU weight + (1 - Memory usage) x Memory weight]/(CPU weight + Memory weight)
                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                          • CPU usage: average CPU usage of all nodes in the target cluster in the last 10 minutes (The collection frequency can be modified in the Prometheus adapter rule.)
                                                                                                                                                                                                                                                                                                                                                                                                                          • Memory usage: average memory usage of all nodes in the target cluster in the last 10 minutes
                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                          Using Cloud Native Cluster Monitoring
                                                                                                                                                                                                                                                                                                                                                                                                                          1. After installing the Cloud Native Cluster Monitoring add-on, you need to enable Metrics API to provide container resource metrics such as CPU usage and memory usage.
                                                                                                                                                                                                                                                                                                                                                                                                                             
                                                                                                                                                                                                                                                                                                                                                                                                                            Resource metrics can be provided by Metrics API only when local data storage is enabled for the Cloud Native Cluster Monitoring add-on.
                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                            Check whether Metrics API has been enabled for the cluster. If it is enabled, you can skip this step.
                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                            Check whether the Metrics API has been enabled for the cluster. If so, skip this step.
                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                            kubectl get APIServices | grep v1beta1.metrics.k8s.io
                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                            If any command output is displayed, Metrics API is enabled. Skip this step and go to the next step to add metric collection rules.
                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                            If no Metrics API is found, you can manually create an APIService object to enable it.
                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                            1. Create a file named metrics-apiservice.yaml. Example file content:
                                                                                                                                                                                                                                                                                                                                                                                                                              apiVersion: apiregistration.k8s.io/v1
+
                                                                                                                                                                                                                                                                                                                                                                                                                              1. Create a file named metrics-apiservice.yaml. The file content is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                apiVersion: apiregistration.k8s.io/v1
 kind: APIService
 metadata:
   labels:
@@ -38,15 +38,15 @@ spec:
   version: v1beta1
   versionPriority: 100
                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                              2. Create an APIService object.
                                                                                                                                                                                                                                                                                                                                                                                                                                kubectl create -f metrics-apiservice.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                              3. Check whether Metrics API is enabled for the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                kubectl get APIServices | grep v1beta1.metrics.k8s.io
                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                              4. Check whether the Metrics API has been enabled for the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                kubectl get APIServices | grep v1beta1.metrics.k8s.io
                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                                                                                                                                                                                                                After Metrics API is enabled, if you need to uninstall the Cloud Native Cluster Monitoring add-on, run the following kubectl and delete the APIService object. Otherwise, the residual APIService resources will cause the Kubernetes Metrics Server add-on to fail to be installed.
                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                kubectl delete APIService v1beta1.metrics.k8s.io
                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                            2. Add collection rules for custom metrics.
                                                                                                                                                                                                                                                                                                                                                                                                                              1. Modify the user-adapter-config configuration item.
                                                                                                                                                                                                                                                                                                                                                                                                                                kubectl edit configmap user-adapter-config -n monitoring
                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                              2. Add collection rules to the rules field.
                                                                                                                                                                                                                                                                                                                                                                                                                                In the following example rules, the rules in red are new ones and those in black are existing ones:
                                                                                                                                                                                                                                                                                                                                                                                                                                ...
+
                                                                                                                                                                                                                                                                                                                                                                                                                              3. Add collection rules to the rules field.
                                                                                                                                                                                                                                                                                                                                                                                                                                In the example rules below, the rules in config.yaml are new ones and others are existing ones. Custom metric collection rules are related to the Cloud Native Cluster Monitoring add-on version. Select the rules based on the add-on version.
                                                                                                                                                                                                                                                                                                                                                                                                                                • For Cloud Native Cluster Monitoring of v3.12.0 or earlier versions:
                                                                                                                                                                                                                                                                                                                                                                                                                                  ...
 data:
-  config.yaml: >
+  config.yaml: |
     rules:
     - seriesQuery: '{__name__=~"node_cpu_seconds_total"}'
       resources:
@@ -93,23 +93,74 @@ data:
         containerLabel: container
       window: 1m
 ...
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                • For Cloud Native Cluster Monitoring of v3.12.1 or later versions:
                                                                                                                                                                                                                                                                                                                                                                                                                                  ...
+data:
+  config.yaml: |
+    rules:
+    - seriesQuery: '{__name__=~"node_cpu_seconds_total"}'
+      resources:
+        overrides:
+          node:
+            resource: node
+      name:
+        matches: node_cpu_seconds_total
+        as: node_cpu_usage_avg
+      metricsQuery: avg_over_time((1 - avg (irate(<<.Series>>{mode="idle"}[5m])) by (node))[10m:30s])
+    - seriesQuery: '{__name__=~"node_memory_MemTotal_bytes"}'
+      resources:
+        overrides:
+          node:
+            resource: node
+      name:
+        matches: node_memory_MemTotal_bytes
+        as: node_memory_usage_avg
+      metricsQuery: avg_over_time(((1-node_memory_MemAvailable_bytes/<<.Series>>))[10m:30s])
+    resourceRules:
+      cpu:
+        containerQuery: sum(rate(container_cpu_usage_seconds_total{<<.LabelMatchers>>,container!="",pod!=""}[1m])) by (<<.GroupBy>>)
+        nodeQuery: sum(rate(container_cpu_usage_seconds_total{<<.LabelMatchers>>, id='/'}[1m])) by (<<.GroupBy>>)
+        resources:
+          overrides:
+            node:
+              resource: node
+            namespace:
+              resource: namespace
+            pod:
+              resource: pod
+        containerLabel: container
+      memory:
+        containerQuery: sum(container_memory_working_set_bytes{<<.LabelMatchers>>,container!="",pod!=""}) by (<<.GroupBy>>)
+        nodeQuery: sum(container_memory_working_set_bytes{<<.LabelMatchers>>,id='/'}) by (<<.GroupBy>>)
+        resources:
+          overrides:
+            node:
+              resource: node
+            namespace:
+              resource: namespace
+            pod:
+              resource: pod
+        containerLabel: container
+      window: 1m
+...
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                The relevant parameters are as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                • Rules for collecting the average CPU usage
                                                                                                                                                                                                                                                                                                                                                                                                                                  • node_cpu_usage_avg: average CPU usage of nodes. The name of this metric cannot be changed.
                                                                                                                                                                                                                                                                                                                                                                                                                                  • metricsQuery: avg_over_time((1 - avg (irate(<<.Series>>{mode="idle"}[5m])) by (instance))[10m:30s]): statement for obtaining nodes' average CPU usage.
                                                                                                                                                                                                                                                                                                                                                                                                                                    metricsQuery indicates to obtain the average CPU usage of all nodes in the target cluster in the last 10 minutes. To change the period, for example, to the last 5 or 30 minutes, change 10m in red to 5m or 30m.
                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                • Rules for collecting the average memory usage
                                                                                                                                                                                                                                                                                                                                                                                                                                  • node_memory_usage_avg: average memory usage of nodes. The name of this metric cannot be changed.
                                                                                                                                                                                                                                                                                                                                                                                                                                  • metricsQuery: avg_over_time(((1-node_memory_MemAvailable_bytes/<<.Series>>))[10m:30s]): statement for obtaining nodes' average memory usage.
                                                                                                                                                                                                                                                                                                                                                                                                                                    metricsQuery indicates to obtain the average memory usage of all nodes in the target cluster in the last 10 minutes. To change the period, for example, to the last 5 or 30 minutes, change 10m in red to 5m or 30m.
                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                        • Redeploy the custom-metrics-apiserver workload in the monitoring namespace.
                                                                                                                                                                                                                                                                                                                                                                                                                          kubectl rollout restart deployment custom-metrics-apiserver -n monitoring
                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                        • Verify that the custom rules are configured successfully.
                                                                                                                                                                                                                                                                                                                                                                                                                          1. Run the following command. If the custom metric information is returned, the metric collection configuration on Prometheus is successful.
                                                                                                                                                                                                                                                                                                                                                                                                                            kubectl get --raw=/apis/custom.metrics.k8s.io/v1beta1
                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                          2. Query information about nodes in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                            kubectl get nodes 
                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                          3. Verify that the custom rules are configured successfully.
                                                                                                                                                                                                                                                                                                                                                                                                                            1. Run the following command. If the custom metric information is returned, the Prometheus metric collection is configured correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                              kubectl get --raw=/apis/custom.metrics.k8s.io/v1beta1
                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                            2. Obtain nodes in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                              kubectl get nodes 
                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                              Run the following command on any node. Replace xxxx with the obtained value of node_name. If you want to query the resource information of all nodes, replace xxxx with an asterisk (*).
                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                              kubectl get --raw=/apis/custom.metrics.k8s.io/v1beta1/nodes/xxxx/node_cpu_usage_avg
                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                              Information similar to the following is displayed.
                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                        • Enable load-aware scheduling.
                                                                                                                                                                                                                                                                                                                                                                                                                          After Volcano is installed, you can enable or disable load-aware scheduling on the Scheduling page by choose Settings in the navigation pane. This function is disabled by default.
                                                                                                                                                                                                                                                                                                                                                                                                                          1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                                                                                                                          2. Click the cluster name to access the cluster console. Choose Settings in the navigation pane. In the right pane, click the Scheduling tab.
                                                                                                                                                                                                                                                                                                                                                                                                                          3. In the Resource utilization optimization scheduling area, modify the load-aware scheduling settings.
                                                                                                                                                                                                                                                                                                                                                                                                                             
                                                                                                                                                                                                                                                                                                                                                                                                                            For optimal load-aware scheduling, disable bin packing because this policy preferentially schedules pods to the node with the maximal resources allocated based on pods' requested resources. This affects load-aware scheduling to some extent. For details about the combination of multiple policies, see Configuration Cases for Resource Usage-based Scheduling.
                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                          4. Enable load-aware scheduling.
                                                                                                                                                                                                                                                                                                                                                                                                                            After Volcano is installed, you can enable or disable load-aware scheduling on the Scheduling page by choose Settings in the navigation pane. This function is disabled by default.
                                                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                            2. Choose Settings in the navigation pane and click the Scheduling tab.
                                                                                                                                                                                                                                                                                                                                                                                                                            3. In the Resource Utilization-optimized Scheduling area, modify the load-aware scheduling settings.
                                                                                                                                                                                                                                                                                                                                                                                                                               
                                                                                                                                                                                                                                                                                                                                                                                                                              For optimal load-aware scheduling, disable bin packing because this policy preferentially schedules pods to the node with the maximal resources allocated based on pods' requested resources. This affects load-aware scheduling to some extent. For details about the combination of multiple policies, see Configuration Cases for Resource Usage-based Scheduling.
                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                              
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                        Table 1 Node scale-in conditions
                                                                                                                                                                                                                                                                                                                                                                                                                        Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                        Default Scale-In Conditions
                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                        If the CPU and memory allocation rates of a node are lower than a certain percentage (50% by default) for a period of time (10 minutes by default), or the node is unavailable for a period of time (20 minutes by default), the node will be scaled in.
                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                        Allocation rate = Total requested resources of all pods/Allocatable resources on the node
                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                        If the option Ignore the pre-allocated CPU and memory of the DaemonSet container is selected, CCE will not consider the CPU and memory resources pre-allocated to DaemonSet pods when determining whether to scale in cluster nodes. This means that the resources used by DaemonSet pods will not affect the scaling-in decision. If this option is not selected, the resources pre-allocated to DaemonSet pods will be included in the resource allocation calculations. This can cause the CPU and memory allocation rates to exceed the node scale-in threshold, potentially preventing nodes with low CPU and memory utilization from being scaled in.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        Allocation rate = Total requested resources of all pods/Allocatable resources on the node
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        If the option Ignore the pre-allocated CPU and memory of the DaemonSet container is selected, CCE will not consider the CPU and memory resources pre-allocated to DaemonSet pods when determining whether to scale in cluster nodes. This means that the resources used by DaemonSet pods will not affect the scaling-in decision. If this option is not selected, the resources pre-allocated to DaemonSet pods will be included in the resource allocation calculations. This can cause the CPU and memory allocation rates to exceed the node scale-in threshold, potentially preventing nodes with low CPU and memory utilization from being scaled in.
                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                        (Optional) Custom Scale-In Conditions
                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                        You can configure scale-in conditions for each node pool. If the CPU and memory allocation rates of nodes in a node pool are lower than a certain percentage (50% by default) for a period of time (10 minutes by default), the node pool will be scaled in.
                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                        Custom scale-in conditions are supported when the CCE Cluster Autoscaler add-on version is 1.25.181, 1.27.152, 1.28.120, 1.29.81, 1.30.48, 1.31.10, or later. If auto scaling is not enabled for all specifications in a node pool, custom scale-in conditions configured for the node pool do not take effect. For details about how to enable auto scaling for a node pool, see Configuring Node Pool Scaling Policies.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        Custom scale-in conditions are supported when the CCE Cluster Autoscaler add-on version is 1.25.181, 1.27.152, 1.28.120, 1.29.81, 1.30.48, 1.31.10, or later. If the auto scaling function is not enabled for all specifications in a node pool, custom scale-in conditions configured for the node pool do not take effect. For details about how to enable the auto scaling function for a node pool, see Configuring a Node Pool Auto Scaling Policy.
                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                        Scale-in Exception Scenarios
                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                        When a node meets the following exception scenarios, CCE will not scale in the node even if the node resources or status meets scale-in conditions:
                                                                                                                                                                                                                                                                                                                                                                                                                        • Resources on other nodes in the cluster are insufficient.
                                                                                                                                                                                                                                                                                                                                                                                                                        • Scale-in protection is enabled on the node. To enable or disable node scale-in protection, choose Nodes in the navigation pane and then click the Nodes tab. Locate the target node, choose More, and then enable or disable node scale-in protection in the Operation column.
                                                                                                                                                                                                                                                                                                                                                                                                                        • There is a pod with the non-scale label on the node.
                                                                                                                                                                                                                                                                                                                                                                                                                        • Policies such as reliability have been configured on some containers on the node.
                                                                                                                                                                                                                                                                                                                                                                                                                        • There are non-DaemonSet containers in the kube-system namespace on the node.
                                                                                                                                                                                                                                                                                                                                                                                                                        • (Optional) A container managed by a third-party pod controller is running on a node. Third-party pod controllers are for custom workloads except Kubernetes-native workloads such as Deployments and StatefulSets. Such controllers can be created using CustomResourceDefinitions.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                        When a node meets the following exception scenarios, CCE will not scale in the node even if the node resources or status meets scale-in conditions:
                                                                                                                                                                                                                                                                                                                                                                                                                        • Resources on other nodes in the cluster are insufficient.
                                                                                                                                                                                                                                                                                                                                                                                                                        • Scale-in protection is enabled on the node. To enable or disable node scale-in protection, choose Nodes in the navigation pane and then click the Nodes tab. Locate the target node, choose More, and then enable or disable node scale-in protection in the Operation column.
                                                                                                                                                                                                                                                                                                                                                                                                                        • There is a pod with the non-scale label on the node.
                                                                                                                                                                                                                                                                                                                                                                                                                        • Policies such as reliability have been configured on some containers on the node.
                                                                                                                                                                                                                                                                                                                                                                                                                        • There are non-DaemonSet containers in the kube-system namespace on the node.
                                                                                                                                                                                                                                                                                                                                                                                                                        • (Optional) A container managed by a third-party pod controller is running on a node. Third-party pod controllers are for custom workloads except Kubernetes-native workloads such as Deployments and StatefulSets. Such controllers can be created using CustomResourceDefinitions.
                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                        After CPU initialization, this period allows HPA to use a less strict criterion for getting CPU metrics. During this period, HPA will gather data on the CPU usage of the pod for scaling, regardless of any changes in the pod's readiness status. This parameter ensures continuous tracking of CPU usage, even when the pod status changes frequently.
                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                        Configuration suggestion: If the readiness status of pods fluctuates after startup and you want to prevent HPA misjudgment caused by the fluctuation, increase the value of this parameter to allow HPA to gather more comprehensive CPU usage data.
                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                         NOTE: 
                                                                                                                                                                                                                                                                                                                                                                                                                        Configure this parameter properly. If it is set to a small value, an unnecessary scale-out may occur due to CPU data fluctuations when the pod is just ready. If it is set to a large value, HPA may not be able to make a quick decision when a rapid response is needed.
                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                         NOTE: 
                                                                                                                                                                                                                                                                                                                                                                                                                        Configure this parameter properly. If it is set to a small value, an unnecessary scale-out may occur due to CPU data fluctuations when the pod enters the ready state. If it is set to a large value, HPA may not be able to make a quick decision when a rapid response is needed.
                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                        This parameter is available only in clusters of v1.23.16-r0, v1.25.11-r0, v1.27.8-r0, v1.28.6-r0, v1.29.2-r0, or later versions.
                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                        		
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                        Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                        
@@ -169,12 +220,13 @@ data:
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                        
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                        Using Self-Built Prometheus to Configure Load-aware Scheduling
                                                                                                                                                                                                                                                                                                                                                                                                                        1. Install prometheus-adapter in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                          1. Run the following commands to install prometheus-adapter:
                                                                                                                                                                                                                                                                                                                                                                                                                            git clone https://github.com/kubernetes-sigs/prometheus-adapter.git
+
                                                                                                                                                                                                                                                                                                                                                                                                                            Using On-premises Prometheus
                                                                                                                                                                                                                                                                                                                                                                                                                            1. Install prometheus-adapter in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                              1. Run the following commands to install prometheus-adapter:
                                                                                                                                                                                                                                                                                                                                                                                                                                git clone https://github.com/kubernetes-sigs/prometheus-adapter.git
 cd prometheus-adapter/deploy/manifests
 kubectl apply -f .
                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                              2. Modify the configuration for prometheus-adapter to connect to prometheus-server.
                                                                                                                                                                                                                                                                                                                                                                                                                                kubectl edit deployment prometheus-adapter -n monitoring
                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                Change the value of prometheus-url as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                • Change HTTPS to HTTP.
                                                                                                                                                                                                                                                                                                                                                                                                                                • Change the default domain name to the IP address and port of Prometheus Service. You can run the kubectl get service -n monitoring command to query the IP address and port.
                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                • prometheus-adapter supports HTTPS and HTTP. You can configure the protocol based on your custom-built Prometheus setup.
                                                                                                                                                                                                                                                                                                                                                                                                                                  • If TLS or HTTPS has been enabled for Prometheus, use HTTPS.
                                                                                                                                                                                                                                                                                                                                                                                                                                  • If TLS or HTTPS is not enabled for Prometheus and data is exposed only within the cluster via Services, use HTTP.
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                • Change the default domain name to the IP address and port of Prometheus Service. You can run the kubectl get service -n monitoring command to query the IP address and port.
                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                ...
       containers:
         - name: prometheus-adapter
@@ -186,12 +238,12 @@ kubectl apply -f .
                                                                                                                                                                                                                                                                                                                                                                                                                                
             - --secure-port=6443
             - --tls-cipher-suites=TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA
 ...
                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                          2. Verify that the native node_cpu_seconds_total and node_memory_MemAvailable_bytes metrics can be obtained on Prometheus.
                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                          3. Verify that the native node_cpu_seconds_total and node_memory_MemAvailable_bytes metrics can be obtained on Prometheus.
                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                        2. Enable Custom Metrics API to provide container resource metrics.
                                                                                                                                                                                                                                                                                                                                                                                                                          Check whether Custom Metrics API has been enabled for the cluster. If it is enabled, you can skip this step.
                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                        3. Enable Custom Metrics API to provide container resource metrics.
                                                                                                                                                                                                                                                                                                                                                                                                                          Check whether the custom Metrics API has been enabled for the cluster. If so, skip this step.
                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                          kubectl get APIServices | grep v1beta1.custom.metrics.k8s.io
                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                          If any command output is displayed, Custom Metrics API has been enabled. If no command output is displayed, perform the following operations to register the APIService object. (Note that the Service name and namespace must be consistent with those in the actual installation environment.) The following uses the default values of kube-prometheus.
                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                          1. Create a file named custom-metrics-apiservice.yaml. Example file content:
                                                                                                                                                                                                                                                                                                                                                                                                                            apiVersion: apiregistration.k8s.io/v1
+
                                                                                                                                                                                                                                                                                                                                                                                                                            1. Create a file named custom-metrics-apiservice.yaml. The file content is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                              apiVersion: apiregistration.k8s.io/v1
 kind: APIService
 metadata:
   labels:
@@ -210,7 +262,7 @@ spec:
   version: v1beta1
   versionPriority: 100
                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                            2. Create an APIService object.
                                                                                                                                                                                                                                                                                                                                                                                                                              kubectl create -f custom-metrics-apiservice.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                            3. Check whether Custom Metrics API is enabled for the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                              kubectl get APIServices | grep v1beta1.custom.metrics.k8s.io
                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                            4. Check whether the custom Metrics API has been enabled for the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                              kubectl get APIServices | grep v1beta1.custom.metrics.k8s.io
                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                          2. Add collection rules for custom metrics.
                                                                                                                                                                                                                                                                                                                                                                                                                            1. Modify the adapter-config configuration item.
                                                                                                                                                                                                                                                                                                                                                                                                                              kubectl edit configmap adapter-config -n monitoring
                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                            2. Add collection rules to the rules field.
                                                                                                                                                                                                                                                                                                                                                                                                                              Example collection rules:
                                                                                                                                                                                                                                                                                                                                                                                                                              ...
@@ -238,73 +290,119 @@ data:
 ...
                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                            3. Redeploy the prometheus-adapter workload in the monitoring namespace.
                                                                                                                                                                                                                                                                                                                                                                                                                              kubectl rollout restart deployment prometheus-adapter -n monitoring
                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                            4. Verify that the custom rules are configured successfully.
                                                                                                                                                                                                                                                                                                                                                                                                                              1. Run the following command. If the custom metric information is returned, the metric collection configuration on Prometheus is successful.
                                                                                                                                                                                                                                                                                                                                                                                                                                kubectl get --raw=/apis/custom.metrics.k8s.io/v1beta1
                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                              2. Query information about nodes in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                kubectl get nodes 
                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                              3. Verify that the custom rules are configured successfully.
                                                                                                                                                                                                                                                                                                                                                                                                                                1. Run the following command. If the custom metric information is returned, the Prometheus metric collection is configured correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                                  kubectl get --raw=/apis/custom.metrics.k8s.io/v1beta1
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                2. Obtain nodes in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                  kubectl get nodes 
                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  Run the following command on any node. Replace xxxx with the obtained value of node_name. If you want to query the resource information of all nodes, replace xxxx with an asterisk (*).
                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  kubectl get --raw=/apis/custom.metrics.k8s.io/v1beta1/nodes/xxxx/node_cpu_usage_avg
                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  Information similar to the following is displayed.
                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                            5. Enable load-aware scheduling.
                                                                                                                                                                                                                                                                                                                                                                                                                              After Volcano is installed, you can enable or disable load-aware scheduling on the Scheduling page by choose Settings in the navigation pane. This function is disabled by default.
                                                                                                                                                                                                                                                                                                                                                                                                                              1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                                                                                                                              2. Click the cluster name to access the cluster console. Choose Settings in the navigation pane. In the right pane, click the Scheduling tab.
                                                                                                                                                                                                                                                                                                                                                                                                                              3. In the Resource utilization optimization scheduling area, modify the load-aware scheduling settings.
                                                                                                                                                                                                                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                                                                                                                                                                                                                For optimal load-aware scheduling, disable bin packing because this policy preferentially schedules pods to the node with the maximal resources allocated based on pods' requested resources. This affects load-aware scheduling to some extent. For details about the combination of multiple policies, see Configuration Cases for Resource Usage-based Scheduling.
                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                              4. After installing Volcano, enable load-aware scheduling on the Settings > Scheduling page.
                                                                                                                                                                                                                                                                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                2. In the navigation pane, choose Settings. Then, click the Scheduling tab.
                                                                                                                                                                                                                                                                                                                                                                                                                                3. In the expert mode, click Try Now.
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                4. In the Volcano Scheduler settings, load-aware scheduling is disabled by default. You need to add the parameters in expert mode to enable this function.
                                                                                                                                                                                                                                                                                                                                                                                                                                   
                                                                                                                                                                                                                                                                                                                                                                                                                                  For optimal load-aware scheduling, disable bin packing because this policy preferentially schedules pods to the node with the maximal resources allocated based on pods' requested resources. This affects load-aware scheduling to some extent. For details about the combination of multiple policies, see Configuration Cases for Resource Usage-based Scheduling.
                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  ...
+default_scheduler_conf:
+  actions: allocate, backfill, preempt
+  metrics:
+    interval: 30s
+    type: prometheus_adaptor 
+  tiers:
+    - plugins:
+        - name: priority
+        - enableJobStarving: false
+          enablePreemptable: false
+          name: gang
+        - name: conformance
+        - name: oversubscription
+    - plugins:
+        - enablePreemptable: false
+          name: drf
+        - name: predicates
+        - name: nodeorder
+        - arguments:
+            cpu.weight: 1
+            memory.weight: 1
+            thresholds:
+               cpu: 80
+               mem: 80
+            usage.weight: 5
+          enablePredicate: true
+          name: usage
+    - plugins:
+        - name: cce-gpu-topology-predicate
+        - name: cce-gpu-topology-priority
+        - name: xgpu
+    - plugins:
+        - name: nodelocalvolume
+        - name: nodeemptydirvolume
+        - name: nodeCSIscheduling
+        - name: networkresource
+...
                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                  Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  Table 1 Parameters for load-aware scheduling
                                                                                                                                                                                                                                                                                                                                                                                                                                  Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  Description
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  Example Value
                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  Default Value
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  Description
                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  Load-Aware Scheduling Policy Weight
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  cpu.weight
                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  A larger value indicates a higher weight of the load-aware policy in overall scheduling.
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  1
                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  5
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  The CPU weight. The value ranges from 0 to 200. A larger value indicates CPU resources will be preferentially balanced.
                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  CPU Weight
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  memory.weight
                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  A larger value indicates CPU resources will be preferentially balanced.
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  1
                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  1
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  The memory weight. The value ranges from 0 to 200. A larger value indicates memory resources will be preferentially balanced.
                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  Memory Weight
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  thresholds.cpu
                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  A larger value indicates memory resources will be preferentially balanced.
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  80
                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  1
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  The actual CPU load threshold. The value ranges from 1 to 100. If a node's actual CPU usage exceeds the threshold, new workloads will be preferentially or forcibly scheduled to other nodes based on the constraints defined in enablePredicate. Existing workloads on this node remain unaffected.
                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  Actual load threshold effective mode
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  thresholds.mem
                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  • Soft constraint: When the actual CPU or memory load of a node reaches the threshold, new tasks will be preferentially allocated to underutilized nodes, but this node can still be scheduled.
                                                                                                                                                                                                                                                                                                                                                                                                                                  • Hard constraint: When the actual CPU or memory load of a node reaches the threshold, no new tasks can be scheduled to this node.
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  80
                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  Hard constraint
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  The actual memory load threshold. The value ranges from 1 to 100. If a node's actual memory usage exceeds the threshold, new workloads will be preferentially or forcibly scheduled to other nodes based on the constraints defined in enablePredicate. Existing workloads on this node remain unaffected.
                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  Actual CPU Load Threshold
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  usage.weight
                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  When a node's CPU usage goes beyond this threshold, workloads will be scheduled based on how the load threshold takes effect. New workloads will be preferentially or forcibly scheduled to other nodes. Existing workloads on the nodes are not affected.
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  5
                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  80
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  The weight for a load-aware scheduling policy. The value ranges from 0 to 200. A larger value indicates a higher weight of the load-aware policy in overall scheduling.
                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  Actual Memory Load Threshold
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  enablePredicate
                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  When a node's memory usage goes beyond this threshold, workloads will be scheduled based on how the load threshold takes effect. New workloads will be preferentially or forcibly scheduled to other nodes. Existing workloads on the nodes are not affected.
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  true
                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  80
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  How a load threshold takes effect. The value can be true or false.
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  • true: Hard constraints are enabled. If a node's actual CPU or memory load reaches the threshold, no new workloads will be scheduled to this node.
                                                                                                                                                                                                                                                                                                                                                                                                                                  • false: Soft constraints are enabled. If a node's actual CPU or memory load reaches the threshold, CCE will preferentially schedule new workloads to nodes whose CPU or memory load has not reached the threshold. However, workloads may still be scheduled to the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  name
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  usage
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  The name of the enabled add-on. The value is fixed as usage.
                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                   
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
-
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
 
diff --git a/docs/cce/umn/cce_10_0792.html b/docs/cce/umn/cce_10_0792.html
index 67c8d7817..5a44989c9 100644
--- a/docs/cce/umn/cce_10_0792.html
+++ b/docs/cce/umn/cce_10_0792.html
@@ -29,18 +29,18 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  Enabling Kubernetes Audit Logging
                                                                                                                                                                                                                                                                                                                                                                                                                                  Enabling audit logging during cluster creation
                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                                                                                                                                  2. Click Create Cluster. Then, configure the parameters and click Next: Select Add-on.
                                                                                                                                                                                                                                                                                                                                                                                                                                  3. On the displayed page, select Cloud Native Log Collection and click Next: Add-on Configuration.
                                                                                                                                                                                                                                                                                                                                                                                                                                  4. On the displayed page, select Kubernetes Audit Logs for Cloud Native Log Collection.
                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                  5. Click Next: Confirm configuration.
                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                  Enabling audit logging for an existing cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Logging.
                                                                                                                                                                                                                                                                                                                                                                                                                                  2. Click the Kubernetes Audit Logs tab and modify the settings in Logging Settings.
                                                                                                                                                                                                                                                                                                                                                                                                                                    Figure 1 Enabling audit logging for an existing cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                  3. Determine whether to enable logging for the audit component. If yes, click .
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                                                                                                                                  2. Click Create Cluster. Then, configure the parameters and click Next: Select Add-on.
                                                                                                                                                                                                                                                                                                                                                                                                                                  3. On the displayed page, select Cloud Native Log Collection and click Next: Configure Add-on.
                                                                                                                                                                                                                                                                                                                                                                                                                                  4. On the displayed page, select Kubernetes Audit Logs for Cloud Native Log Collection.
                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  5. Click Next: Confirm Settings.
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  Enabling audit logging for an existing cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Logging.
                                                                                                                                                                                                                                                                                                                                                                                                                                  2. Click the Kubernetes Audit Logs tab and modify the settings in Logging Settings.
                                                                                                                                                                                                                                                                                                                                                                                                                                    Figure 1 Enabling audit logging for an existing cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  3. Determine whether to enable logging for the audit component. If yes, click .
                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                  Viewing Kubernetes Audit Logs
                                                                                                                                                                                                                                                                                                                                                                                                                                  Viewing Kubernetes audit logs on the CCE console
                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Logging.
                                                                                                                                                                                                                                                                                                                                                                                                                                  2. Click the Kubernetes Audit Logs tab to view audit logs in the cluster. For details about related operations, see Log Tank Service User Guide.
                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                  Viewing Kubernetes audit logs on the LTS console
                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the LTS console and choose Log Management.
                                                                                                                                                                                                                                                                                                                                                                                                                                  2. Search for the log group by cluster ID and click the log group name to view the log streams. For details, see Log Tank Service User Guide.
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  Viewing Kubernetes Audit Logs
                                                                                                                                                                                                                                                                                                                                                                                                                                  Viewing Kubernetes audit logs on the CCE console
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                  2. In the navigation pane, choose Logging.
                                                                                                                                                                                                                                                                                                                                                                                                                                  3. Click the Kubernetes Audit Logs tab to view audit logs in the cluster. For details about related operations, see Log Tank Service User Guide.
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  Viewing Kubernetes audit logs on the LTS console
                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the LTS console and choose Log Management.
                                                                                                                                                                                                                                                                                                                                                                                                                                  2. Search for the log group by cluster ID and click the log group name to view the log streams. For details, see Log Tank Service User Guide.
                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                  Disabling Kubernetes Audit Logging
                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Logging.
                                                                                                                                                                                                                                                                                                                                                                                                                                  2. Click the Kubernetes Audit Logs tab.
                                                                                                                                                                                                                                                                                                                                                                                                                                  3. Disable the audit component and click .
                                                                                                                                                                                                                                                                                                                                                                                                                                     
                                                                                                                                                                                                                                                                                                                                                                                                                                    After you disable audit logging, logs are no longer written to the original log stream, but the existing logs will not be deleted and expenditures may be incurred for this.
                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                    Disabling Kubernetes Audit Logging
                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                    2. In the navigation pane, choose Logging.
                                                                                                                                                                                                                                                                                                                                                                                                                                    3. Click the Kubernetes Audit Logs tab.
                                                                                                                                                                                                                                                                                                                                                                                                                                    4. Disable the audit component and click .
                                                                                                                                                                                                                                                                                                                                                                                                                                       
                                                                                                                                                                                                                                                                                                                                                                                                                                      After you disable audit logging, logs are no longer written to the original log stream, but the existing logs will not be deleted and expenditures may be incurred for this.
                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                    
diff --git a/docs/cce/umn/cce_10_0793.html b/docs/cce/umn/cce_10_0793.html
index a280450e6..b0bbff80c 100644
--- a/docs/cce/umn/cce_10_0793.html
+++ b/docs/cce/umn/cce_10_0793.html
@@ -1,11 +1,11 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                    Collecting Kubernetes Events
                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                    The Cloud Native Log Collection add-on works with LTS to collect and store Kubernetes events and works with AOM to generate alarms.
                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                    The Cloud Native Log Collection add-on of CCE works with LTS to collect and store Kubernetes events and works with AOM to generate alarms.
                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                    Reporting Kubernetes Events to LTS
                                                                                                                                                                                                                                                                                                                                                                                                                                    To enable Kubernetes event collection, take the following steps.
                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                    Logging Has Been Enabled for a Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                    If logging has been enabled for a cluster but Kubernetes event collection has not been enabled, or the corresponding log collection policy has been deleted, you can manually create a log collection policy by taking the following steps:
                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Logging.
                                                                                                                                                                                                                                                                                                                                                                                                                                    2. In the upper right corner, click View Log Collection Policies.
                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                                                                                                                                      2. Click the cluster name to access the cluster console. In the navigation pane, choose Logging.
                                                                                                                                                                                                                                                                                                                                                                                                                                      3. In the upper right corner, click View Log Collection Policies.
                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                        All log collection policies are displayed.
                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                      4. Click Create Log Collection Policy. Then, select Kubernetes events and click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                      5. (After the creation is complete, you can view logs on the Logging page.) Select the log stream configured in the log collection policy to view the events reported to LTS.
                                                                                                                                                                                                                                                                                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_10_0809.html b/docs/cce/umn/cce_10_0809.html
index 1859423f4..e4a6f40b4 100644
--- a/docs/cce/umn/cce_10_0809.html
+++ b/docs/cce/umn/cce_10_0809.html
@@ -1,7 +1,7 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                        Logging FAQ
                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                        Indexes
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        Indexes
                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                        How Do I Disable Logging?
                                                                                                                                                                                                                                                                                                                                                                                                                                        Disabling container log and Kubernetes event collection
                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                        Method 1: Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Logging. In the upper right corner, click View Log Collection Policies. Then, locate and delete the corresponding log collection policy. 
                                                                                                                                                                                                                                                                                                                                                                                                                                        
@@ -19,7 +19,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                        How Do I Handle the Error in Stdout Logs of log-operator?
                                                                                                                                                                                                                                                                                                                                                                                                                                        Symptom:
                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                        2023/05/05 12:17:20.799 [E] call 3 times failed, reason: create group failed, projectID: xxx, groupName: k8s-log-xxx, err: create groups status code: 400, response: {"error_code":"LTS.0104","error_msg":"Failed to create log group, the number of log groups exceeds the quota"}, url: https://lts.***.com/v2/xxx/groups, process will retry after 45s
                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                        Solution: On the LTS console, delete unnecessary log groups. 
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        Solution: There is a log group quota on the LTS console. If this error occurs, go to the LTS console and delete some unnecessary log groups. 
                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                        What Can I Do If Container File Logs Cannot Be Collected When Docker Is Used as the Container Engine?
                                                                                                                                                                                                                                                                                                                                                                                                                                        Symptom:
                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                        A container file path is configured but is not mounted to the container, and Docker is used as the container engine. As a result, logs cannot be collected.
                                                                                                                                                                                                                                                                                                                                                                                                                                        
@@ -36,7 +36,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                        What Can I Do If Job Logs Cannot Be Collected?
                                                                                                                                                                                                                                                                                                                                                                                                                                        Troubleshooting: Check the job lifetime. If the job lifetime is less than 1 minute, the pod will be destroyed before logs are collected. In this case, logs cannot be collected.
                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                        Solution: Prolong the job lifetime.
                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                        What Can I Do If the Cloud Native Log Collection Add-on is Running Normally but Some Log Collection Policies Do Not Take Effect?
                                                                                                                                                                                                                                                                                                                                                                                                                                        Solution:
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        What Can I Do If the Cloud Native Log Collection Add-on Is Running Normally but Some Log Collection Policies Do Not Take Effect?
                                                                                                                                                                                                                                                                                                                                                                                                                                        Solution:
                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                        • If the log collection policy of the event type does not take effect or the add-on version is earlier than 1.5.0, check the stdout of the log-agent-otel-collector workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                          Go to the Add-ons page and click Cloud Native Log Collection. Then, click the Pods tab, locate log-agent-otel-collector, and choose More > View Log in the Operation column.
                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                        • If the log collection policy of the other type does not take effect and the add-on version is later than 1.5.0, check the log of log-agent-fluent-bit on the node where the container to be monitored is running.
                                                                                                                                                                                                                                                                                                                                                                                                                                          Go to the Add-ons page and click Cloud Native Log Collection. Then, click the Pods tab, locate log-agent-fluent-bit, and choose More > View Log in the Operation column.
                                                                                                                                                                                                                                                                                                                                                                                                                                          
@@ -55,19 +55,19 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                          Run the kubectl edit deploy -n monitoring log-agent-log-operator command on the node and add --kubernetes-buffer-size=20MB to the command lines of the log-operator container. The default value is 16MB. You can estimate the value based on the total size of pod information on the node. 0 indicates no limits.
                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                                                                                                                                          If the Cloud Native Log Collection add-on is upgraded, you need to reconfigure kubernetes-buffer-size.
                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                          Figure 1 Modifying the command line parameter of the log-operator container
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                          Figure 1 Modifying the command line parameter of the log-operator container
                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                        How Do I Change the Log Storage Period on Logging?
                                                                                                                                                                                                                                                                                                                                                                                                                                        1. On the Clusters page, hover the cursor over the cluster name to view the current cluster ID.
                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                        2. Log in to the LTS console. In the navigation pane, choose Log Management. In Log Groups, select a search criterion. Then, query the log group and log stream by cluster ID.
                                                                                                                                                                                                                                                                                                                                                                                                                                        3. Locate the log group and click Modify to configure the log storage period.
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        How Do I Change the Log Storage Period on Logging?
                                                                                                                                                                                                                                                                                                                                                                                                                                        1. Log in to the CCE console and choose Clusters. On the displayed page, hover the cursor over the cluster name to view the current cluster ID.
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        2. Log in to the LTS console. In the navigation pane, choose Log Management. In Log Groups, select a search criterion. Then, query the log group and log stream by cluster ID.
                                                                                                                                                                                                                                                                                                                                                                                                                                        3. Locate the log group and click Modify to configure the log storage period.
                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                        What Can I Do If the Log Group or Stream Specified in the Log Collection Policy Does Not Exist?
                                                                                                                                                                                                                                                                                                                                                                                                                                        • Scenario 1: The default log group or stream does not exist.
                                                                                                                                                                                                                                                                                                                                                                                                                                          Take Kubernetes events as an example. If the default log group or stream does not exist, a message will be displayed on the Kubernetes events page of the console. You can click Create Log Collection Policy to create a log group or stream.
                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                          After the log group or stream is created, the ID of the default log group or stream changes, and the existing log collection policy of the default log group or stream does not take effect. In this case, you can rectify the fault by referring to Scenario 2.
                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                        • Scenario 2: The default log group or stream exists but is inconsistent with that specified in the log collection policy.
                                                                                                                                                                                                                                                                                                                                                                                                                                          • The log collection policy, for example, default-stdout, can be modified as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Logging.
                                                                                                                                                                                                                                                                                                                                                                                                                                            2. In the upper right corner, click View Log Collection Policies. Then, locate the log collection policy and click Edit in the Operation column.
                                                                                                                                                                                                                                                                                                                                                                                                                                            3. Select Custom and configure the default log group or stream.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                          • If a log collection policy cannot be modified, for example, default-event, you need to re-create a log collection policy as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Logging.
                                                                                                                                                                                                                                                                                                                                                                                                                                            2. In the upper right corner, click View Log Collection Policies. Then, locate the log collection policy and click Delete in the Operation column.
                                                                                                                                                                                                                                                                                                                                                                                                                                            3. Click Create Log Collection Policy. Then, select Kubernetes events and click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            After the log group or steam is created, the ID of the default log group or stream changes, and the existing log collection policy of the default log group or stream does not take effect. In this case, you can rectify the fault by referring to Scenario 2.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                          • Scenario 2: The default log group or stream exists but is inconsistent with that specified in the log collection policy.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • The log collection policy, for example, default-stdout, can be modified as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                              1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Logging.
                                                                                                                                                                                                                                                                                                                                                                                                                                              2. In the upper right corner, click View Log Collection Policies. Then, locate the log collection policy and click Edit in the Operation column.
                                                                                                                                                                                                                                                                                                                                                                                                                                              3. Select Custom and configure the default log group or stream.
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            • If a log collection policy cannot be modified, for example, default-event, you need to re-create a log collection policy as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                              1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Logging.
                                                                                                                                                                                                                                                                                                                                                                                                                                              2. In the upper right corner, click View Log Collection Policies. Then, locate the log collection policy and click Delete in the Operation column.
                                                                                                                                                                                                                                                                                                                                                                                                                                              3. Click Create Log Collection Policy. Then, select Kubernetes events and click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                          • Scenario 3: The custom log group (stream) does not exist.
                                                                                                                                                                                                                                                                                                                                                                                                                                            CCE does not support the creation of non-default log groups (streams). You can create a non-default log group (stream) on the LTS console.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            After the creation is complete, take the following steps:
                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Logging.
                                                                                                                                                                                                                                                                                                                                                                                                                                            2. In the upper right corner, click View Log Collection Policies. Then, locate the log collection policy and click Edit in the Operation column.
                                                                                                                                                                                                                                                                                                                                                                                                                                            3. Select Custom and configure a log group or stream.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Logging.
                                                                                                                                                                                                                                                                                                                                                                                                                                            2. In the upper right corner, click View Log Collection Policies. Then, locate the log collection policy and click Edit in the Operation column.
                                                                                                                                                                                                                                                                                                                                                                                                                                            3. Select Custom and configure a log group or stream.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_10_0811.html b/docs/cce/umn/cce_10_0811.html
index aebe0a8cd..7f20bdf3c 100644
--- a/docs/cce/umn/cce_10_0811.html
+++ b/docs/cce/umn/cce_10_0811.html
@@ -8,6 +8,8 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                        6. 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                      6. Monitoring Custom Metrics on AOM
                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                        7. 
+
                                                                                                                                                                                                                                                                                                                                                                                                                                      7. Migrating Custom Views of Grafana
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        8. 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_10_0828.html b/docs/cce/umn/cce_10_0828.html
new file mode 100644
index 000000000..e5c244607
--- /dev/null
+++ b/docs/cce/umn/cce_10_0828.html
@@ -0,0 +1,148 @@
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        Grafana
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        Introduction
                                                                                                                                                                                                                                                                                                                                                                                                                                        Grafana is an open-source visualized data monitoring platform. It provides you with various charts and panels for real-time monitoring, analysis, and visualization of various metrics and data sources.
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        Installing the Add-on
                                                                                                                                                                                                                                                                                                                                                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                        2. In the navigation pane, choose Add-ons. Locate Grafana on the right and click Install.
                                                                                                                                                                                                                                                                                                                                                                                                                                        3. Configure Specifications of the add-on pods. You can adjust their CPU and memory quotas as needed.
                                                                                                                                                                                                                                                                                                                                                                                                                                        4. Configure the add-on parameters.
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                          Table 1 Add-on parameters
                                                                                                                                                                                                                                                                                                                                                                                                                                          Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                          Description
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                          Open-Source Community Version
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                          Select the open-source community version to be installed. This parameter is supported by Grafana v1.3.1 and later versions. After the add-on is installed, the open-source community version cannot be changed. To change this version, uninstall the add-on and then reinstall it.
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                          PVC Type
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                          To install Grafana, create a storage volume to store local data. When Grafana is uninstalled, this storage volume will not be deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                          • If you selected EVS, you need to select an EVS disk type. The EVS disk types supported by different regions may vary. You can select one disk type on the management console.
                                                                                                                                                                                                                                                                                                                                                                                                                                            EVS disks are charged by storage capacity and occupy your EVS disk quotas.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                          Capacity (GiB)
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                          Expand the disk capacity after the disk is created. The EVS disk size is 5 GiB by default. For details, see Related Operations.
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                          Interconnect with AOM
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                          Enable this function to report Prometheus data to AOM. After this function is enabled, you can select the corresponding AOM instance. The collected basic metrics are free of charge. Custom metrics are charged by AOM. To interconnect with AOM, you must have certain permissions. Only users in the admin user group can perform this operation.
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                          Public Access
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                          This option is available in Grafana 1.2.1 or later versions. After it is enabled, you need to select a load balancer as the Grafana service entry. Only load balancers in the VPC to which the cluster belongs can be selected. If a dedicated load balancer is used, you must configure network specifications for it.
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                           NOTICE: 
                                                                                                                                                                                                                                                                                                                                                                                                                                          If you allow public access, Grafana services will be exposed to the public network. It is recommended that you assess the security risks and establish access control policies.
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        5. Configure deployment policies for the add-on pods.
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                          Table 2 Configurations for add-on scheduling
                                                                                                                                                                                                                                                                                                                                                                                                                                          Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                          Description
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                          Node Affinity
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                          • Not configured: Node affinity is disabled for the add-on.
                                                                                                                                                                                                                                                                                                                                                                                                                                          • Specify node: Specify the nodes where the add-on is deployed. If you do not specify the nodes, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                                                                                                                                                                                                                                                                                                                                                                          • Specify node pool: Specify the node pool where the add-on is deployed. If you do not specify the node pools, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                                                                                                                                                                                                                                                                                                                                                                          • Customize affinity: Enter the labels of the nodes where the add-on is to be deployed for more flexible scheduling policies. If you do not specify node labels, the add-on will be randomly scheduled based on the default cluster scheduling policy.
                                                                                                                                                                                                                                                                                                                                                                                                                                            If multiple custom affinity policies are configured, ensure that there are nodes that meet all the affinity policies in the cluster. Otherwise, the add-on cannot run.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                          Toleration
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                          Using both taints and tolerations allows (not forcibly) the add-on Deployment to be scheduled to a node with the matching taints, and controls the Deployment eviction policies after the node where the Deployment is located is tainted.
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                          The add-on adds the default tolerance policy for the node.kubernetes.io/not-ready and node.kubernetes.io/unreachable taints, respectively. The tolerance time window is 60s.
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                          For details, see Configuring Tolerance Policies.
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        6. Click Install.
                                                                                                                                                                                                                                                                                                                                                                                                                                          After the add-on is installed, select the cluster and choose Add-ons in the navigation pane. On the displayed page, view the add-on in the Add-ons Installed area.
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        Components
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        Table 3 Add-on components
                                                                                                                                                                                                                                                                                                                                                                                                                                        Component
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        Description
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        Resource Type
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        grafana
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        This component provides the data visualization capability for Grafana.
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        Deployment
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        How to Use
                                                                                                                                                                                                                                                                                                                                                                                                                                        To access Grafana charts through a public network, you need to bind a LoadBalancer service to the Grafana container.
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        1. Log in to the CCE console and click the name of the cluster with the Grafana add-on installed to access the cluster console. In the navigation pane, choose Services & Ingresses.
                                                                                                                                                                                                                                                                                                                                                                                                                                        2. Click Create from YAML in the upper right corner to create a public network LoadBalancer Service for Grafana.
                                                                                                                                                                                                                                                                                                                                                                                                                                          apiVersion: v1
+kind: Service
+metadata:
+  name: grafana-lb     # Service name, which is customizable
+  namespace: monitoring
+  labels:
+    app: grafana
+  annotations:
+    kubernetes.io/elb.id: 038ff***     # Replace it with the ID of the public network load balancer in the VPC that the cluster belongs to.
+spec:
+  ports:
+    - name: cce-service-0
+      protocol: TCP
+      port: 80     #Service port, which can be customized.
+      targetPort: 3000     # Default Grafana port. Retain the default value.
+  selector:
+    app: grafana
+  type: LoadBalancer
                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        3. After the creation, visit load balancer public IP:Service port to access Grafana and select a proper dashboard to view the aggregated data.
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        Release History
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        Table 4 Grafana add-on
                                                                                                                                                                                                                                                                                                                                                                                                                                        Add-on Version
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        Supported Cluster Version
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        New Feature
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        1.3.2
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        v1.17
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        v1.19
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        v1.21
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        v1.23
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        v1.25
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        v1.27
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        v1.28
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        v1.29
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        v1.30
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        v1.31
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        v1.32
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        Clusters v1.32 are supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
+
diff --git a/docs/cce/umn/cce_10_0831.html b/docs/cce/umn/cce_10_0831.html
index 4ea312fdc..472af5c69 100644
--- a/docs/cce/umn/cce_10_0831.html
+++ b/docs/cce/umn/cce_10_0831.html
@@ -3,14 +3,14 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                        Configuring a Blocklist/Trustlist Access Policy for a LoadBalancer Service
                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                        When using a LoadBalancer Service, you can configure a trustlist or blocklist to specify the IP addresses that are allowed or denied accessing a load balancer listener.
                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                        • Trustlist: Only the IP addresses in the list can access the listener.
                                                                                                                                                                                                                                                                                                                                                                                                                                        • Blocklist: The IP addresses in the list are not allowed to access the listener.
                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                         
                                                                                                                                                                                                                                                                                                                                                                                                                                        After the blocklist or trustlist access policy is configured, if you delete the blocklist or trustlist access policy configuration on the CCE console or delete the target annotation from the YAML file, the configuration on the ELB will be retained.
                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                         
                                                                                                                                                                                                                                                                                                                                                                                                                                        After a blocklist or trustlist access policy is configured, if you delete the blocklist or trustlist access policy configuration on the CCE console or delete the target annotation from the YAML file, the configuration on the ELB will be retained.
                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                        Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                                        • A Kubernetes cluster is available and the cluster version meets the following requirements:
                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.23: v1.23.12-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.25: v1.25.7-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.27: v1.27.4-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.28: v1.28.2-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                          • Other clusters of later versions
                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                        • An IP address group has been created on the ELB console. 
                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                        Using the CCE Console
                                                                                                                                                                                                                                                                                                                                                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                        2. Choose Services & Ingresses in the navigation pane, click the Services tab, and click Create Service in the upper right corner.
                                                                                                                                                                                                                                                                                                                                                                                                                                        3. Configure Service parameters.
                                                                                                                                                                                                                                                                                                                                                                                                                                          • Service Name: Enter a service name, for example, service-acl.
                                                                                                                                                                                                                                                                                                                                                                                                                                          • Service Type: Select LoadBalancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                          • Service Affinity: Select cluster level or node level as needed. For details about the differences, see externalTrafficPolicy (Service Affinity).
                                                                                                                                                                                                                                                                                                                                                                                                                                          • Selector: Add a label and click Confirm. The Service will use this label to select pods. You can also click Reference Workload Label to use the label of an existing workload. In the dialog box that is displayed, select a workload and click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                          • Load Balancer
                                                                                                                                                                                                                                                                                                                                                                                                                                            Select a load balancer to be accessed. Only load balancers in the same VPC as the cluster are supported. If no load balancer is available, click Create Load Balancer to create one on the ELB console. Alternatively, select Auto create to create a load balancer. For details about parameter settings, see Table 1.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                          • Health Check: defaults to Global health check. You can configure this parameter as needed.
                                                                                                                                                                                                                                                                                                                                                                                                                                          • Ports
                                                                                                                                                                                                                                                                                                                                                                                                                                            • Protocol: protocol used by the Service.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • Service Port: port used by the Service. The port number ranges from 1 to 65535.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • Container Port: listener port of the workload. For example, Nginx uses port 80 by default.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                          • Access Control
                                                                                                                                                                                                                                                                                                                                                                                                                                            • Inherit ELB Configurations: CCE does not modify the existing access control configurations on the ELB console.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • Allow all IP addresses: No access control is configured.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • Trustlist: Only the selected IP address group can access the load balancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • Blocklist: The selected IP address group cannot access the load balancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Using the CCE Console
                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                            2. Choose Services & Ingresses in the navigation pane, click the Services tab, and click Create Service in the upper right corner.
                                                                                                                                                                                                                                                                                                                                                                                                                                            3. Configure Service parameters.
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Service Name: Enter a service name, for example, service-acl.
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Service Type: Select LoadBalancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Service Affinity: Select cluster level or node level as needed. For details about the differences, see Service Affinity (externalTrafficPolicy).
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Selector: Add a label and click Confirm. The Service will use this label to select pods. You can also click Reference Workload Label to use the label of an existing workload. In the dialog box that is displayed, select a workload and click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Load Balancer
                                                                                                                                                                                                                                                                                                                                                                                                                                                Select a load balancer to be accessed. Only load balancers in the same VPC as the cluster are supported. If no load balancer is available, click Create Load Balancer to create one on the ELB console. Alternatively, select Auto create to create a load balancer. For details about parameter settings, see Table 1.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Health Check: defaults to Global health check. You can configure this parameter as needed.
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Ports
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Protocol: the protocol used by the Service.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Service Port: the port used by the Service. The port number ranges from 1 to 65535.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Container Port: the port that the workload listens on. For example, Nginx uses port 80 by default.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Access Control
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Inherit ELB Configurations: CCE does not modify the existing access control configurations on the ELB console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Allow all IP addresses: No access control is configured.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Trustlist: Only the selected IP address group can access the load balancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Blocklist: The selected IP address group cannot access the load balancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                                                                                                                                                                                                                                For clusters of v1.25.16-r10, v1.27.16-r10, v1.28.15-r0, v1.29.10-r0, v1.30.6-r0, v1.31.1-r0, or later, when using a dedicated load balancer, you can select a maximum of five IP address groups at a time for access control.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                              
@@ -37,38 +37,38 @@ spec:
   type: LoadBalancer
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                            Table 1 Annotations for ELB access control
                                                                                                                                                                                                                                                                                                                                                                                                                                            Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
-
-
-
-
-
-
-
-
-
-
diff --git a/docs/cce/umn/cce_10_0832.html b/docs/cce/umn/cce_10_0832.html
index 4a9fa9492..f51daa414 100644
--- a/docs/cce/umn/cce_10_0832.html
+++ b/docs/cce/umn/cce_10_0832.html
@@ -6,9 +6,9 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                                            • A CCE standard or Turbo cluster is available, and the cluster version meets the following requirements:
                                                                                                                                                                                                                                                                                                                                                                                                                                              • v1.23: v1.23.12-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                              • v1.25: v1.25.7-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                              • v1.27: v1.27.4-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                              • v1.28: v1.28.2-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Other clusters of later versions
                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            • An IP address group has been created on the ELB console. 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                            Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                                                                                            • After a blocklist/trustlist access policy is configured, if you delete the blocklist/trustlist access policy configuration on the CCE console or delete the target annotation from the YAML file, the configuration on the ELB will be retained.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • If multiple ingresses share the same external port on a load balancer, you are advised to use the same blocklist/trustlist configuration for these ingresses. Otherwise, the configuration of the first created ingress will take precedence. For details, see Configuring Multiple Ingresses to Use the Same External ELB Port.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                                                                                            • After a blocklist or trustlist access policy is configured, if you delete the blocklist or trustlist access policy configuration on the CCE console or delete the target annotation from the YAML file, the configuration on the ELB will be retained.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • If multiple ingresses share the same external port on a load balancer, you are advised to use the same blocklist/trustlist configuration for these ingresses. Otherwise, the configuration of the first created ingress will take precedence. For details, see Configuring Multiple Ingresses to Use the Same Load Balancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                            Using the CCE Console to Configure a Blocklist/Trustlist Access Policy
                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                            2. Choose Services & Ingresses in the navigation pane, click the Ingresses tab, and click Create Ingress in the upper right corner.
                                                                                                                                                                                                                                                                                                                                                                                                                                            3. Configure ingress parameters.
                                                                                                                                                                                                                                                                                                                                                                                                                                               
                                                                                                                                                                                                                                                                                                                                                                                                                                              This example explains only key parameters for configuring blocklist/trustlist access policies. You can configure other parameters as required. For details, see Creating a LoadBalancer Ingress on the Console.
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              Using the CCE Console to Configure a Blocklist/Trustlist Access Policy
                                                                                                                                                                                                                                                                                                                                                                                                                                              1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                              2. Choose Services & Ingresses in the navigation pane, click the Ingresses tab, and click Create Ingress in the upper right corner.
                                                                                                                                                                                                                                                                                                                                                                                                                                              3. Configure ingress parameters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                                                                                                                                                                                                                                This example explains only key parameters for configuring blocklist/trustlist access policies. You can configure other parameters as required. For details, see Creating a LoadBalancer Ingress on the Console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            Table 1 Annotations for ELB access control
                                                                                                                                                                                                                                                                                                                                                                                                                                            Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            Type
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Type
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            Description
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Description
                                                                                                                                                                                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                                                                                                                                                                                             		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            kubernetes.io/elb.acl-id
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            kubernetes.io/elb.acl-id
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            String
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            String
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            • If this parameter is not specified, CCE does not modify access control on the ELB.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • If this parameter is left empty, all IP addresses are allowed to access the load balancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • If this parameter is set to the IP address group ID of the load balancer, access control is enabled and you need to configure an IP address blocklist or trustlist for the load balancer. Additionally, you need to configure both kubernetes.io/elb.acl-status and kubernetes.io/elb.acl-type.
                                                                                                                                                                                                                                                                                                                                                                                                                                               NOTE: 
                                                                                                                                                                                                                                                                                                                                                                                                                                              For clusters of v1.25.16-r10, v1.27.16-r10, v1.28.15-r0, v1.29.10-r0, v1.30.6-r0, v1.31.1-r0, or later, when using a dedicated load balancer, you can select a maximum of five IP address groups at a time, separated by commas (,).
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            • If this parameter is not specified, CCE does not modify access control on the ELB.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • If this parameter is left empty, all IP addresses are allowed to access the load balancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • If this parameter is set to the IP address group ID of the load balancer, access control is enabled and you need to configure an IP address blocklist or trustlist for the load balancer. Additionally, you need to configure both kubernetes.io/elb.acl-status and kubernetes.io/elb.acl-type.
                                                                                                                                                                                                                                                                                                                                                                                                                                               NOTE: 
                                                                                                                                                                                                                                                                                                                                                                                                                                              For clusters of v1.25.16-r10, v1.27.16-r10, v1.28.15-r0, v1.29.10-r0, v1.30.6-r0, v1.31.1-r0, or later, when using a dedicated load balancer, you can select a maximum of five IP address groups at a time, separated by commas (,).
                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                              How to obtain:
                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                              Log in to the console. In the Service List, choose Networking > Elastic Load Balance. On the Network Console, choose Elastic Load Balance > IP Address Groups and copy the ID of the target IP address group. 
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              Log in to the ELB console, choose Elastic Load Balance > IP Address Groups, and copy the ID of the target IP address group. 
                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                                                                                                                                                                                             		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            kubernetes.io/elb.acl-status
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            kubernetes.io/elb.acl-status
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            String
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            String
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            This parameter is mandatory when you configure an IP address blocklist or trustlist for a load balancer. Options:
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            This parameter is mandatory when you configure an IP address blocklist or trustlist for a load balancer. Options:
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            • on or true: Access control is enabled.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • off or false: Access control is disabled.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                                                                                                                                                                                             		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            kubernetes.io/elb.acl-type
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            kubernetes.io/elb.acl-type
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            String
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            String
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            This parameter is mandatory when you configure an IP address blocklist or trustlist for a load balancer. Options:
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            This parameter is mandatory when you configure an IP address blocklist or trustlist for a load balancer. Options:
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            • black: indicates a blocklist. The selected IP address group cannot access the load balancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • white: indicates a trustlist. Only the selected IP address group can access the load balancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                                                                                                                                                                                             		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
-
@@ -85,38 +85,38 @@ spec:
   ingressClassName: cce      
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                            Table 1 Key parameters
                                                                                                                                                                                                                                                                                                                                                                                                                                            Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                            
@@ -35,12 +35,12 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            Listener
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            • External Protocol: HTTP and HTTPS are available.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • External Port: specifies the port of the load balancer listener.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • Access Control
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Inherit ELB Configurations: CCE does not modify the existing access control configurations on the ELB console.
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Allow all IP addresses: No access control is configured.
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Trustlist: Only the selected IP address group can access the load balancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Blocklist: The selected IP address group cannot access the load balancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            • Frontend Protocol: HTTP and HTTPS are available.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • External Port: specifies the port of the load balancer listener.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • Access Control
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Inherit ELB Configurations: CCE does not modify the existing access control configurations on the ELB console.
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Allow all IP addresses: No access control is configured.
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Trustlist: Only the selected IP address group can access the load balancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Blocklist: The selected IP address group cannot access the load balancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                               NOTE: 
                                                                                                                                                                                                                                                                                                                                                                                                                                              For clusters of v1.25.16-r10, v1.27.16-r10, v1.28.15-r0, v1.29.10-r0, v1.30.6-r0, v1.31.1-r0, or later, when using a dedicated load balancer, you can select a maximum of five IP address groups at a time for access control.
                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            • External Protocol: HTTP
                                                                                                                                                                                                                                                                                                                                                                                                                                            • External Port: 80
                                                                                                                                                                                                                                                                                                                                                                                                                                            • Advanced Options
                                                                                                                                                                                                                                                                                                                                                                                                                                              Access Control: Blocklist
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            • Frontend Protocol: HTTP
                                                                                                                                                                                                                                                                                                                                                                                                                                            • External Port: 80
                                                                                                                                                                                                                                                                                                                                                                                                                                            • Advanced Options
                                                                                                                                                                                                                                                                                                                                                                                                                                              Access Control: Blocklist
                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                                                                                                                                                                                             		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            Table 2 Annotations for ELB access control
                                                                                                                                                                                                                                                                                                                                                                                                                                            Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
-
-
-
-
-
-
-
-
-
-
diff --git a/docs/cce/umn/cce_10_0833.html b/docs/cce/umn/cce_10_0833.html
index b6ae3e898..bc165e4bf 100644
--- a/docs/cce/umn/cce_10_0833.html
+++ b/docs/cce/umn/cce_10_0833.html
@@ -2,9 +2,9 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            Managing Custom Resources
                                                                                                                                                                                                                                                                                                                                                                                                                                            Custom Resource Definition (CRD) is an extension of Kubernetes APIs. When default Kubernetes resources cannot meet service requirements, you can use CRDs to define new resource types. According to CRD, you can create custom resources in a cluster to meet service requirements. CRD allows you to create new resource types without adding new Kubernetes API servers. This makes cluster management more flexible.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                            Creating a CRD
                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                                                                                                                                            2. Click the cluster name to go to the cluster console, choose Custom Resources in the navigation pane, and click the Create from YAML in the upper right corner.
                                                                                                                                                                                                                                                                                                                                                                                                                                            3. Customize the YAML file to create a CRD based on service requirements. For details, see Extend the Kubernetes API with CustomResourceDefinitions.
                                                                                                                                                                                                                                                                                                                                                                                                                                            4. Click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Creating a CRD
                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                                                                                                                                            2. Click the cluster name to go to the cluster console, choose Custom Resources in the navigation pane, and click the Create from YAML in the upper right corner.
                                                                                                                                                                                                                                                                                                                                                                                                                                            3. Customize the YAML file to create a CRD based on service requirements. For details, see Extend the Kubernetes API with CustomResourceDefinitions.
                                                                                                                                                                                                                                                                                                                                                                                                                                            4. Click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                            Viewing CRDs and Their Resources
                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                                                                                                                                            2. Click the cluster name to access the cluster console. Choose Custom Resources in the navigation pane.
                                                                                                                                                                                                                                                                                                                                                                                                                                            3. On the Custom Resources page, view CRDs and their resources.
                                                                                                                                                                                                                                                                                                                                                                                                                                              • View a CRD and its YAML.
                                                                                                                                                                                                                                                                                                                                                                                                                                                All CRDs in the cluster as well as their API groups, API versions, and resource application scopes are listed. Click View YAML in the Operation column of a CRD to view its YAML.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                Viewing CRDs and Their Resources
                                                                                                                                                                                                                                                                                                                                                                                                                                                1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                2. Click the cluster name to access the cluster console. Choose Custom Resources in the navigation pane.
                                                                                                                                                                                                                                                                                                                                                                                                                                                3. On the Custom Resources page, view CRDs and their resources.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • View a CRD and its YAML.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    All CRDs in the cluster as well as their API groups, API versions, and resource application scopes are listed. Click View YAML in the Operation column of a CRD to view its YAML.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                    You can enter a keyword in the search box to search for target resource types.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • View the resources of a CRD.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    Locate a CDR in the list and click View Details in the Operation column to view the resources.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
diff --git a/docs/cce/umn/cce_10_0836.html b/docs/cce/umn/cce_10_0836.html
index c25bd5115..312bfbaae 100644
--- a/docs/cce/umn/cce_10_0836.html
+++ b/docs/cce/umn/cce_10_0836.html
@@ -3,7 +3,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Monitoring
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  CCE monitors applications and resources and collects metrics and events to analyze application health status. You can choose Settings from the navigation pane, click the Monitoring tab, and change monitoring parameters on the console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Log Configuration
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Collection configuration
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Send stdout Logs to AOM 1.0 (No more evolution): Logging in AOM 1.0 has not been improved, so you are advised to disable this function and use LTS logging instead. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Send stdout Logs to AOM 1.0 (No more evolution): Logging in AOM 1.0 has not been improved, so you are advised to disable this function and use LTS logging instead. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
diff --git a/docs/cce/umn/cce_10_0839.html b/docs/cce/umn/cce_10_0839.html
index d55f8148c..295d60649 100644
--- a/docs/cce/umn/cce_10_0839.html
+++ b/docs/cce/umn/cce_10_0839.html
@@ -1,12 +1,12 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  (Recommended) Creating an SFS Turbo Subdirectory Using a Dynamic PV
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  When an SFS Turbo volume is mounted to a workload container, the root directory is mounted to the container by default. However, the minimum capacity of an SFS Turbo volume is 500 GiB, which exceeds the capacity required by most workloads, leading to a waste of storage resources. CCE enables efficient utilization of storage capacity by creating SFS Turbo subdirectories dynamically when you create a PVC. If your Everest version is 2.4.73 or later, you can configure the capacities of these subdirectories. This allows multiple workloads to share the SFS Turbo file system.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  When an SFS Turbo volume is mounted to a workload container, the root directory is mounted to the container by default. However, the minimum capacity of an SFS Turbo volume is 500 GiB, which exceeds the capacity required by most workloads, leading to a waste of storage resources. CCE enables efficient utilization of storage capacity by creating SFS Turbo subdirectories dynamically when you create a PVC. If your Everest version is 2.4.73, you can configure the capacities of these subdirectories. This allows multiple workloads to share the SFS Turbo file system.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • You have created a cluster and installed the CCE Container Storage (Everest) add-on of v2.3.23 or later in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • To create a cluster using commands, ensure kubectl is used. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • You have created an available SFS Turbo file system, and the SFS Turbo file system and the cluster are in the same VPC.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Notes and Restrictions on Subdirectory Quotas
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • If the subdirectory quota is less than 1 GiB, it is automatically set to 1 GiB. The maximum quota cannot exceed the capacity of the target SFS Turbo file system. The minimum scale-out step is 1 GiB, and capacity reduction is not allowed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Once a subdirectory quota is configured, it cannot be canceled.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • The number of files or subdirectories in a file system is determined by the quota capacity (in KB) divided by 16. The upper limit is set at 1 billion and cannot be changed by users.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Dynamically Creating an SFS Turbo Subdirectory on the Console
                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. Choose Storage in the navigation pane. In the right pane, click the PVCs tab. Click Create PVC in the upper right corner. In the dialog box displayed, configure PVC parameters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                    Dynamically Creating an SFS Turbo Subdirectory Using the Console
                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    2. Choose Storage in the navigation pane. In the right pane, click the PVCs tab. Click Create PVC in the upper right corner. In the dialog box displayed, configure PVC parameters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            Table 2 Annotations for ELB access control
                                                                                                                                                                                                                                                                                                                                                                                                                                            Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            Type
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Type
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            Description
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Description
                                                                                                                                                                                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                                                                                                                                                                                             		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            kubernetes.io/elb.acl-id
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            kubernetes.io/elb.acl-id
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            String
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            String
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            • If this parameter is not specified, CCE does not modify access control on the ELB.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • If this parameter is left empty, all IP addresses are allowed to access the load balancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • If this parameter is set to the IP address group ID of the load balancer, access control is enabled and you need to configure an IP address blocklist or trustlist for the load balancer. Additionally, you need to configure both kubernetes.io/elb.acl-status and kubernetes.io/elb.acl-type.
                                                                                                                                                                                                                                                                                                                                                                                                                                               NOTE: 
                                                                                                                                                                                                                                                                                                                                                                                                                                              For clusters of v1.25.16-r10, v1.27.16-r10, v1.28.15-r0, v1.29.10-r0, v1.30.6-r0, v1.31.1-r0, or later, when using a dedicated load balancer, you can select a maximum of five IP address groups at a time, separated by commas (,).
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            • If this parameter is not specified, CCE does not modify access control on the ELB.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • If this parameter is left empty, all IP addresses are allowed to access the load balancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • If this parameter is set to the IP address group ID of the load balancer, access control is enabled and you need to configure an IP address blocklist or trustlist for the load balancer. Additionally, you need to configure both kubernetes.io/elb.acl-status and kubernetes.io/elb.acl-type.
                                                                                                                                                                                                                                                                                                                                                                                                                                               NOTE: 
                                                                                                                                                                                                                                                                                                                                                                                                                                              For clusters of v1.25.16-r10, v1.27.16-r10, v1.28.15-r0, v1.29.10-r0, v1.30.6-r0, v1.31.1-r0, or later, when using a dedicated load balancer, you can select a maximum of five IP address groups at a time, separated by commas (,).
                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                              How to obtain:
                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                              Log in to the console. In the Service List, choose Networking > Elastic Load Balance. On the Network Console, choose Elastic Load Balance > IP Address Groups and copy the ID of the target IP address group. 
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              Log in to the ELB console, choose Elastic Load Balance > IP Address Groups, and copy the ID of the target IP address group. 
                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                                                                                                                                                                                             		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            kubernetes.io/elb.acl-status
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            kubernetes.io/elb.acl-status
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            String
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            String
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            This parameter is mandatory when you configure an IP address blocklist or trustlist for a load balancer. Options:
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            This parameter is mandatory when you configure an IP address blocklist or trustlist for a load balancer. Options:
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            • on or true: Access control is enabled.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • off or false: Access control is disabled.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                                                                                                                                                                                             		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            kubernetes.io/elb.acl-type
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            kubernetes.io/elb.acl-type
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            String
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            String
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            This parameter is mandatory when you configure an IP address blocklist or trustlist for a load balancer. Options:
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            This parameter is mandatory when you configure an IP address blocklist or trustlist for a load balancer. Options:
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            • black: indicates a blocklist. The selected IP address group cannot access the load balancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • white: indicates a trustlist. Only the selected IP address group can access the load balancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                                                                                                                                                                                             		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
@@ -78,18 +78,18 @@ metadata:
   name: pvc-sfsturbo-subpath    # PVC name
   namespace: default
   annotations:
-    everest.io/volume-as: absolute-path                # An SFS Turbo subdirectory is used.
-    everest.io/sfsturbo-share-id: <sfsturbo_id>        # SFS Turbo ID
-    everest.io/path: /a                                # Subdirectory that is automatically created, which must be an absolute path
-    everest.io/reclaim-policy: retain-volume-only      # When a PVC is deleted, the PV will be deleted, but the subdirectories associated with the PV will be retained.
-    everest.io/csi.enable-sfsturbo-dir-quota: "true"   # Status of quota limit
+    everest.io/volume-as: absolute-path                # An SFS Turbo subdirectory is used.
+    everest.io/sfsturbo-share-id: <sfsturbo_id>        # SFS Turbo ID
+    everest.io/path: /a                                # Subdirectory that is automatically created, which must be an absolute path
+    everest.io/reclaim-policy: retain-volume-only      # When a PVC is deleted, the PV is deleted, but its associated subdirectories are retained.
+    everest.io/csi.enable-sfsturbo-dir-quota: "true"   # The status of quota limit
 spec:
   accessModes:
     - ReadWriteMany      # ReadWriteMany must be selected for SFS Turbo.
   resources:
     requests:
 
-      storage: 10Gi      # For SFS Turbo subdirectory PVCs, this configuration specifies the capacity of a subdirectory when quota limit is enabled. In other scenarios, it is meaningless and only used for verification (the value cannot be empty or 0).
+      storage: 10Gi      # For SFS Turbo subdirectory PVCs, this configuration specifies the capacity of a subdirectory when quota limit is enabled. In other scenarios, it is only used for verification and must not be empty or 0.
   storageClassName: csi-sfsturbo     # StorageClass name of the SFS Turbo file system
                                                                                                                                                                                                                                                                                                                                                                                                                                            Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                                                                                                                                                                                             		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            Description
                                                                                                                                                                                                                                                                                                                                                                                                                                            
@@ -30,7 +30,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            Storage Classes
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            Choose csi-sfsturbo. You can customize a StorageClass and configure its reclaim policy and binding mode. For details, see Creating a StorageClass Using the CCE Console.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Choose csi-sfsturbo. You can customize a StorageClass and configure its reclaim policy and binding mode. For details, see Creating a StorageClass Through the Console.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                                                                                                                                                                                             		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            Access Mode
                                                                                                                                                                                                                                                                                                                                                                                                                                            
@@ -51,7 +51,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            Subdirectory Reclaim Policy
                                                                                                                                                                                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                                                                                                                                                                                             		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            Determine whether to retain subdirectories when a PVC is deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                            • Retain: If a PVC is deleted, the PV will be deleted, but the subdirectories associated with the PV will be retained.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • Delete: After a PVC is deleted, the PV and its associated subdirectories will also be deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                               NOTE: 
                                                                                                                                                                                                                                                                                                                                                                                                                                              When a subdirectory is deleted, only the absolute path of the subdirectory configured in the PVC will be deleted. The upper-layer directory will not be deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Retain: When a PVC is deleted, the PV is deleted, but its associated subdirectories are retained.
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Delete: When a PVC is deleted, the PV and its associated subdirectories are also deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                 NOTE: 
                                                                                                                                                                                                                                                                                                                                                                                                                                                When a subdirectory is deleted, only the absolute path of the subdirectory specified in the PVC is deleted. The parent directory is retained.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            		
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
diff --git a/docs/cce/umn/cce_10_0841.html b/docs/cce/umn/cce_10_0841.html
index 580f2cb02..ea8b66413 100644
--- a/docs/cce/umn/cce_10_0841.html
+++ b/docs/cce/umn/cce_10_0841.html
@@ -9,13 +9,13 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            • You have created one or more SNI certificates in ELB and specified a domain name in these certificates. 
                                                                                                                                                                                                                                                                                                                                                                                                                                            • To create a cluster using commands, ensure kubectl is used. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                            Using the CCE Console
                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                            2. In the navigation pane, choose Services & Ingresses. In the upper right corner, click Create Service.
                                                                                                                                                                                                                                                                                                                                                                                                                                            3. Configure Service parameters. In this example, only mandatory parameters required for using SNI are listed. For details about how to configure other parameters, see Using the Console.
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Service Name: Specify a Service name, which can be the same as the workload name.
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Service Type: Select LoadBalancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Selector: Add a label and click Confirm. The Service will use this label to select pods. You can also click Reference Workload Label to use the label of an existing workload. In the dialog box that is displayed, select a workload and click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Load Balancer: Select a load balancer type and creation mode.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • A load balancer can be dedicated or shared. To enable HTTP/HTTPS on the listener port of a dedicated load balancer, the type of the load balancer must be Application (HTTP/HTTPS) or Network (TCP/UDP) & Application (HTTP/HTTPS).
                                                                                                                                                                                                                                                                                                                                                                                                                                                • This section uses an existing load balancer as an example. For details about the parameters for automatically creating a load balancer, see Table 1.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Ports
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Protocol: Select TCP. If you select UDP, HTTP and HTTPS will be unavailable.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Service Port: port used by the Service. The port number ranges from 1 to 65535.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Container Port: listener port of the workload. For example, Nginx uses port 80 by default.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Frontend Protocol: In this example, HTTPS must be enabled for the Service to use SNI. For a dedicated load balancer, to use HTTP/HTTPS, the type of the load balancer must be Application (HTTP/HTTPS).
                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Listener
                                                                                                                                                                                                                                                                                                                                                                                                                                                • SSL Authentication: Select this option if HTTPS is enabled on the listener port. This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later versions.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • One-way authentication: Only the backend server is authenticated. If you also need to authenticate the identity of the client, select mutual authentication.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Mutual authentication: If you want the clients and the load balancer to authenticate each other, select this option. Only authenticated clients will be allowed to access the load balancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                • CA Certificate: If SSL Authentication is set to Mutual authentication, add a CA certificate to authenticate the client. A CA certificate is issued by a certificate authority (CA) and used to verify the certificate issuer. If HTTPS mutual authentication is required, HTTPS connections can be established only when the client provides a certificate issued by a specific CA.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Server Certificate: Select a server certificate as the default certificate. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                • SNI: Add an SNI certificate containing a domain name. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  If an SNI certificate cannot be found based on the domain name requested by the client, the server certificate will be returned by default.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Using the CCE Console
                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. In the navigation pane, choose Services & Ingresses. In the upper right corner, click Create Service.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  3. Configure Service parameters. In this example, only mandatory parameters required for using SNI are listed. For details about how to configure other parameters, see Using the CCE Console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Service Name: Specify a Service name, which can be the same as the workload name.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Service Type: Select LoadBalancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Selector: Add a label and click Confirm. The Service will use this label to select pods. You can also click Reference Workload Label to use the label of an existing workload. In the dialog box that is displayed, select a workload and click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Load Balancer: Select a load balancer type and creation mode.
                                                                                                                                                                                                                                                                                                                                                                                                                                                      • A load balancer can be dedicated or shared. To enable HTTP/HTTPS on the listener port of a dedicated load balancer, the type of the load balancer must be Application (HTTP/HTTPS) or Network (TCP/UDP) & Application (HTTP/HTTPS).
                                                                                                                                                                                                                                                                                                                                                                                                                                                      • This section uses an existing load balancer as an example. For details about the parameters for automatically creating a load balancer, see Table 1.
                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Ports
                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Protocol: Select TCP. If you select UDP, HTTP and HTTPS will be unavailable.
                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Service Port: the port used by the Service. The port number ranges from 1 to 65535.
                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Container Port: the port that the workload listens on. For example, Nginx uses port 80 by default.
                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Frontend Protocol: In this example, HTTPS must be enabled for the Service to use SNI. For a dedicated load balancer, to use HTTP/HTTPS, the type of the load balancer must be Application (HTTP/HTTPS).
                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Listener
                                                                                                                                                                                                                                                                                                                                                                                                                                                      • SSL Authentication: Select this option if HTTPS is enabled on the listener port. This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later versions.
                                                                                                                                                                                                                                                                                                                                                                                                                                                        • One-way authentication: Only the backend server is authenticated. If you also need to authenticate the identity of the client, select two-way authentication.
                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Two-way authentication: Both the clients and the load balancer authenticate each other. This ensures only authenticated clients can access the load balancer. No additional backend server configuration is required if you select this option.
                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                      • CA Certificate: If SSL Authentication is set to Two-way authentication, add a CA certificate to authenticate the client. A CA certificate is issued by a Certificate Authority (CA) and is used to verify the issuer of the client's certificate. If HTTPS mutual authentication is enabled, HTTPS connections can be established only if the client provides a certificate issued by a specific CA.
                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Server Certificate: Select a server certificate as the default certificate. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                      • SNI: Add an SNI certificate containing a domain name. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                        If the server cannot find an SNI certificate matching the client-requested domain name, it will return the default server certificate.
                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Security Policy: If HTTPS is enabled on the listener port, you can select a security policy. This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later versions.
                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Backend Protocol: If HTTPS is enabled on the listener port, HTTP or HTTPS can be used to access the backend server. The default value is HTTP. This parameter is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later versions.
                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  4. Click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Click Create.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            Using kubectl
                                                                                                                                                                                                                                                                                                                                                                                                                                            This section uses an existing load balancer as an example. An example YAML file of a SNI-compliant Service is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                            apiVersion: v1
 kind: Service
@@ -45,39 +45,39 @@ spec:
   loadBalancerIP: **.**.**.**       #  Private IP address of the load balancer
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                            Table 1 Key parameters
                                                                                                                                                                                                                                                                                                                                                                                                                                            Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                            
@@ -127,7 +127,7 @@ spec:
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                                                                                                                                                                                             		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            Whether to retain subdirectories when deleting a PVC. This parameter must be used with PV Reclaim Policy. This parameter is available only when the PV reclaim policy is Delete. Options:
                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                            • retain-volume-only: If a PVC is deleted, the PV will be deleted, but the subdirectories associated with the PV will be retained.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • delete: After a PVC is deleted, the PV and its associated subdirectories will also be deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                               NOTE: 
                                                                                                                                                                                                                                                                                                                                                                                                                                              When a subdirectory is deleted, only the absolute path of the subdirectory configured in the PVC will be deleted. The upper-layer directory will not be deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              • retain-volume-only: When a PVC is deleted, the PV is deleted, but its associated subdirectories are retained.
                                                                                                                                                                                                                                                                                                                                                                                                                                              • delete: When a PVC is deleted, the PV and its associated subdirectories are also deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                 NOTE: 
                                                                                                                                                                                                                                                                                                                                                                                                                                                When a subdirectory is deleted, only the absolute path of the subdirectory specified in the PVC is deleted. The parent directory is retained.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            		
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            Table 1 Key parameters
                                                                                                                                                                                                                                                                                                                                                                                                                                            Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
-
-
-
-
-
-
-
-
-
-
diff --git a/docs/cce/umn/cce_10_0842.html b/docs/cce/umn/cce_10_0842.html
index cb78e3972..3d9b244d8 100644
--- a/docs/cce/umn/cce_10_0842.html
+++ b/docs/cce/umn/cce_10_0842.html
@@ -8,12 +8,12 @@
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                            Using the CCE Console
                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                            2. In the navigation pane, choose Services & Ingresses. In the upper right corner, click Create Service.
                                                                                                                                                                                                                                                                                                                                                                                                                                            3. Configure Service parameters. In this example, only mandatory parameters are listed. For details about how to configure other parameters, see Using the Console.
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Service Name: Specify a Service name, which can be the same as the workload name.
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Service Type: Select LoadBalancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Selector: Add a label and click Confirm. The Service will use this label to select pods. You can also click Reference Workload Label to use the label of an existing workload. In the dialog box that is displayed, select a workload and click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Load Balancer: Select a load balancer type and creation mode.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • A load balancer can be dedicated or shared. To enable HTTP/HTTPS on the listener port of a dedicated load balancer, the type of the load balancer must be Application (HTTP/HTTPS) or Network (TCP/UDP) & Application (HTTP/HTTPS).
                                                                                                                                                                                                                                                                                                                                                                                                                                                • This section uses an existing load balancer as an example. For details about the parameters for automatically creating a load balancer, see Table 1.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Ports
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Protocol: Select TCP. If you select UDP, HTTP and HTTPS will be unavailable.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Service Port: port used by the Service. The port number ranges from 1 to 65535.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Container Port: listener port of the workload. For example, Nginx uses port 80 by default.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Frontend Protocol: In this example, HTTPS must be enabled for the Service to use HTTP/2. For a dedicated load balancer, to use HTTP/HTTPS, the type of the load balancer must be Application (HTTP/HTTPS).
                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Listener
                                                                                                                                                                                                                                                                                                                                                                                                                                                • SSL authentication is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later versions.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • One-way authentication: Only the backend server is authenticated. If you also need to authenticate the identity of the client, select mutual authentication.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Mutual authentication: If you want the clients and the load balancer to authenticate each other, select this option. Only authenticated clients will be allowed to access the load balancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                • CA Certificate: If SSL Authentication is set to Mutual authentication, add a CA certificate to authenticate the client. A CA certificate is issued by a certificate authority (CA) and used to verify the certificate issuer. If HTTPS mutual authentication is required, HTTPS connections can be established only when the client provides a certificate issued by a specific CA.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Server Certificate: Select a server certificate when HTTPS is used. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                • SNI: Add an SNI certificate containing a domain name. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Advanced Options: Click Add advanced options and enable HTTP/2.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                Using the CCE Console
                                                                                                                                                                                                                                                                                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                2. In the navigation pane, choose Services & Ingresses. In the upper right corner, click Create Service.
                                                                                                                                                                                                                                                                                                                                                                                                                                                3. Configure Service parameters. In this example, only mandatory parameters are listed. For details about how to configure other parameters, see Using the CCE Console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Service Name: Specify a Service name, which can be the same as the workload name.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Service Type: Select LoadBalancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Selector: Add a label and click Confirm. The Service will use this label to select pods. You can also click Reference Workload Label to use the label of an existing workload. In the dialog box that is displayed, select a workload and click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Load Balancer: Select a load balancer type and creation mode.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • A load balancer can be dedicated or shared. To enable HTTP/HTTPS on the listener port of a dedicated load balancer, the type of the load balancer must be Application (HTTP/HTTPS) or Network (TCP/UDP) & Application (HTTP/HTTPS).
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • This section uses an existing load balancer as an example. For details about the parameters for automatically creating a load balancer, see Table 1.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Ports
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Protocol: Select TCP. If you select UDP, HTTP and HTTPS will be unavailable.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Service Port: the port used by the Service. The port number ranges from 1 to 65535.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Container Port: the port that the workload listens on. For example, Nginx uses port 80 by default.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Frontend Protocol: In this example, HTTPS must be enabled for the Service to use HTTP/2. For a dedicated load balancer, to use HTTP/HTTPS, the type of the load balancer must be Application (HTTP/HTTPS).
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Listener
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • SSL authentication is available only in clusters of v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later versions.
                                                                                                                                                                                                                                                                                                                                                                                                                                                      • One-way authentication: Only the backend server is authenticated. If you also need to authenticate the identity of the client, select two-way authentication.
                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Two-way authentication: Both the clients and the load balancer authenticate each other. This ensures only authenticated clients can access the load balancer. No additional backend server configuration is required if you select this option.
                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • CA Certificate: If SSL Authentication is set to Two-way authentication, add a CA certificate to authenticate the client. A CA certificate is issued by a Certificate Authority (CA) and is used to verify the issuer of the client's certificate. If HTTPS mutual authentication is enabled, HTTPS connections can be established only if the client provides a certificate issued by a specific CA.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Server Certificate: Select a server certificate when HTTPS is used. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • SNI: Add an SNI certificate containing a domain name. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Advanced Options: Click Add advanced options and enable HTTP/2.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                4. Click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Click Create.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            Using kubectl
                                                                                                                                                                                                                                                                                                                                                                                                                                            To enable HTTP/2, add the following annotation:
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            kubernetes.io/elb.http2-enable: 'true'
                                                                                                                                                                                                                                                                                                                                                                                                                                            
@@ -70,14 +70,14 @@ spec:
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
-
-
                                                                                                                                                                                                                                                                                                                                                                                                                                            Table 1 Key parameters
                                                                                                                                                                                                                                                                                                                                                                                                                                            Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            Type
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Type
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            Description
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Description
                                                                                                                                                                                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                                                                                                                                                                                             		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            kubernetes.io/elb.protocol-port
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            kubernetes.io/elb.protocol-port
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            String
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            String
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            If a Service is HTTP/HTTPS-compliant, configure the protocol and port number in the format of "protocol:port".
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            If a Service is HTTP/HTTPS-compliant, configure the protocol and port number in the format of "protocol:port".
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            where,
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            • protocol: specifies the protocol used by the listener port. The value can be http or https.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • ports: Service ports specified by spec.ports[].port.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            For example, to use SNI, the Service protocol must be https and the Service port must be 80. Therefore, the parameter value is https:80.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                                                                                                                                                                                             		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            kubernetes.io/elb.cert-id
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            kubernetes.io/elb.cert-id
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            String
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            String
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            ID of an ELB certificate, which is used as the HTTPS server certificate.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                            To obtain the certificate, log in to the CCE console, choose Service List > Networking > Elastic Load Balance, and click Certificates in the navigation pane. In the load balancer list, copy the ID under the target certificate name.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            ID of an ELB certificate, which is used as the HTTPS server certificate.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            How to obtain: Log in to the ELB console and choose Certificates. In the load balancer list, copy the ID under the target certificate name.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                                                                                                                                                                                             		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            kubernetes.io/elb.tls-certificate-ids
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            kubernetes.io/elb.tls-certificate-ids
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            String
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            String
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            In ELB, the IDs of SNI certificates that must contain a domain name are separated by commas (,).
                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                            If an SNI certificate cannot be found based on the domain name requested by the client, the server certificate will be returned by default.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                            To obtain the certificate, log in to the CCE console, choose Service List > Networking > Elastic Load Balance, and click Certificates in the navigation pane. In the load balancer list, copy the ID under the target certificate name.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            In ELB, the IDs of SNI certificates that must contain a domain name are separated by commas (,).
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            If the server cannot find an SNI certificate matching the client-requested domain name, it will return the default server certificate.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            How to obtain: Log in to the ELB console and choose Certificates. In the load balancer list, copy the ID under the target certificate name.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                                                                                                                                                                                             		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                                                                                                                                                                                             
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            String
                                                                                                                                                                                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                                                                                                                                                                                             		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            ID of an ELB certificate, which is used as the HTTPS server certificate.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                            To obtain the certificate, log in to the CCE console, choose Service List > Networking > Elastic Load Balance, and click Certificates in the navigation pane. In the load balancer list, copy the ID under the target certificate name.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            How to obtain: Log in to the ELB console and choose Certificates. In the load balancer list, copy the ID under the target certificate name.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                                                                                                                                                                                             		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            kubernetes.io/elb.http2-enable
                                                                                                                                                                                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                                                                                                                                                                                             		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            String
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            Whether HTTP/2 is enabled. Request forwarding using HTTP/2 improves the access performance between your application and the load balancer. However, the load balancer still uses HTTP/1.x to forward requests to the backend server.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Whether HTTP/2 is enabled. Request forwarding using HTTP/2 improves access performance between your application and the load balancer. However, the load balancer still uses HTTP/1.x to forward requests to the backend server.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            Options:
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            • true: enabled
                                                                                                                                                                                                                                                                                                                                                                                                                                            • false: disabled (default value)
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            Note: HTTP/2 can be enabled or disabled only when the listener uses HTTPS. This parameter is invalid and defaults to false when the listener protocol is HTTP.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
diff --git a/docs/cce/umn/cce_10_0844.html b/docs/cce/umn/cce_10_0844.html
new file mode 100644
index 000000000..d9af29cd7
--- /dev/null
+++ b/docs/cce/umn/cce_10_0844.html
@@ -0,0 +1,39 @@
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Configuring Workload Scaling Based on GPU Monitoring Metrics
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            In a standard or Turbo cluster, you can configure HPA policies for workloads that use GPU resources based on GPU monitoring metrics. This enables applications to automatically scale out during peak hours and scale in during off-peak hours, optimizing resource utilization and reducing costs.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                                            • A cluster is available, and there are GPU nodes and GPU related services running in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • The CCE AI Suite (NVIDIA GPU) add-on has been installed in the cluster, and the add-on metrics API is working properly. You can log in to the GPU node and run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                              curl {Pod IP}:2112/metrics
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              In the preceding command, {Pod IP} must be the pod IP address of nvidia-gpu-device-plugin in CCE AI Suite (NVIDIA GPU), and metric results are expected to be returned.
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            • The Cloud Native Cluster Monitoring add-on of v3.9.5 or later has been installed in the cluster, and it is deployed in local data storage mode.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Collecting GPU Metrics
                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose ConfigMaps and Secrets.
                                                                                                                                                                                                                                                                                                                                                                                                                                            2. Select the monitoring namespace. On the ConfigMaps tab, locate the row containing user-adapter-config and click Update.
                                                                                                                                                                                                                                                                                                                                                                                                                                            3. On the Update ConfigMap page, click Edit in the Operation column of the config.yaml file in the Data pane. Then, add a custom metric collection rule under the rules field. Click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                              You can add multiple collection rules by adding multiple configurations under the rules field. For details, see Metrics Discovery and Presentation Configuration.
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              The following is an example of a custom rule for collecting cce_gpu_memory_utilization. For details about more GPU metrics, see GPU Metrics.
                                                                                                                                                                                                                                                                                                                                                                                                                                              rules:
+- seriesQuery: '{__name__=~"cce_gpu_memory_utilization",container!="",namespace!="",pod!=""}'
+  seriesFilters: []
+  resources:
+    overrides:
+      namespace:
+        resource: namespace
+      pod:
+        resource: pod
+  metricsQuery: sum(last_over_time(<<.Series>>{<<.LabelMatchers>>}[1m])) by (<<.GroupBy>>)
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            4. Redeploy the custom-metrics-apiserver workload in the monitoring namespace.
                                                                                                                                                                                                                                                                                                                                                                                                                                            5. After the restart, check whether the metrics in the target pod are normal (replace the namespace and service pod names).
                                                                                                                                                                                                                                                                                                                                                                                                                                              1. Obtain metrics.
                                                                                                                                                                                                                                                                                                                                                                                                                                                kubectl get --raw "/apis/custom.metrics.k8s.io/v1beta1"
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                Information similar to the following is displayed:
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                {"kind":"APIResourceList","apiVersion":"v1","groupVersion":"custom.metrics.k8s.io/v1beta1","resources":[{"name":"pods/cce_gpu_memory_utilization","singularName":"","namespaced":true,"kind":"MetricValueList","verbs":["get"]},{"name":"namespaces/cce_gpu_memory_utilization","singularName":"","namespaced":false,"kind":"MetricValueList","verbs":["get"]}]}
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              2. Obtain workload metric values.
                                                                                                                                                                                                                                                                                                                                                                                                                                                kubectl get --raw "/apis/custom.metrics.k8s.io/v1beta1/namespaces/default/pods/test-gpu-hpa-68667fdd94-grmd2/cce_gpu_memory_utilization"
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                Information similar to the following is displayed:
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                {"kind":"MetricValueList","apiVersion":"custom.metrics.k8s.io/v1beta1","metadata":{},"items":[{"describedObject":{"kind":"Pod","namespace":"default","name":"test-gpu-hpa-68667fdd94-grmd2","apiVersion":"/v1"},"metricName":"cce_gpu_memory_utilization","timestamp":"2024-01-10T08:36:44Z","value":"20","selector":null}]}
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Creating an Auto Scaling Policy
                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Choose Workloads in the navigation pane. Locate the target workload and choose Auto Scaling in the Operation column.
                                                                                                                                                                                                                                                                                                                                                                                                                                            2. Set Policy Type to HPA+CronHPA and enable HPA.
                                                                                                                                                                                                                                                                                                                                                                                                                                              You can select GPU monitoring parameters in Custom Policy to create an auto scaling policy. 
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            3. Return to the Scaling Policies page and check whether the HPA policy has been created.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Parent topic: GPU Auto Scaling
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
diff --git a/docs/cce/umn/cce_10_0845.html b/docs/cce/umn/cce_10_0845.html
new file mode 100644
index 000000000..b0f4b2498
--- /dev/null
+++ b/docs/cce/umn/cce_10_0845.html
@@ -0,0 +1,25 @@
+
+
+
+  
                                                                                                                                                                                                                                                                                                                                                                                                                                            GPU Driver Version
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
+  
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
+
+
diff --git a/docs/cce/umn/cce_10_0846.html b/docs/cce/umn/cce_10_0846.html
new file mode 100644
index 000000000..18bdd9c95
--- /dev/null
+++ b/docs/cce/umn/cce_10_0846.html
@@ -0,0 +1,54 @@
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Selecting a GPU Driver Version for Nodes
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Before using GPU-accelerated ECSs, install the necessary NVIDIA infrastructure software to enable accelerated GPU computing. To use GPUs, select and install the appropriate software package that matches the GPU model.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            This section describes how to select a driver version and CUDA Toolkit for GPU nodes.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Selecting a GPU Driver Version for Nodes
                                                                                                                                                                                                                                                                                                                                                                                                                                            To use GPU resources, you typically need to install the following software packages of the desired version:
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            • Hardware driver for GPUs, such as a Tesla driver
                                                                                                                                                                                                                                                                                                                                                                                                                                            • Libraries required by upper-layer applications, such as CUDA Toolkit
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            When using container applications, a node will have a GPU driver installed, and the CUDA Toolkit will be pre-installed during the building of an application's container image. Alternatively, you can use a NVIDIA base image that already has the CUDA Toolkit pre-installed to build the application's container image. To use GPU resources, the GPU driver version must match the CUDA Toolkit version.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            You can run the nvidia-smi command to obtain the driver installed on the node and determine the mapping between the NVIDIA driver and CUDA Toolkit version. In the figure below, the driver version is 470.141.03, and the latest supported CUDA Toolkit version is 11.4.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Figure 1 Mapping between the NVIDIA driver and CUDA Toolkit version
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Compatibility Between CUDA Toolkit and Driver Versions
                                                                                                                                                                                                                                                                                                                                                                                                                                            When selecting a NVIDIA driver, ensure that the driver version is compatible with the CUDA Toolkit version. The following table lists the mapping. The table below shows the earliest driver versions that are compatible with the CUDA Toolkit. For more detailed version mapping, see CUDA Toolkit and Corresponding Driver Versions. You can select a proper NVIDIA driver version based on the CUDA Toolkit version used by your application.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                             
                                                                                                                                                                                                                                                                                                                                                                                                                                            If the CUDA and driver versions listed in the table below match, preferentially use the GPU driver provided in Recommended GPU Driver Versions for CCE. If the driver version recommended by CCE does not match your CUDA Toolkit version, you will need to use a non-recommended driver version. In such cases, ensure compatibility between the model, OS, and driver version.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            CUDA Toolkit Version
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Minimum Driver Version Required (Linux x86_64)
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            CUDA 12.x
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            ≥ 525.60.13
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            CUDA 11.8.x
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            CUDA 11.7.x
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            CUDA 11.6.x
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            CUDA 11.5.x
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            CUDA 11.4.x
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            CUDA 11.3.x
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            CUDA 11.2.x
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            CUDA 11.1.x
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            ≥ 450.80.02
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            CUDA 11.0
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            ≥ 450.36.06
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Parent topic: GPU Driver Version
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
diff --git a/docs/cce/umn/cce_10_0847.html b/docs/cce/umn/cce_10_0847.html
new file mode 100644
index 000000000..b7698872d
--- /dev/null
+++ b/docs/cce/umn/cce_10_0847.html
@@ -0,0 +1,78 @@
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Recommended GPU Driver Versions for CCE
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            This section describes the recommended driver versions for CCE clusters. If you use a non-recommended GPU driver version, make sure to check its compatibility with the model and OS. Select a proper NVIDIA driver version by checking the compatibility list for CUDA Toolkit and NVIDIA drivers based on the version used by your application.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Supported GPU Drivers
                                                                                                                                                                                                                                                                                                                                                                                                                                             
                                                                                                                                                                                                                                                                                                                                                                                                                                            • The list of supported GPU drivers applies only to CCE AI Suite (NVIDIA GPU) of v1.2.28 or later.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • To use the latest GPU driver, upgrade your CCE AI Suite (NVIDIA GPU) to the latest version.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • The compatibility of the OSs, GPU drivers, and GPU models listed in Table 2 has been tested and verified. To ensure excellent performance and stability, use these GPU drivers. If the deployment is performed in an unverified environment, perform full tests based on the environment to ensure the compatibility and stability.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • NVIDIA no longer provides updates or security patches for GPU drivers that have reached their end of life (EOL). For details, see Driver Lifecycle. For example, a Production Branch (PB) provides one-year support from the date of release, and a Long-Term Support Branch (LTSB) provides three-year support.
                                                                                                                                                                                                                                                                                                                                                                                                                                              According to this policy, CCE does not provide technical support for GPU drivers that have reached EOL, including driver installation and updates. The following drivers have reached EOL: 510.47.03, 470.141.03, and 470.57.02.
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            • When installing a GPU driver on Ubuntu, pay attention to the OS version. For details, see Table 3. For more information, see NVIDIA Driver Documentation.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Table 1 Supported GPU drivers
                                                                                                                                                                                                                                                                                                                                                                                                                                            GPU Model
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Supported Cluster Type
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Specification
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            HCE OS 2.0
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Ubuntu 22.04
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            EulerOS release 2.9
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Tesla T4
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            CCE standard cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            g6
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            pi2
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            535.216.03
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            535.161.08
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            535.54.03
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            510.47.03
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            470.57.02
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            535.216.03
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            535.161.08
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            535.54.03
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            535.54.03
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            470.141.03
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Tesla V100
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            CCE standard cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            p2s
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            p2vs
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            p2v
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            535.216.03
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            535.161.08
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            535.54.03
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            510.47.03
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            470.57.02
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            535.216.03
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            535.161.08
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            535.54.03
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            535.54.03
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            470.141.03
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Helpful Links
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Parent topic: GPU Driver Version
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
diff --git a/docs/cce/umn/cce_10_0848.html b/docs/cce/umn/cce_10_0848.html
new file mode 100644
index 000000000..6901d81d9
--- /dev/null
+++ b/docs/cce/umn/cce_10_0848.html
@@ -0,0 +1,123 @@
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Manually Upgrading the Driver Version of a GPU Node
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            You can use the CCE AI Suite (NVIDIA GPU) add-on to configure the driver file path for a node. After the node is restarted, the driver will be installed automatically. Alternatively, manually upgrade the driver version.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                             
                                                                                                                                                                                                                                                                                                                                                                                                                                            Manually upgrading the driver version of a GPU node is a short-term fix for customizing node configurations. However, once the node is restarted, the driver version will revert to the version specified in the CCE AI Suite (NVIDIA GPU) settings.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            For a stable, long-term upgrade of the driver version of a GPU node, see Upgrading the Driver Version of a GPU Node Using a Node Pool.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                                            The cluster can be accessed using kubectl. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Procedure
                                                                                                                                                                                                                                                                                                                                                                                                                                            To use a specific NVIDIA driver version, perform the following operations to install the GPU driver of the latest version on the node:
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Take the node offline and manually evict pods on the node to prevent all programs from using GPUs.
                                                                                                                                                                                                                                                                                                                                                                                                                                              1. Run the following command to take the node offline:
                                                                                                                                                                                                                                                                                                                                                                                                                                                kubectl cordon <NODE_NAME>
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                After the node goes offline, it will no longer support pod scheduling. You can verify this by running the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                kubectl get node <NODE_NAME>
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                If the following information is displayed, the node does not allow pod scheduling:
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                NAME            STATUS                     ROLES    AGE   VERSION
+192.168.1.xx    Ready,SchedulingDisabled   <none>   20m   v1.25.5-r20-25.1.31.1
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              2. Manually evict pods on the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                kubectl drain 192.168.1.xx --ignore-daemonsets=true --delete-emptydir-data
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                Expected result
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                node/192.168.1.xx drained
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              3. Check whether there are any DaemonSet pods are using GPUs. If so, stop kubelet and the runtime.
                                                                                                                                                                                                                                                                                                                                                                                                                                                Log in to the node where the GPU driver needs to be upgraded, for example, the node with IP address 192.168.1.xx.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Stop containerd.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  systemctl stop kubelet kubelet-monit containerd containerd-monit
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Stop Docker.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  systemctl stop kubelet kubelet-monit docker docker-monit
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              4. Check if any program is using GPUs. If so, evict it.
                                                                                                                                                                                                                                                                                                                                                                                                                                                1. Run the following command to check if any program is using GPUs:
                                                                                                                                                                                                                                                                                                                                                                                                                                                  sudo fuser -v /dev/nvidia*
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the following information is displayed, some programs are using the GPUs. If no fuser command is unavailable (for example, in an RPM-based Linux distribution), run the yum install psmisc command to install the Psmisc package:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                       USER        PID ACCESS COMMAND
+/dev/nvidia0:        root      12192 F.... nvidia-gpu-devi
+/dev/nvidiactl:      root      12192 F.... nvidia-gpu-devi
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                2. Delete the detected process. In this example, the process ID is 12192. Replace it with the actual one.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  sudo kill 12192
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                3. After deleting the detected programs, run the following command again to verify:
                                                                                                                                                                                                                                                                                                                                                                                                                                                  sudo fuser -v /dev/nvidia*      # Recheck if any program is using GPUs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  If no process is displayed in the command output, the detected processes have been evicted, and no program is using the GPUs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            2. Install the NVIDIA driver of a specified version on the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                              1. Download the driver of the specified version at the official NVIDIA website. For details about how to select a proper driver version, see Selecting a GPU Driver Version for Nodes.
                                                                                                                                                                                                                                                                                                                                                                                                                                              2. Record the driver information of the current version. The command for obtaining a driver varies depending on the CCE AI Suite (NVIDIA GPU) add-on version.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • For v1.x.x, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                  /opt/cloud/cce/nvidia/bin/nvidia-smi
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                • For v2.0.0 through v2.5.3, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                  /usr/local/nvidia/bin/nvidia-smi
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                • For versions later than v2.5.4, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                  nvidia-smi
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                The execution results of the preceding three versions are basically the same. The command output is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                Tue Feb 20 15:06:54 2024
++-----------------------------------------------------------------------------+
+| NVIDIA-SMI 470.141.03   Driver Version: 470.141.03   CUDA Version: 11.4     |
+|-------------------------------+----------------------+----------------------+
+| GPU  Name        Persistence-M| Bus-Id        Disp.A | Volatile Uncorr. ECC |
+| Fan  Temp  Perf  Pwr:Usage/Cap|         Memory-Usage | GPU-Util  Compute M. |
+|                               |                      |               MIG M. |
+|===============================+======================+======================|
+|   0  Tesla V100-SXM2...  Off  | 00000000:21:01.0 Off |                    0 |
+| N/A   31C    P0    23W / 300W |      0MiB / 16160MiB |      0%      Default |
+|                               |                      |                  N/A |
++-------------------------------+----------------------+----------------------+
+
++-----------------------------------------------------------------------------+
+| Processes:                                                                  |
+|  GPU   GI   CI        PID   Type   Process name                  GPU Memory |
+|        ID   ID                                                   Usage      |
+|=============================================================================|
+|  No running processes found                                                 |
++-----------------------------------------------------------------------------+
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              3. Prepare for the installation.
                                                                                                                                                                                                                                                                                                                                                                                                                                                Obtain the kernel version of the current node and install its dependencies (such as gcc, make, and kernel-devel). The following is an example using a RPM-based Linux distribution (whose OS is EulerOS, HCE, or CentOS).
                                                                                                                                                                                                                                                                                                                                                                                                                                                yum install -y perl kernel-devel-$(uname -r) zlib-devel binutils binutils-extra binutils-devel elfutils-libelf-devel gcc make
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              4. Install the downloaded driver and verify the installation.
                                                                                                                                                                                                                                                                                                                                                                                                                                                The NVIDIA-Linux-x86_64-535.54.03.run driver is used as an example.
                                                                                                                                                                                                                                                                                                                                                                                                                                                # Obtain the kernel version.
+kerVersion=`uname -r`
+
+# Logs for installation details
+touch /root/nvidia-installer.log
+
+# Install the driver downloaded at the official NVIDIA website.
+sh NVIDIA-Linux-x86_64-535.54.03.run --silent --kernel-source-path=/usr/src/kernels/$kerVersion --log-file-name=/root/nvidia-installer.log --no-install-compat32-libs --utility-prefix="/usr/local/nvidia" --opengl-prefix="/usr/local/nvidia"
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                                                                                                                                                                                                                                If the following information is displayed during the installation:
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                ERROR: An NVIDIA kernel module 'nvidia' appears to already be loaded in your kernel.  This may be because it is in use (for example, by an X server, a CUDA program, or the NVIDIA Persistence Daemon), but this may also happen if your kernel was configured without support for module unloading.  Please be sure to exit any programs that may be using the GPU(s) before attempting to upgrade your driver.  If no GPU-based programs are running, you know that your kernel supports module unloading, and you still receive this message, then an error may have occurred that has corrupted an NVIDIA kernel module's usage count, for which the simplest remedy is to reboot your computer.
+ERROR: Installation has failed.  Please see the file '/root/nvidia-installer.log' for details.  You may find suggestions on fixing installation problems in the README available on the Linux driver download page at www.nvidia.com.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                Perform the following operations to handle this issue:
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                1. Disable kubelet and the runtime.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Disable containerd.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    systemctl disable kubelet kubelet-monit containerd containerd-monit
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Disable Docker.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    systemctl disable kubelet kubelet-monit docker docker-monit
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                2. Restart the affected node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                3. Run the driver installation command again.
                                                                                                                                                                                                                                                                                                                                                                                                                                                4. Enable kubelet and the runtime.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Enable containerd.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    systemctl enable kubelet kubelet-monit containerd containerd-monit
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Enable Docker.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    systemctl enable kubelet kubelet-monit docker docker-monit
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              5. Check whether the new version of the GPU driver is installed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • For v1.x.x, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                  /opt/cloud/cce/nvidia/bin/nvidia-smi
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                • For v2.0.0 through v2.5.3, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                  /usr/local/nvidia/bin/nvidia-smi
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                • For versions later than v2.5.4, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                  nvidia-smi
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                If the following information is displayed, the new version of the GPU driver has been installed:
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                Tue Feb 20 15:13:58 2024
++---------------------------------------------------------------------------------------+
+| NVIDIA-SMI 535.54.03              Driver Version: 535.54.03    CUDA Version: 12.2     |
+|-----------------------------------------+----------------------+----------------------+
+| GPU  Name                 Persistence-M | Bus-Id        Disp.A | Volatile Uncorr. ECC |
+| Fan  Temp   Perf          Pwr:Usage/Cap |         Memory-Usage | GPU-Util  Compute M. |
+|                                         |                      |               MIG M. |
+|=========================================+======================+======================|
+|   0  Tesla V100-SXM2-16GB           Off | 00000000:21:01.0 Off |                    0 |
+| N/A   34C    P0              38W / 300W |      0MiB / 16384MiB |      2%      Default |
+|                                         |                      |                  N/A |
++-----------------------------------------+----------------------+----------------------+
+
++---------------------------------------------------------------------------------------+
+| Processes:                                                                            |
+|  GPU   GI   CI        PID   Type   Process name                            GPU Memory |
+|        ID   ID                                                             Usage      |
+|=======================================================================================|
+|  No running processes found                                                           |
++---------------------------------------------------------------------------------------+
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              6. Delete driver files and historical commands.
                                                                                                                                                                                                                                                                                                                                                                                                                                                rm NVIDIA-Linux-x86_64-535.54.03.run /root/nvidia-installer.log && history -c
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            3. Restart the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                              1. Restart kubelet and the runtime.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Restart containerd.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  systemctl start kubelet kubelet-monit containerd containerd-monit
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Restart Docker.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  systemctl start kubelet kubelet-monit docker docker-monit
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              2. Remove scheduling restrictions on the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                kubectl uncordon <NODE_NAME>
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Parent topic: GPU Driver Version
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
diff --git a/docs/cce/umn/cce_10_0849.html b/docs/cce/umn/cce_10_0849.html
new file mode 100644
index 000000000..915f10ee3
--- /dev/null
+++ b/docs/cce/umn/cce_10_0849.html
@@ -0,0 +1,35 @@
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Upgrading the Driver Version of a GPU Node Using a Node Pool
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            To ensure proper functioning of GPU nodes, upgrade the NVIDIA driver version if it does not match the CUDA library you use. It is recommended that you use node pools to effectively manage node NVIDIA driver versions. This allows you to schedule applications to a specific node pool with a designated driver version. Additionally, when upgrading drivers, you can perform the upgrade in batches by node pool. 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                             
                                                                                                                                                                                                                                                                                                                                                                                                                                            When upgrading the NVIDIA driver of a node by node pool, note that the driver will be reinstalled during the node restart. To prevent any issues, ensure that there are no running tasks on the node before upgrading the driver.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Step 1: Specify the Driver Version of a Node Pool
                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the target node and check its driver version. The command for obtaining a driver version varies based on the CCE AI Suite (NVIDIA GPU) version.
                                                                                                                                                                                                                                                                                                                                                                                                                                              • For v1.x.x, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                /opt/cloud/cce/nvidia/bin/nvidia-smi
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              • For v2.0.0 through v2.5.3, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                /usr/local/nvidia/bin/nvidia-smi
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              • For versions later than v2.5.4, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                nvidia-smi
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              The following command output indicates that the driver version is 510.47.03.
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            2. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Settings.
                                                                                                                                                                                                                                                                                                                                                                                                                                            3. Click the Heterogeneous Resources tab page. In the Node Pool Configurations pane, select the target node pool and driver, or enter the link to the custom driver.
                                                                                                                                                                                                                                                                                                                                                                                                                                              In this section, the driver will be upgraded to 535.54.03.
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            4. Click Confirm Configuration.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Step 2: Restart the Nodes in the Node Pool
                                                                                                                                                                                                                                                                                                                                                                                                                                             
                                                                                                                                                                                                                                                                                                                                                                                                                                            Evict pods on a node before restarting the node. For details, see Draining a Node. Make sure to reserve GPU resources to avoid a pod scheduling failure during node drainage. Insufficient resources can affect service running.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console. The Overview page is displayed.
                                                                                                                                                                                                                                                                                                                                                                                                                                            2. Choose Nodes, locate the target node pool, and click View Node.
                                                                                                                                                                                                                                                                                                                                                                                                                                            3. Click the node name and navigate to the ECS page.
                                                                                                                                                                                                                                                                                                                                                                                                                                            4. In the upper right corner, click Restart.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Step 3: Verify the Driver Upgrade
                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Wait a few minutes after restarting the node for the driver to install.
                                                                                                                                                                                                                                                                                                                                                                                                                                            2. Log in to the node and check whether the driver on the node has been updated.
                                                                                                                                                                                                                                                                                                                                                                                                                                              The command for obtaining a driver varies depending on the CCE AI Suite (NVIDIA GPU) version.
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              • For v1.x.x, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                /opt/cloud/cce/nvidia/bin/nvidia-smi
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              • For v2.0.0 through v2.5.3, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                /usr/local/nvidia/bin/nvidia-smi
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              • For versions later than v2.5.4, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                nvidia-smi
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              The following command output indicates that the driver version is 510.47.03.
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            3. Confirm that the node and its services are running correctly. Then, perform the same operations on the remaining nodes in the node pool individually.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Parent topic: GPU Driver Version
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
diff --git a/docs/cce/umn/cce_10_0857.html b/docs/cce/umn/cce_10_0857.html
new file mode 100644
index 000000000..753ccd82d
--- /dev/null
+++ b/docs/cce/umn/cce_10_0857.html
@@ -0,0 +1,49 @@
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Nginx Ingress Usage Suggestions
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Nginx ingresses use NGINX Ingress Controller (NGINX Ingress Controller) in clusters to balance load and control access for traffic. The stability of NGINX Ingress Controller, which is deployed in clusters and uses open-source community charts and images, is closely tied to the configurations used and the current status of the cluster. This section provides practical tips on how to use NGINX Ingress Controller effectively. You can refer to the following configurations for the best results.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Optimized NGINX Ingress Controller Settings
                                                                                                                                                                                                                                                                                                                                                                                                                                            • Configure a proper number of replicas and resource limits.
                                                                                                                                                                                                                                                                                                                                                                                                                                              The default number of pods for NGINX Ingress Controller installed through Settings is 2, but you can modify it according to your service needs.
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              When NGINX Ingress Controller is deployed, multiple pods will be allocated to different AZs or different nodes in the same AZ by default.
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              Additionally, configure proper resource limits for NGINX Ingress Controller to prevent traffic interruption caused by OOM. It is a good practice to set the CPU limit to 1000m or higher and the memory limit to 2 GiB or higher.
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            • Deploy NGINX Ingress Controller on a dedicated node for better performance and stability of Nginx Ingress.
                                                                                                                                                                                                                                                                                                                                                                                                                                              When creating a node, configure taints on it. During the installation of NGINX Ingress Controller, add the taint of the node to the tolerance policy. 
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            • Optimize the Nginx ingress performance.
                                                                                                                                                                                                                                                                                                                                                                                                                                              NGINX Ingress Controller performance optimization involves system parameter optimization and Nginx parameter optimization.
                                                                                                                                                                                                                                                                                                                                                                                                                                              • System parameter optimization: Some common OS parameters have been optimized by default to improve system performance. However, you should also optimize other parameters like connection queue size and source port range for better results. The optimized system parameters ensure that Nginx can handle a high volume of concurrent requests and access the backend without running out of ports.
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Nginx parameter optimization
                                                                                                                                                                                                                                                                                                                                                                                                                                                • In a high-concurrency environment, increase the maximum number of keepalive connections between Nginx and the client. This helps to avoid generating a large number of TIME_WAIT connections.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Increase the maximum number of connections to a single worker node for NGINX Ingress Controller to handle a high volume of concurrent requests.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • In a high-concurrency environment, you are advised to set the maximum number of idle keepalive connections to 1000.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Configure gateway timeout. Make sure that the persistent connection timeout period of backend services is greater than or equal to the connection timeout period of NGINX Ingress Controller.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            • Configure HPA for NGINX Ingress Controller.
                                                                                                                                                                                                                                                                                                                                                                                                                                              NGINX Ingress Controller can typically handle bursts of service traffic. However, if you need additional capacity in heavy load scenarios, you can configure HPA to automatically expand the capacity for NGINX Ingress Controller. For details, see Creating an HPA Policy.
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            • Configure a proper preStop hook for backend services.
                                                                                                                                                                                                                                                                                                                                                                                                                                              During the rolling update of a backend service, NGINX Ingress Controller will remove the pods that are being terminated from the backend server, but will retain the connections for requests that are still being processed. If the backend service pods exit immediately after receiving the end signal, the in-progress requests may fail or some traffic may be forwarded to pods that have already exited, leading to traffic loss. To prevent this issue, configure a preStop hook in the backend service pods. This will allow the pods to continue working for a period of time after being removed.
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              The following shows a workload configuration example:
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              ...
+spec:
+  template:
+    spec:
+      containers:
+      - name: app
+        lifecycle:
+          # Configure a preStop hook for pods to exit after 30 seconds.
+          # The sleep command must exist in the container.
+          preStop:
+            exec:
+              command:
+                - sleep
+                - '30'
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Observability of NGINX Ingress Controller
                                                                                                                                                                                                                                                                                                                                                                                                                                            With CCE's Cloud Native Cluster Monitoring, you can easily monitor NGINX Ingress Controller and gain valuable insights into the status of your ingress traffic. 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Advanced Functions of NGINX Ingress Controller
                                                                                                                                                                                                                                                                                                                                                                                                                                            • Multiple NGINX Ingress Controllers allowed
                                                                                                                                                                                                                                                                                                                                                                                                                                              Deploying multiple NGINX Ingress Controllers in a cluster is a great way to isolate your application's internal network from the external network. For details, see Installing Multiple NGINX Ingress Controllers.
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            • Blue-green deployment or grayscale release of applications through NGINX Ingress Controller
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
+
diff --git a/docs/cce/umn/cce_10_0859.html b/docs/cce/umn/cce_10_0859.html
index c6cc803f0..8f1f02786 100644
--- a/docs/cce/umn/cce_10_0859.html
+++ b/docs/cce/umn/cce_10_0859.html
@@ -4,10 +4,10 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            Encrypting cloud disks ensures data privacy and control, making it ideal for scenarios that demand high security or compliance standards. This section describes how to use the keys managed by Data Encryption Workshop (DEW) to encrypt EVS disks.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                            Using the Console
                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                            2. Dynamically create a PVC and PV.
                                                                                                                                                                                                                                                                                                                                                                                                                                              1. Choose Storage in the navigation pane and click the PersistentVolumeClaims (PVCs) tab. Click Create PVC in the upper right corner. In the dialog box displayed, configure PVC parameters.
                                                                                                                                                                                                                                                                                                                                                                                                                                              2. Select EVS for the storage type, enable encryption, and choose a key. Configure other parameters based on service requirements. For details, see Using an EVS Disk Through a Dynamic PV.
                                                                                                                                                                                                                                                                                                                                                                                                                                              3. Click Create.
                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                            3. Go to the PersistentVolumeClaims (PVCs) tab and check whether the PVC of the encrypted EVS disk is created and whether the disk is encrypted.
                                                                                                                                                                                                                                                                                                                                                                                                                                            4. The method of using an encrypted PVC is the same as that of using a regular PVC.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Using the Console
                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                            2. Dynamically create a PVC and PV.
                                                                                                                                                                                                                                                                                                                                                                                                                                              1. Choose Storage in the navigation pane and click the PVCs tab. Click Create PVC in the upper right corner. In the dialog box displayed, configure PVC parameters.
                                                                                                                                                                                                                                                                                                                                                                                                                                              2. Select EVS for the StorageClass, enable encryption, and choose a key. Configure other parameters based on service requirements. For details, see Using an EVS Disk Through a Dynamic PV.
                                                                                                                                                                                                                                                                                                                                                                                                                                              3. Click Create.
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            3. Go to the PVCs tab and check whether the PVC of the encrypted EVS disk is created and whether the disk is encrypted.
                                                                                                                                                                                                                                                                                                                                                                                                                                            4. The method of using an encrypted PVC is the same as that of using a regular PVC.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                            Automatically Creating an Encrypted EVS Disk Using kubectl
                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Use kubectl to access the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                            2. Create the pvc-evs-auto.yaml file. For details, see Automatically Creating an EVS Volume Through kubectl.
                                                                                                                                                                                                                                                                                                                                                                                                                                              apiVersion: v1
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              Using kubectl
                                                                                                                                                                                                                                                                                                                                                                                                                                              1. Use kubectl to access the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                              2. Create the pvc-evs-auto.yaml file. For details, see Dynamically Creating an EVS Disk Using kubectl.
                                                                                                                                                                                                                                                                                                                                                                                                                                                apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
   name: pvc-evs-auto
@@ -25,13 +25,32 @@ spec:
     requests:
       storage: 10Gi             # EVS disk capacity, ranging from 1 to 32768
   storageClassName: csi-disk    # The StorageClass is EVS.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                Table 1 Encryption parameters
                                                                                                                                                                                                                                                                                                                                                                                                                                                Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                Example Value
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                everest.io/crypt-key-id
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                37f202db-a970-4ac1-a506-e5c4f2d7ce69
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                ID of an encryption key, which can be obtained from DEW.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                              3. Run the following command to create a PVC:
                                                                                                                                                                                                                                                                                                                                                                                                                                                kubectl apply -f pvc-evs-auto.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                              4. Go to the PersistentVolumeClaims (PVCs) tab and check whether the PVC of the encrypted EVS disk is created and whether the disk is encrypted.
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            3. Go to the PVCs tab and check whether the PVC of the encrypted EVS disk is created and whether the disk is encrypted.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                            Parent topic: Elastic Volume Service
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Parent topic: EVS
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
diff --git a/docs/cce/umn/cce_10_0860.html b/docs/cce/umn/cce_10_0860.html
index e8519b2a5..6a1e926c6 100644
--- a/docs/cce/umn/cce_10_0860.html
+++ b/docs/cce/umn/cce_10_0860.html
@@ -4,14 +4,14 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            If the EVS disk attached to a workload does not have enough space, you can increase its capacity by expanding it. This section describes how to expand the capacity of an EVS disk through the console.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                                            You have created a cluster and installed the CCE Container Storage (Everest) add-on in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                            EVS Disk
                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                            2. Choose Storage in the navigation pane and click the PersistentVolumeClaims (PVCs) tab. Click More in the Operation column of the target PVC and select Scale-out.
                                                                                                                                                                                                                                                                                                                                                                                                                                            3. Enter the capacity to be added and click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                               
                                                                                                                                                                                                                                                                                                                                                                                                                                              The disk size can only be increased, not decreased.
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              Procedure
                                                                                                                                                                                                                                                                                                                                                                                                                                              1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                              2. Choose Storage in the navigation pane and click the PVCs tab. Click More in the Operation column of the target PVC and select Scale-out.
                                                                                                                                                                                                                                                                                                                                                                                                                                              3. Enter the capacity to be added and click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                                                                                                                                                                                                                                Disk sizes can only be increased, not decreased.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                              Parent topic: Elastic Volume Service
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              Parent topic: EVS
                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
diff --git a/docs/cce/umn/cce_10_0864.html b/docs/cce/umn/cce_10_0864.html
index 78fad6964..635298231 100644
--- a/docs/cce/umn/cce_10_0864.html
+++ b/docs/cce/umn/cce_10_0864.html
@@ -2,12 +2,12 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                              Configuring a Cluster's API Server for Internet Access
                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                              You can bind an EIP to an API server of a Kubernetes cluster so that the API server can access the Internet.
                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                              Procedure
                                                                                                                                                                                                                                                                                                                                                                                                                                              1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                              2. On the Overview page, locate the Connection Information area, and click Bind next to EIP.
                                                                                                                                                                                                                                                                                                                                                                                                                                              3. Select an existing EIP. If no EIP is available, click Create EIP to go to the EIP console and assign one.
                                                                                                                                                                                                                                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Binding an EIP to an API server for Internet access can pose a risk to the cluster's security. To mitigate this risk, configure Advanced Anti-DDoS or API server access policies (Configuring Access Policies for an API Server) for the bound EIP.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Binding an EIP to an API server will cause the API server to restart briefly and update the kubeconfig certificate. Do not make any changes to the cluster during this period.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                Procedure
                                                                                                                                                                                                                                                                                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                2. On the Overview page, locate the Connection Information area, and click Bind next to EIP.
                                                                                                                                                                                                                                                                                                                                                                                                                                                3. Select an existing EIP. If no EIP is available, assign an EIP. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                   
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Binding an EIP to an API server for Internet access can pose a risk to the cluster's security. To mitigate this risk, configure Advanced Anti-DDoS or API server access policies (Configuring Access Policies for an API Server) for the bound EIP.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Binding an EIP to an API server will cause the API server to restart briefly and update the kubeconfig certificate. Do not make any changes to the cluster during this period.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                4. Click OK. The bound EIP will be displayed in EIP.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                Configuring Access Policies for an API Server
                                                                                                                                                                                                                                                                                                                                                                                                                                                To ensure the security of a cluster's API server, it is important to modify the security group rules for the master nodes. This is because the EIP, which is exposed to the Internet, is at risk of being attacked.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console. On the Overview page, find and copy the cluster ID.
                                                                                                                                                                                                                                                                                                                                                                                                                                                2. Log in to the VPC console. In the navigation pane, choose Access Control > Security Groups.
                                                                                                                                                                                                                                                                                                                                                                                                                                                3. Select Description as the filter criterion and search for the target security group by cluster ID.
                                                                                                                                                                                                                                                                                                                                                                                                                                                4. Locate the row that contains the security group (starting with {CCE cluster name}-cce-control) of the master node and click Manage Rules in the Operation column.
                                                                                                                                                                                                                                                                                                                                                                                                                                                5. On the page displayed, locate the row that contains port 5443 and click Modify in the Operation column to modify its inbound rules.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console. On the Overview page, find and copy the cluster ID.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. Log in to the VPC console. In the navigation pane, choose Access Control > Security Groups.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  3. Select Description as the filter criterion and search for the target security group by cluster ID.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  4. Locate the row that contains the security group (starting with {CCE cluster name}-cce-control) of the master node and click Manage Rules in the Operation column.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  5. On the page displayed, locate the row that contains port 5443 and click Modify in the Operation column to modify its inbound rules.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  6. Change the source IP address that can be accessed as required. For example, if the IP address used by the client to access the API Server is 100.*.*.*, you can add an inbound rule for port 5443 and set the source IP address to 100.*.*.*.
                                                                                                                                                                                                                                                                                                                                                                                                                                                     
                                                                                                                                                                                                                                                                                                                                                                                                                                                    In addition to the client IP address, the port must allow traffic from the CIDR blocks of the VPC, container, and the control plane of the hosted service mesh to ensure that the API Server can be accessed from within the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
@@ -16,7 +16,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                Parent topic: Connecting to a Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                Parent topic: Accessing a Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
diff --git a/docs/cce/umn/cce_10_0883.html b/docs/cce/umn/cce_10_0883.html
index 3a60dd33a..7fbe7b457 100644
--- a/docs/cce/umn/cce_10_0883.html
+++ b/docs/cce/umn/cce_10_0883.html
@@ -30,14 +30,14 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            /var/lib/docker
                                                                                                                                                                                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                                                                                                                                                                                             		
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            • Data Disk Space Allocation set to specific: /var/lib/docker, which is identical to the Kubernetes native path
                                                                                                                                                                                                                                                                                                                                                                                                                                            • Colocation on the system disk: /var/lib/docker, which is identical to the Kubernetes native path
                                                                                                                                                                                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                                                                                                                                                                                             		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            Container runtime (containerd)
                                                                                                                                                                                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                                                                                                                                                                                             		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            /var/lib/containerd
                                                                                                                                                                                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                                                                                                                                                                                             		
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            • Data Disk Space Allocation set to specific: /var/lib/containerd, which is identical to the Kubernetes native path
                                                                                                                                                                                                                                                                                                                                                                                                                                            • Colocation on the system disk: /var/lib/containerd, which is identical to the Kubernetes native path
                                                                                                                                                                                                                                                                                                                                                                                                                                            
                                                                                                                                                                                                                                                                                                                                                                                                                                             		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            containerd logs
                                                                                                                                                                                                                                                                                                                                                                                                                                            
diff --git a/docs/cce/umn/cce_10_0886.html b/docs/cce/umn/cce_10_0886.html
index 9329da85f..1a90eb394 100644
--- a/docs/cce/umn/cce_10_0886.html
+++ b/docs/cce/umn/cce_10_0886.html
@@ -2,16 +2,16 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            Accepting Nodes in a Node Pool
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            If you want to add a newly created ECS to a node pool in a cluster, or remove a node from a node pool and add it to the node pool again, accept the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                             
                                                                                                                                                                                                                                                                                                                                                                                                                                            • When an ECS is accepted for management, the ECS OS will be reset to the standard image provided by CCE to ensure node stability.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • LVM information, including volume groups (VGs), logical volumes (LVs), and physical volumes (PVs), will be deleted from the system disks and data disks attached to the selected ECSs during acceptance. Ensure that the information has been backed up.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • During the acceptance of an ECS, do not perform any operation on the ECS through the ECS console.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • After a node is managed by a node pool, if a scaling-in task is triggered in the node pool, the node will be deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                             
                                                                                                                                                                                                                                                                                                                                                                                                                                            • When an ECS is accepted for management, the ECS OS will be reset to the standard image provided by CCE to ensure node stability.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • During the acceptance process, LVM information, including volume groups (VGs), logical volumes (LVs), and physical volumes (PVs), will be deleted from the system disks and data disks attached to the selected ECSs. Ensure this information has been backed up.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • During the acceptance of an ECS, do not perform any operation on the ECS through the ECS console.
                                                                                                                                                                                                                                                                                                                                                                                                                                            • After a node is managed by a node pool, if a scaling-in task is triggered in the node pool, the node will be deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                            Procedure
                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                                                                                                                                            2. Click the cluster name to access the cluster console. Choose Nodes in the navigation pane. In the right pane, click the Node Pools tab.
                                                                                                                                                                                                                                                                                                                                                                                                                                            3. Choose More > Accept Node in the operation bar of the target node pool.
                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                            4. Select one or more nodes that meet the requirements.
                                                                                                                                                                                                                                                                                                                                                                                                                                              • The nodes and the current node pool are deployed in the same VPC and subnet.
                                                                                                                                                                                                                                                                                                                                                                                                                                              • The billing mode of the nodes must be the same as that of the current node pool. For example, a pay-per-use node pool can accept only pay-per-use nodes.
                                                                                                                                                                                                                                                                                                                                                                                                                                              • The cloud server group of the nodes must be the same as that of the current node pool.
                                                                                                                                                                                                                                                                                                                                                                                                                                              • The nodes must be running and cannot be labeled with CCE-Dynamic-Provisioning-Node.
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Data disks must be attached to the nodes to be managed if the system components of these nodes are separately stored. A local disk (disk-intensive disk) or a data disk of at least 20 GiB can be attached to the node, and any data disks already attached cannot be smaller than 10 GiB. 
                                                                                                                                                                                                                                                                                                                                                                                                                                              • The flavor of the nodes must be at least 2 vCPUs and 4 GiB memory, and only one NIC can be bound to each of the nodes.
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Only the cloud servers that have the same flavor, AZ, resource reservation, system disk, and data disk configurations as the node pool can be added for batch acceptance.
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Partitioned disks on cloud servers will not be accepted as data disks. Back up data and clear the disks before node acceptance.
                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              Procedure
                                                                                                                                                                                                                                                                                                                                                                                                                                              1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                                                                                                                                              2. Click the cluster name to access the cluster console. Choose Nodes in the navigation pane. In the right pane, click the Node Pools tab.
                                                                                                                                                                                                                                                                                                                                                                                                                                              3. Choose More > Accept Node in the operation bar of the target node pool.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              4. Select one or more nodes that meet the requirements.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • The nodes and the current node pool are deployed in the same VPC and subnet.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • The billing mode of the nodes must be the same as that of the current node pool. For example, a pay-per-use node pool can accept only pay-per-use nodes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • The cloud server group of the nodes must be the same as that of the current node pool.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • The nodes must be running and cannot be labeled with CCE-Dynamic-Provisioning-Node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Data disks must be attached to the nodes to be managed if the system components of these nodes are stored separately. These nodes can be attached with either a local disk (disk-intensive disk) or a data disk of at least 20 GiB. Additionally, any data disks already attached must not be smaller than 10 GiB. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                • The node to be accepted must have at least 2 CPU cores, 4 GiB of memory, and only one network interface.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Only the cloud servers that have the same flavor, AZ, resource reservation, system disk, and data disk configurations as the node pool can be added for batch acceptance.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Partitioned disks on cloud servers will not be accepted as data disks. Back up data and clear the disks before node acceptance.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                              5. Click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                            Parent topic: Managing a Node Pool
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            Parent topic: Managing Node Pools
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
diff --git a/docs/cce/umn/cce_10_0891.html b/docs/cce/umn/cce_10_0891.html
index 1a256aa37..f32519aad 100644
--- a/docs/cce/umn/cce_10_0891.html
+++ b/docs/cce/umn/cce_10_0891.html
@@ -1,7 +1,7 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            Configuring Specified Node Scheduling (nodeSelector)
                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                            To select a node for scheduling in Kubernetes, simply configure the nodeSelector field in the workload. This field allows you to configure the label of the desired node to be scheduled. Kubernetes schedules pods only to nodes with specified labels.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                            In Kubernetes, to schedule a workload to a specified node, simply configure the nodeSelector field in the workload. By setting the target node label in this field, Kubernetes will schedule the workload only to the node with the matching label.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                                            A custom label has been added to the target node so that workload pods can be scheduled based on the node label. For details, see Adding or Deleting a Node Label.
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                            Creating a Workload Scheduled to a Specified Node
                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                                                                                                                                                                                                                                            2. Create a YAML file named nginx.yaml. The file name can be customized.
                                                                                                                                                                                                                                                                                                                                                                                                                                              Configure nodeSelector for the workload. For example, if the key is deploy_qa and the value is true, the pod will be scheduled to the node with the deploy_qa=true label. Example:
                                                                                                                                                                                                                                                                                                                                                                                                                                              apiVersion: apps/v1
diff --git a/docs/cce/umn/cce_10_0892.html b/docs/cce/umn/cce_10_0892.html
index 085ac3c92..47d9bd94d 100644
--- a/docs/cce/umn/cce_10_0892.html
+++ b/docs/cce/umn/cce_10_0892.html
@@ -3,7 +3,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                              Configuring Node Affinity Scheduling (nodeAffinity)
                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                              Kubernetes can schedule workload pods to affinity nodes based on their labels and label values. For example, some nodes support GPU computing, and node affinity scheduling can guarantee that high-performance computing pods run on these GPU nodes.
                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                              Using the CCE Console
                                                                                                                                                                                                                                                                                                                                                                                                                                              In this example, a GPU node labeled with gpu=true has been created in the cluster. You can use this label to schedule pods to this GPU node.
                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                              1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                                                                                                                                              2. Click the cluster name to go to the cluster console, choose Workloads in the navigation pane, and click the Create Workload in the upper right corner.
                                                                                                                                                                                                                                                                                                                                                                                                                                              3. In Advanced Settings, choose Scheduling and select a policy for Node Affinity. In this example, Customize affinity is selected. For details about how to create a workload, see Creating a Workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                2. Click the cluster name to go to the cluster console, choose Workloads in the navigation pane, and click the Create Workload in the upper right corner.
                                                                                                                                                                                                                                                                                                                                                                                                                                                3. In Advanced Settings, choose Scheduling and select a policy for Node Affinity. In this example, Customize affinity is selected. For details about how to create a workload, see Creating a Workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -24,7 +24,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Table 1 Scheduling policies
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                4. Select a proper node affinity rule and click  to add a scheduling policy. In this example, a scheduling policy is added in the Required area under Node Affinity. This policy specifies that the newly created workload can only be scheduled to a specific node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                5. Select a proper node affinity rule and click  to add a scheduling policy. In this example, a scheduling policy is added in the Required area under Node Affinity. This policy specifies that the newly created workload can only be scheduled to a specific node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
diff --git a/docs/cce/umn/cce_10_0893.html b/docs/cce/umn/cce_10_0893.html
index ae78b5d89..012f07200 100644
--- a/docs/cce/umn/cce_10_0893.html
+++ b/docs/cce/umn/cce_10_0893.html
@@ -7,9 +7,9 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                6. Identify the affinity/anti-affinity workloads based on the workload labels and operators.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  For example, the label selector filters the workloads that have been labeled with app=backend.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                7. For affinity scheduling, the scheduler chooses the topology key where the target workload is located, while for anti-affinity scheduling, it selects a topology key where the target workload is not present.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  In this example, the workload labeled with app=backend is assigned to topology key 1. Therefore, workloads that have an affinity with the app=backend workload can be scheduled to topology key 1. Conversely, workloads that have an anti-affinity with the app=backend workload can only be scheduled to topology key 2 or 3.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  8. 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Figure 1 Workload affinity or anti-affinity scheduling
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Figure 1 Workload affinity or anti-affinity scheduling
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Using the CCE Console
                                                                                                                                                                                                                                                                                                                                                                                                                                                  In this example, a backend workload with the app=backend label has been created in the cluster. This label can be used for workload affinity or anti-affinity scheduling, allowing the newly created frontend workload labeled with app=frontend to be deployed on the same node as the backend workload. Both workloads run in topology key kubernetes.io/hostname. When you use kubernetes.io/hostname for topology classification, only one node can be assigned to each topology key because each node has a unique hostname. This enables workloads to be scheduled on the same node when workload affinity is enabled.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. Click the cluster name to go to the cluster console, choose Workloads in the navigation pane, and click the Create Workload in the upper right corner.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  3. In Advanced Settings, choose Scheduling and select a policy for Load Affinity. In this example, Customize affinity is selected. For details about how to create a workload, see Creating a Workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    2. Click the cluster name to go to the cluster console, choose Workloads in the navigation pane, and click the Create Workload in the upper right corner.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    3. In Advanced Settings, choose Scheduling and select a policy for Load Affinity. In this example, Customize affinity is selected. For details about how to create a workload, see Creating a Workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Table 2 Affinity rule
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -67,7 +67,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Label Key
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  When configuring node affinity, enter the node label to be matched.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Both default labels and custom labels are supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Both default labels and custom labels are supported. For details about default node labels, see Inherent Label of a Node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  gpu
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Table 1 Scheduling policies
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -30,7 +30,7 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                8. Select a proper load affinity rule and click  to add a scheduling policy. In this example, a scheduling policy is added in the Required area under Workload Affinity. This policy specifies that the newly created workload can only be scheduled to a node if a workload with specific labels is already running on that node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                9. Select a proper load affinity rule and click  to add a scheduling policy. In this example, a scheduling policy is added in the Required area under Workload Affinity. This policy specifies that the newly created workload can only be scheduled to a node if a workload with specific labels is already running on that node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
diff --git a/docs/cce/umn/cce_10_0897.html b/docs/cce/umn/cce_10_0897.html
index 9cb73cf0f..186357e2b 100644
--- a/docs/cce/umn/cce_10_0897.html
+++ b/docs/cce/umn/cce_10_0897.html
@@ -1,16 +1,40 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Binding a Security Group to a Pod Using an Annotation
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Application Scenarios
                                                                                                                                                                                                                                                                                                                                                                                                                                                  In Cloud Native Network 2.0, pods use ENIs or sub-ENIs of the VPC. You can configure a security group for a pod using a pod's annotation.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Configure a security group in either of the following cases:
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • To newly bind a security group to a pod, use annotation yangtse.io/security-group-ids.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • To bind more security groups to a pod, use annotation yangtse.io/additional-security-group-ids.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  In cloud native network 2.0, pods use VPC network interfaces or supplementary network interfaces for networking, which allow you to configure security groups. You can bind a security group to a pod by adding an annotation to the pod.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  You can configure security groups in the following applications.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Table 2 Load affinity policies
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Policy
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Rule Type
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -245,7 +245,7 @@ spec:
           preferredDuringSchedulingIgnoredDuringExecution:    # Scheduling policy that is met as much as possible
           - weight: 100  # Priority that can be configured when the best-effort policy is used. The value ranges from 1 to 100. A larger value indicates a higher priority.
             podAffinityTerm:  # Affinity configuration when the best-effort policy is used
-              topologyKey: topology.kubernetes.io/zone   # Topology keys are divided based on node labels.
+              topologyKey: topology.kubernetes.io/zone   # Topology keys are divided based on node labels by node AZ.
               labelSelector:
                 matchExpressions:
                 - key: app
diff --git a/docs/cce/umn/cce_10_0896.html b/docs/cce/umn/cce_10_0896.html
index 780baa0b8..85073bf44 100644
--- a/docs/cce/umn/cce_10_0896.html
+++ b/docs/cce/umn/cce_10_0896.html
@@ -75,7 +75,7 @@ spec:
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Custom header of the Service associated with an ingress. ${svc_name} is the Service name.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Format: a JSON string, for example, {"key": "test", "values": ["value1", "value2"]}
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • key/value indicates the key-value pair of the custom header. A maximum of eight values can be configured.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    Enter 1 to 40 characters for a key. Only letters, digits, hyphens (-), and underscores (_) are allowed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • A key-value pair represents the key and value of a custom header. You can configure up to nine values. However, if a header with the key host is specified, only eight values can be configured.
                                                                                                                                                                                                                                                                                                                                                                                                                                                      Enter 1 to 40 characters for a key. Only letters, digits, hyphens (-), and underscores (_) are allowed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                      Enter 1 to 128 characters for a value. Asterisks (*) and question marks (?) are allowed, but spaces and double quotation marks are not allowed. An asterisk can match zero or more characters, and a question mark can match one character.
                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • After a custom header forwarding policy is configured for an ingress, a grayscale release policy cannot be created for the ingress.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Enter 1 to 51 characters for ${svc_name}.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  		
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Application
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Annotation
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Reference
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Configure a pod's network interface security group via an annotation.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  yangtse.io/security-group-ids
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Create a workload with a security group configured.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Add an additional security group to a pod's network interface via an annotation, while retaining the existing security group.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  yangtse.io/additional-security-group-ids
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Add an additional security group for the workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                   
                                                                                                                                                                                                                                                                                                                                                                                                                                                  The priority of the security group bound to a pod using annotation yangtse.io/security-group-ids is higher than those of the security groups in the security group policy (SecurityGroup) and cluster container network configuration (NetworkAttachmentDefinition).
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                              Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                                              A CCE Turbo cluster is available and the cluster version meets the following requirements:
                                                                                                                                                                                                                                                                                                                                                                                                                                              • v1.23: v1.23.16-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                              • v1.25: v1.25.11-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                              • v1.27: v1.27.8-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                              • v1.28: v1.28.6-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                              • v1.29: v1.29.2-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Versions later than v1.29
                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                              Using kubectl
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Create a workload with a security group configured. The security group bound to the pod is subject to the one configured using an annotation.
                                                                                                                                                                                                                                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                                                                                                                                                                                                                                If the pod has been bound to a security group, the configuration will be overwritten.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                Using kubectl
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Create a workload with a security group configured. The security group bound to the pod is subject to the one configured using an annotation.
                                                                                                                                                                                                                                                                                                                                                                                                                                                   
                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the pod has been bound to a security group, the configuration will be overwritten.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  apiVersion: apps/v1
 kind: Deployment
@@ -40,7 +64,7 @@ spec:
               memory: 200Mi
       imagePullSecrets:
         - name: default-secret
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Add an additional security group for the workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  apiVersion: apps/v1
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Add an additional security group for the workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: nginx
@@ -70,26 +94,27 @@ spec:
         - name: default-secret
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                Table 1 Annotations for configuring a security group for a pod
                                                                                                                                                                                                                                                                                                                                                                                                                                                Annotation
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
-
-
-
-
-
-
-
@@ -99,7 +124,7 @@ spec:
 
 
diff --git a/docs/cce/umn/cce_10_0904.html b/docs/cce/umn/cce_10_0904.html
index 4006d143a..2be2d7389 100644
--- a/docs/cce/umn/cce_10_0904.html
+++ b/docs/cce/umn/cce_10_0904.html
@@ -10,12 +10,12 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                Parent topic: Container Network
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                Parent topic: Container Networks
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
diff --git a/docs/cce/umn/cce_10_0906.html b/docs/cce/umn/cce_10_0906.html
index a81305ee3..47a701778 100644
--- a/docs/cce/umn/cce_10_0906.html
+++ b/docs/cce/umn/cce_10_0906.html
@@ -1,21 +1,24 @@
 
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                Configuring a Default Container Subnet for a CCE Turbo Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                Scenario
                                                                                                                                                                                                                                                                                                                                                                                                                                                If the pod subnet configured during CCE Turbo cluster creation cannot meet service expansion requirements, you can add a pod subnet for the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                Adding or Deleting the Default Pod Subnet of a CCE Turbo Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                If the pod subnet configured during CCE Turbo cluster creation cannot meet service expansion requirements, you can add a pod subnet for the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                Constraints
                                                                                                                                                                                                                                                                                                                                                                                                                                                • This function is only available for CCE Turbo clusters of v1.19 or later.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                                                                                                • This function is available only for CCE Turbo clusters of v1.19 or later.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                Procedure for Adding a Default Subnet
                                                                                                                                                                                                                                                                                                                                                                                                                                                1. Log in to the CCE console and access the CCE Turbo cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                2. On the Overview page, locate the Networking Configuration area and click Add.
                                                                                                                                                                                                                                                                                                                                                                                                                                                3. Select a pod subnet in the same VPC. You can add multiple pod subnets at a time. If no other pod subnet is available, go to the VPC console and create one.
                                                                                                                                                                                                                                                                                                                                                                                                                                                4. Click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                Procedure for Deleting a Default Subnet
                                                                                                                                                                                                                                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                                                                                                                                                                                                                                Pod subnets can be deleted from clusters of v1.23.17-r0, v1.25.12-r0, v1.27.9-r0, v1.28.7-r0, v1.29.3-r0, or later versions.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                Modifying the Default Pod Subnet on the Overview Page
                                                                                                                                                                                                                                                                                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                2. On the Overview page, locate the Networking Configuration area and click Edit.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                3. Add or delete the default pod subnet. You can select one or more subnets in the same VPC. If no other pod subnet is available, go to the VPC console and create one.
                                                                                                                                                                                                                                                                                                                                                                                                                                                   
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Pod subnets can be deleted from clusters of v1.23.17-r0, v1.25.12-r0, v1.27.9-r0, v1.28.7-r0, v1.29.3-r0, or later versions.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • To ensure that containers in a new CIDR block can access related services such as databases and middleware, allow the traffic from the new CIDR block on the required access ports in the security groups of related services.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the CCE console and access the CCE Turbo cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. On the Settings page, click the Network tab.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  3. In the Container Network area, click Update in the Operation column of default-network (Default Container Subnet).
                                                                                                                                                                                                                                                                                                                                                                                                                                                  4. In the Pod Subnet area, deselect the subnets to be deleted and click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  5. Click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                Modifying the Default Pod Subnet on the Settings Page
                                                                                                                                                                                                                                                                                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                2. On the Settings page, click the Network tab.
                                                                                                                                                                                                                                                                                                                                                                                                                                                3. In the Container Network area, click Update in the Operation column of default-network (Default Container Subnet).
                                                                                                                                                                                                                                                                                                                                                                                                                                                4. In the Pod Subnet area, deselect the subnets to be deleted and click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                   
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Deleting a pod subnet is risky. Make sure that no ENI in the cluster is using the subnet that you plan to delete. This includes ENIs that are being used by pods and prebound ENIs in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    To find out if any ENIs are being used by a cluster, copy the ID of the subnet that you plan to delete. Then, access Network Console and use this ID to filter the ENIs and sub-ENIs associated with the VPC subnet on the Network Interfaces tab page. If the name or description of any of the filtered ENIs contains a cluster ID, then those ENIs are being used by the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • After a subnet is deleted, the security group of the cluster node will not automatically remove the rules associated with the subnet. Make sure that no ENIs in the cluster are still using the subnet and manually clear these rules that are associated with it.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                Precautions for Deleting Container Subnets
                                                                                                                                                                                                                                                                                                                                                                                                                                                When deleting container subnets, pay attention to the following:
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                • CCE clusters of v1.25.16-r30, v1.27.16-r30, v1.28.15-r20, v1.29.13-r0, v1.30.10-r0, v1.31.6-r0, v1.32.1-r0, or later support automatic cleanup of requested network interfaces after subnets are deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Pre-allocated network interfaces are automatically reclaimed when the subnet is deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Network interfaces used by pods without a fixed IP address are automatically reclaimed when the pods are deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Network interfaces used by pods with a fixed IP address are automatically reclaimed after the pods are deleted and the fixed IP addresses expire.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • The eth1 network interface used by nodes is automatically reclaimed when the nodes are deleted or reset.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                • In CCE clusters of v1.25.16-r30, v1.27.16-r30, v1.28.15-r20, v1.29.13-r0, v1.30.10-r0, v1.31.6-r0, v1.32.1-r0, or earlier, network interfaces that have been allocated are not automatically reclaimed when a subnet is deleted. Before deleting a subnet, ensure that no network interfaces in the current cluster are using the subnet, including those used by pods and pre-allocated network interfaces.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  To find out if any network interfaces are being used by a cluster, copy the ID of the subnet that you plan to delete. Then, access Network Console and use this ID to filter the network interfaces and supplementary network interfaces associated with the VPC subnet on the Network Interfaces tab page. If the name or description of any of the filtered network interfaces contains a cluster ID, then those network interfaces are being used by the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                • After a subnet is deleted, the security group of the cluster node will not automatically remove the rules associated with the subnet. Make sure that no network interfaces in the cluster are still using the subnet and manually clear these rules that are associated with it.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
diff --git a/docs/cce/umn/cce_10_0908.html b/docs/cce/umn/cce_10_0908.html
index 328952f14..eb02afd1f 100644
--- a/docs/cce/umn/cce_10_0908.html
+++ b/docs/cce/umn/cce_10_0908.html
@@ -16,6 +16,8 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Kubernetes Metrics Server
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                • 
+
                                                                                                                                                                                                                                                                                                                                                                                                                                              • Grafana
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                • 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
diff --git a/docs/cce/umn/cce_10_0909.html b/docs/cce/umn/cce_10_0909.html
index 4ed2605b8..d762483a9 100644
--- a/docs/cce/umn/cce_10_0909.html
+++ b/docs/cce/umn/cce_10_0909.html
@@ -1,11 +1,8 @@
 
 
-
-  
                                                                                                                                                                                                                                                                                                                                                                                                                                                Cloud Native Heterogeneous Computing Add-ons
                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
-  
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                Cloud Native AI Add-ons
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
diff --git a/docs/cce/umn/cce_10_0919.html b/docs/cce/umn/cce_10_0919.html
index 5c68b0e73..1e08a3629 100644
--- a/docs/cce/umn/cce_10_0919.html
+++ b/docs/cce/umn/cce_10_0919.html
@@ -9,12 +9,12 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                Suggestions
                                                                                                                                                                                                                                                                                                                                                                                                                                                The following provides some suggestions on optimizing the NGINX Ingress Controller add-on in high-traffic scenarios.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                Using a High-Performance Node
                                                                                                                                                                                                                                                                                                                                                                                                                                                In high-concurrency scenarios, ingresses typically need a large number of CPUs and network connections, so you can select a computing-plus ECS to run the add-on instances.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                2. Click the cluster name to access the cluster console. Choose Nodes in the navigation pane. In the right pane, click the Node Pools tab.
                                                                                                                                                                                                                                                                                                                                                                                                                                                3. Click Create Node Pool in the upper right corner to create a node pool and add two nodes to the node pool. The node pool can be dedicated for the NGINX Ingress Controller add-on. For details, see Creating a Node Pool.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  For high-concurrency scenarios, you can select a high-performance ECS such as the general computing-plus c7.8xlarge.2 ECS, with 32 cores, 64 GiB of memory, a maximum bandwidth of 30 Gbit/s, and 5.5 million PPS.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. Choose Nodes in the navigation pane and click the Node Pools tab on the right.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  3. Click Create Node Pool in the upper right corner to create a node pool and add two nodes to the node pool. The node pool can be dedicated for the NGINX Ingress Controller add-on. For details, see Creating a Node Pool.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    For high-concurrency scenarios, you can select a high-performance ECS such as the general computing-plus c7.8xlarge.2 ECS, with 32 cores, 64 GiB of memory, a maximum bandwidth of 30 Gbit/s, and 5.5 million PPS.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  4. In the Advanced Settings area, configure labels and taints for the node pool.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Configure a taint and set its key to nginx-ingress-pod-reserved, value to true, and the effect to NoExecute.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Configure a label and set its key to nginx-ingress-pod-reserved and value to true.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  5. In the navigation pane, choose Add-ons, edit the configurations of NGINX Ingress Controller, and modify the scheduling policies.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Node Affinity: Set it to Customize affinity and configure the add-on to be affinity for the nginx-ingress-pod-reserved: true label.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Toleration: Add a toleration and configure the add-on to tolerate the taint whose label is nginx-ingress-pod-reserved: true and the taint policy is NoExecute.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                Modifying the NGINX Ingress Controller Configuration
                                                                                                                                                                                                                                                                                                                                                                                                                                                You can perform the following operations when installing or editing NGINX Ingress Controller:
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Change the resource limit of the nginx-ingress-controller container. If an application processes HTTP requests with a PRS of 300,000, you can configure the CPU and memory limits, as well as the requested CPU and memory, to 16 vCPU cores and 20 GiB of memory.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Set the number of pods to be greater than or equal to 2.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                Modifying the NGINX Ingress Controller Configuration
                                                                                                                                                                                                                                                                                                                                                                                                                                                You can perform the following operations when installing or editing NGINX Ingress Controller:
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Change the resource limit of the nginx-ingress-controller container. If an application processes HTTP requests with an RPS of 300,000, you can configure the CPU and memory limits, as well as the requested CPU and memory, to 16 CPU cores and 20 GiB of memory.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Set the number of pods to be greater than or equal to 2.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Disable the metric collection of the add-on.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  If you do not need to obtain metrics, you are advised to disable metric collection to reduce the CPU and memory usage of the Nginx container.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Optimize the global configuration by doing as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Increase the maximum number of requests that a keepalive connection can handle.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    Nginx provides the keepalive_requests parameter to control how many requests a single keepalive connection between a client and an upstream server can handle. This parameter defaults to 100.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
@@ -31,7 +31,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                Optimizing Nginx Kernel Parameters
                                                                                                                                                                                                                                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                                                                                                                                                                                                                                Before modifying a kernel parameter, it is important to have a full understanding of its meaning and function. Exercise caution when making changes, because incorrect settings can lead to unexpected system errors and instability.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                Optimizing Nginx Kernel Parameters
                                                                                                                                                                                                                                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                                                                                                                                                                                                                                Before modifying a kernel parameter, it is important to have a full understanding of its meaning and function. Exercise caution when making changes, as incorrect settings can cause unexpected system errors and instability.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                You need to make sure that:
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                1. You have fully understood the functions and impacts of kernel parameters. This helps you set kernel parameters correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                2. The parameter values you entered must be valid and meet the expectation, or the modification will not take effect.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
diff --git a/docs/cce/umn/cce_10_0927.html b/docs/cce/umn/cce_10_0927.html
index 047bb39e3..7c29d7740 100644
--- a/docs/cce/umn/cce_10_0927.html
+++ b/docs/cce/umn/cce_10_0927.html
@@ -2,12 +2,12 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                Preventing Cluster Deletion
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                Unexpected deletion of clusters can occur in practice, especially when multiple users share an account and accidentally delete clusters that do not belong to them. To prevent this issue, you can protect critical clusters against unexpected deletion through the console or APIs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                Preventing Cluster Deletion
                                                                                                                                                                                                                                                                                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                2. In the navigation pane, choose Settings.
                                                                                                                                                                                                                                                                                                                                                                                                                                                3. On the Dashboard tab page, locate Cluster Deletion Protection in the Cluster Settings area and click Enable. After this function is enabled, you are not allowed to delete clusters on CCE.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                Preventing Cluster Deletion
                                                                                                                                                                                                                                                                                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                2. In the navigation pane, choose Settings.
                                                                                                                                                                                                                                                                                                                                                                                                                                                3. On the Dashboard tab page, locate Cluster Deletion Protection in the Cluster Settings area and click Enable. After this function is enabled, you are not allowed to delete clusters on CCE.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                Parent topic: Managing a Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                Parent topic: Managing Clusters
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
diff --git a/docs/cce/umn/cce_10_0930.html b/docs/cce/umn/cce_10_0930.html
index 94c15ac7a..75f1e1c01 100644
--- a/docs/cce/umn/cce_10_0930.html
+++ b/docs/cce/umn/cce_10_0930.html
@@ -24,9 +24,9 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                Table 1 Annotations for configuring a security group for a pod
                                                                                                                                                                                                                                                                                                                                                                                                                                                Annotation
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                Value Range
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                Value Range
                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                yangtse.io/security-group-ids
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                yangtse.io/security-group-ids
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                Configure a security group for a pod. The security group of the pod is subject to the one configured using this annotation. If the pod already has a security group, the original security group will be overwritten.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                Configure a security group for a pod. The security group of the pod is subject to the one configured using this annotation. If the pod already has a security group, the original security group will be overwritten.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                Security group IDs. A maximum of five IDs are allowed. Use commas (,) to separate multiple security groups.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                Security group IDs. A maximum of five IDs are allowed. Use commas (,) to separate multiple security groups.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                If this parameter is left blank, no annotation will be used to configure a security group for the pod.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                yangtse.io/additional-security-group-ids
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                yangtse.io/additional-security-group-ids
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                Add more security groups to a pod.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                Add more security groups to a pod.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                Security group IDs. The total number of newly added security group IDs and existing security group IDs cannot exceed 5. Use commas (,) to separate multiple security groups.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                Security group IDs. The total number of newly added security group IDs and existing security group IDs cannot exceed 5. Use commas (,) to separate multiple security groups.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                Procedure for TLS Secret Certificates
                                                                                                                                                                                                                                                                                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                2. In the navigation pane, choose ConfigMaps and Secrets. In the right pane, click the Secrets tab, find the secret used by the ingress, and click Update.
                                                                                                                                                                                                                                                                                                                                                                                                                                                3. Modify the certificate file in the secret and click OK to update the secret. CCE will automatically synchronize the certificate to the ELB.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                Procedure for TLS Secret Certificates
                                                                                                                                                                                                                                                                                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                2. In the navigation pane, choose ConfigMaps and Secrets. In the right pane, click the Secrets tab, find the secret used by the ingress, and click Update.
                                                                                                                                                                                                                                                                                                                                                                                                                                                3. Modify the certificate file in the secret and click OK to update the secret. CCE will automatically synchronize the certificate to the ELB.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                Procedure for LoadBalancer Service Certificates
                                                                                                                                                                                                                                                                                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                2. In the navigation pane, choose Services & Ingresses. Then, click the Ingresses tab, locate the row containing the target ingress, and choose More > Update in the Operation column.
                                                                                                                                                                                                                                                                                                                                                                                                                                                3. Set Certificate Source to ELB server certificate, select a new server certificate, and click OK to update the ingress.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Procedure for LoadBalancer Service Certificates
                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. In the navigation pane, choose Services & Ingresses. Then, click the Ingresses tab, locate the row containing the target ingress, and choose More > Update in the Operation column.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  3. Set Certificate Source to ELB server certificate, select a new server certificate, and click OK to update the ingress.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
diff --git a/docs/cce/umn/cce_10_0934.html b/docs/cce/umn/cce_10_0934.html
index 70682fbfb..62a34b51f 100644
--- a/docs/cce/umn/cce_10_0934.html
+++ b/docs/cce/umn/cce_10_0934.html
@@ -1,17 +1,21 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                Creating an AHPA Policy
                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                The native Horizontal Pod Autoscaler (HPA) in Kubernetes can cause delays in scaling due to its passive triggering mechanism. To address this issue, the Advanced Horizontal Pod Autoscaler (AHPA) proactively identifies periods of pod scaling and predicts future fluctuations by analyzing historical service metrics.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                The native HPA in Kubernetes is a passive, metric-based mechanism. Auto scaling is only triggered when the current resource usage exceeds the preset threshold. The native HPA scales resources with a delay. The system does not respond quickly enough during peak hours, increasing response delay and deteriorating user experience. During off-peak hours, resources may go wasted for a short period of time. CCE uses AHPA to address the delay. AHPA can identify workload fluctuation periods and predict resource demands based on historical metrics to help you implement predictive scaling.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                Features
                                                                                                                                                                                                                                                                                                                                                                                                                                                AHPA monitors historical workload metrics and performs weekly modeling, making it particularly effective for workloads with clear periodic patterns.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                After AHPA is enabled, it collects monitoring data for a specific workload over a period of one to eight weeks. It then analyzes and models the data using statistical principles. Then, AHPA uses historical monitoring data and future service trends to recommend the optimal number of pods for a workload every minute. This allows pods to be prepared in advance to handle anticipated increases in service volume, ensuring adequate resource availability.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                AHPA can work with HPA and CronHPA to scale pods in complex scenarios.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                AHPA allows you to change the maximum and minimum number of pods in an HPA policy based on the recommended result, or directly adjust the number of pods in a Deployment.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                AHPA and CronHPA share the same approach for adjusting the maximum and minimum pod numbers specified in an HPA policy. For details, see Using CronHPA to Adjust the HPA Scaling Scope.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                                                • CCE Advanced HPA of v1.5.2 or later has been installed in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • The Cloud Native Cluster Monitoring add-on has been installed in the cluster, and the monitoring data is reported to AOM. For details, see Cloud Native Cluster Monitoring.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                                                                                                • AHPA policies apply only to clusters of v1.23 or later.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • For clusters of v1.19.10 and later, if an HPA policy is used to scale out a workload with EVS volumes mounted, a new pod cannot be started because EVS disks cannot be attached.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • The specifications of the CCE Advanced HPA add-on are determined based on the total number of containers in the cluster and the number of scaling policies. Configure 500m CPU cores and 1000 MiB of memory for every 5000 containers, and 100m CPU cores and 500 MiB of memory for every 1000 scaling policies.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • AHPA needs extra memory as it analyzes and processes historical workload data. It is advised to allocate 100m CPU cores and 300 MiB of memory for every 100 AHPA policies.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • After an AHPA policy is created, the type of its associated workload cannot be changed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Either an AHPA policy or a CustomedHPA policy can be enabled.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                                                                                                • AHPA policies apply only to clusters of v1.23 or later.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • For clusters of v1.19.10 and later, if an HPA policy is used to scale out a workload with EVS volumes mounted, a new pod cannot be started because EVS disks cannot be attached.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • The specifications of the CCE Advanced HPA add-on are determined based on the total number of containers in the cluster and the number of scaling policies. Configure 500m and 1,000 MiB of memory for every 5,000 containers, and 100m and 500 MiB of memory for every 1,000 scaling policies.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • AHPA needs extra memory as it analyzes and processes historical workload data. It is advised to allocate 100m CPU cores and 300 MiB of memory for every 100 AHPA policies.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • After an AHPA policy is created, the type of its associated workload cannot be changed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Either an AHPA policy or a CustomedHPA policy can be enabled.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                Enabling an AHPA Policy
                                                                                                                                                                                                                                                                                                                                                                                                                                                1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                2. In the navigation pane, choose Add-ons. Locate CCE Advanced HPA on the right, click Edit, and enable AHPA Policy.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                3. Click OK and wait until the add-on update is complete.
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                Using AHPA
                                                                                                                                                                                                                                                                                                                                                                                                                                                1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                                                                                                                                                                                                                                                2. Deploy a sample workload. If a workload already runs in the cluster, skip this step. It is advised to use a workload that has been monitored for over seven days, as AHPA requires a minimum of seven days of monitoring data.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  kubectl create -f hamster.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Example configuration of hamster.yaml:
                                                                                                                                                                                                                                                                                                                                                                                                                                                  apiVersion: apps/v1
@@ -41,7 +45,7 @@ spec:
             - "while true; do timeout 0.5s yes >/dev/null; sleep 0.5s; done"
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                3. Create an AHPA task.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  kubectl create -f hamster-ahpa.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Example configuration of hamster-vpa.yaml:
                                                                                                                                                                                                                                                                                                                                                                                                                                                  apiVersion: autoscaling.cce.io/v1alpha1
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Example configuration of hamster-ahpa.yaml:
                                                                                                                                                                                                                                                                                                                                                                                                                                                  apiVersion: autoscaling.cce.io/v1alpha1
 kind: AdvancedHorizontalPodAutoscaler
 metadata:
   name: hamster-ahpa
@@ -67,68 +71,68 @@ spec:
   effectiveTime:
   - '* * 11-22 ? * MON-FRI'  # Valid from 11:00 to 22:00, from Monday to Friday
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Table 1 Key AHPA parameters
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@@ -179,7 +183,7 @@ status:
     status: "True"
     type: ScalingActive
   - lastTransitionTime: "2024-10-07T13:24:19Z"
-    message: ths ahpa checkpoint is fresh
+    message: this ahpa checkpoint is fresh
     reason: CheckpointIsFresh
     status: "True"
     type: CheckpointAvailable
@@ -204,7 +208,7 @@ status:
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Parent topic: Scaling a Workload
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Parent topic: Workload Scaling
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
diff --git a/docs/cce/umn/cce_10_0935.html b/docs/cce/umn/cce_10_0935.html
index 93ed6d001..3d79164c0 100644
--- a/docs/cce/umn/cce_10_0935.html
+++ b/docs/cce/umn/cce_10_0935.html
@@ -34,10 +34,6 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                4. Configuring a Custom EIP for a LoadBalancer Ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  5. 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                5. Configuring Advanced Forwarding Rules for a LoadBalancer Ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  6. 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                6. Configuring Advanced Forwarding Actions for a LoadBalancer Ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  7. 
diff --git a/docs/cce/umn/cce_10_0936.html b/docs/cce/umn/cce_10_0936.html
index b4826e5b7..e8cffb2b9 100644
--- a/docs/cce/umn/cce_10_0936.html
+++ b/docs/cce/umn/cce_10_0936.html
@@ -14,6 +14,8 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                7. Configuring Consistent Hashing for Load Balancing of an Nginx Ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  8. 
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                8. Nginx Ingress Usage Suggestions
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  9. 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                9. Optimizing NGINX Ingress Controller in High-Traffic Scenarios
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  10. 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                10. Configuring an ELB Certificate for NGINX Ingress Controller
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
diff --git a/docs/cce/umn/cce_10_0939.html b/docs/cce/umn/cce_10_0939.html
index 547d527c8..965beaaf3 100644
--- a/docs/cce/umn/cce_10_0939.html
+++ b/docs/cce/umn/cce_10_0939.html
@@ -1,9 +1,12 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Configuring the Priorities of Forwarding Rules for LoadBalancer Ingresses
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  When ingresses use the same load balancer listener, forwarding rules can be prioritized based on the following rules:
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Forwarding rules of different ingresses: The rules are sorted based on the priorities (ranging from 1 to 1000) of the kubernetes.io/elb.ingress-order annotation. A smaller value indicates a higher priority.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Forwarding rules of an ingress: If the kubernetes.io/elb.rule-priority-enabled annotation is set to true, the forwarding rules are sorted based on the sequence in which they are added during ingress creation. A forwarding rule added earlier indicates a higher priority. If the kubernetes.io/elb.rule-priority-enabled annotation is not configured, the default sorting of the forwarding rules on the load balancer will be used.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the preceding annotations are not configured, the default sorting of the forwarding rules on the load balancer will be used, regardless of whether the forwarding rules are of the same ingress or different ingresses under the same load balancer listener.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  When multiple ingresses share the same load balancer listener, you can prioritize forwarding rules according to the following guidelines:
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • For forwarding rules within the same ingress: If the kubernetes.io/elb.rule-priority-enabled annotation is set to true, forwarding rules are prioritized based on their order in the paths field in the ingress YAML file. Rules listed higher in the YAML file have a higher priority. If the kubernetes.io/elb.rule-priority-enabled annotation is not specified, the load balancer's sorting rules will apply.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • For forwarding rules across different ingresses: The kubernetes.io/elb.ingress-order annotation is used to determine the priority. Additionally, kubernetes.io/elb.rule-priority-enabled is set to true by default. The rules are as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • The kubernetes.io/elb.ingress-order value ranges from 1 to 1000. A smaller value indicates a higher priority.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Ingresses with the kubernetes.io/elb.ingress-order annotation have a higher priority than those without the annotation.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • If multiple ingresses are labeled with the kubernetes.io/elb.ingress-order annotation, they are prioritized by the annotation value. Within the same ingress, forwarding policies are then sorted by their listed sequence.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the preceding annotations are not configured, the load balancer's sorting rules will apply, regardless of whether the forwarding rules belong to the same ingress or different ingresses under the same load balancer listener.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  For more details, see Examples for Setting the Priorities of Forwarding Rules.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Figure 1 Customizing the priorities of forwarding rules
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • A CCE standard or Turbo cluster is available, and the cluster version meets the following requirements:
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • v1.23: v1.23.15-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • v1.25: v1.25.10-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • v1.27: v1.27.7-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • v1.28: v1.28.5-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • v1.29: v1.29.1-r10 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Other clusters of later versions
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • An available workload has been deployed in the cluster for external access. If no workload is available, deploy a workload by referring to Creating a Deployment, Creating a StatefulSet, or Creating a DaemonSet.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • A Service for external access has been configured for the workload. Services Supported by LoadBalancer Ingresses lists the Service types supported by LoadBalancer ingresses.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -17,18 +20,18 @@ metadata:
   name: test
   namespace: default
   annotations:
-    kubernetes.io/elb.port: '88'
-    kubernetes.io/elb.id: 2c623150-17bf-45f1-ae6f-384b036f547e    # ID of an existing load balancer
-    kubernetes.io/elb.class: performance    # Load balancer type
-    kubernetes.io/elb.ingress-order: '1'    # Priority of a forwarding rule of different ingresses
-    kubernetes.io/elb.rule-priority-enabled: 'true'   # The forwarding rules of an ingress are sorted based on the forwarding rule sequence in paths.
+    kubernetes.io/elb.port: '88'    # The port on the interconnected load balancer
+    kubernetes.io/elb.id: 2c623150-17bf-45f1-ae6f-384b036f547e    # The ID of an existing load balancer
+    kubernetes.io/elb.class: performance    # The load balancer type, which can only be performance
+    kubernetes.io/elb.ingress-order: '1'    # The priority of forwarding rules across different ingresses
+    kubernetes.io/elb.rule-priority-enabled: 'true'   # The forwarding rules of an ingress are prioritized based on the forwarding rule sequence in paths.
 spec:
   rules:
     - host: ''
       http:
         paths:
-          - path: /test1
-            backend:
+          - path: /test1  # Define a forwarding rule.
+            backend:  # The backend Service associated with the rule. The value provided is only an example and can be modified as needed.
               service:
                 name: test1
                 port:
@@ -36,8 +39,8 @@ spec:
             property:
               ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
             pathType: ImplementationSpecific
-          - path: /test2
-            backend:
+          - path: /test2  # Define a forwarding rule.
+            backend:  # The backend Service associated with the rule. The value provided is only an example and can be modified as needed.
               service:
                 name: test2
                 port:
@@ -48,29 +51,29 @@ spec:
   ingressClassName: cce
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  11. Table 1 Key AHPA parameters
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Mandatory
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Mandatory
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  scaleTargetRef
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  scaleTargetRef
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Target Deployment/HPA.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Target Deployment/HPA.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  metrics
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  metrics
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Metrics for scaling, which can only be CPU or memory. Only one metric can be configured. Either CPU or memory can be configured.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Metrics for scaling, which can only be CPU or memory. Only one metric can be configured. Either CPU or memory can be configured.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  maxReplicas
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  maxReplicas
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Maximum number of pods, which ranges from 0 to 2147483647.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Maximum number of pods, which ranges from 0 to 2147483647.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  minReplicas
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  minReplicas
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Minimum number of pods, which ranges from 0 to 2147483647.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Minimum number of pods, which ranges from 0 to 2147483647.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  predictConfig.predictWindowSeconds
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  predictConfig.predictWindowSeconds
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Recommendation time window, which starts from the current time. The historical monitoring data within this time window will be used to calculate the recommended number of pods. The value can range from 1 to 3600.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Recommendation time window, which starts from the current time. The historical monitoring data within this time window will be used to calculate the recommended number of pods. The value can range from 1 to 3600.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  predictConfig.stabilizationWindowSeconds
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  predictConfig.stabilizationWindowSeconds
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  No
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  No
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Scale-in cooling duration. The value ranges from 0 to 3600.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Scale-in cooling duration. The value ranges from 0 to 3600.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  predictConfig.quantile
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  predictConfig.quantile
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Prediction quantile, which indicates the probability that a service metric's actual value will be lower than the preset target value. A higher value indicates a more conservative estimate. The value ranges from 0 to 1. Two decimal places are supported. The default value is 0.99. The recommended value ranges from 0.90 to 0.99.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Prediction quantile, which indicates the probability that a service metric's actual value will be lower than the preset target value. A higher value indicates a more conservative estimate. The value ranges from 0 to 1. Two decimal places are supported. The default value is 0.99. The recommended value ranges from 0.90 to 0.99.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  effectiveTime
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  effectiveTime
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  No
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  No
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  If multiple cron expressions are specified, AHPA will take effect on the combined set of these expressions. The default setting is always valid.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  If multiple cron expressions are specified, AHPA will take effect on the combined set of these expressions. The default setting is always valid.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                   
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Table 1 Annotations for configuring the priorities of forwarding rules
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
-
-
-
-
-
-
-
@@ -87,6 +90,216 @@ spec:
 ingress-test  cce      *         121.**.**.**     88      10s
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Examples for Setting the Priorities of Forwarding Rules
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Assume the following configurations: The kubernetes.io/elb.ingress-order value of ingress A (ingress-a) is set to 1, and this ingress has forwarding rules A and B. The kubernetes.io/elb.ingress-order value of ingress B (ingress-b) is set to 2, and this ingress has forwarding rules C and D.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Example YAML:
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • ingress-a
                                                                                                                                                                                                                                                                                                                                                                                                                                                    apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: ingress-a
+  namespace: default
+  annotations:
+    kubernetes.io/elb.port: '88'    # The port on the interconnected load balancer
+    kubernetes.io/elb.id: f7fb2aa8-34af-48fb-b451-16e8f675ff45    # The ID of the existing load balancer
+    kubernetes.io/elb.class: performance    # The type of the existing load balancer, which can only be performance
+    kubernetes.io/elb.ingress-order: '1'    # The priority of forwarding rules across different ingresses
+    kubernetes.io/elb.rule-priority-enabled: 'true'   # The forwarding rules of an ingress are prioritized based on the forwarding rule sequence in paths.
+spec:
+  rules:
+    - host: ''
+      http:
+        paths:
+          - path: /A  # Define forwarding rule A.
+            backend:  # The backend Service associated with the rule. The value provided is only an example and can be modified as needed.
+              service:
+                name: nginx 
+                port:
+                  number: 80
+            property:
+              ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
+            pathType: ImplementationSpecific
+          - path: /B  # Define forwarding rule B.
+            backend:  # The backend Service associated with the rule. The value provided is only an example and can be modified as needed.
+              service:
+                name: nginx
+                port:
+                  number: 80
+            property:
+              ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
+            pathType: ImplementationSpecific
+  ingressClassName: cce
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • ingress-b
                                                                                                                                                                                                                                                                                                                                                                                                                                                    apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: ingress-b
+  namespace: default
+  annotations:
+    kubernetes.io/elb.port: '88'    # The port on the interconnected load balancer
+    kubernetes.io/elb.id: f7fb2aa8-34af-48fb-b451-16e8f675ff45   # The ID of the existing load balancer
+    kubernetes.io/elb.class: performance    # The type of the existing load balancer, which can only be performance
+    kubernetes.io/elb.ingress-order: '2'    # The priority of forwarding rules across different ingresses
+    kubernetes.io/elb.rule-priority-enabled: 'true'   # The forwarding rules of an ingress are prioritized based on the forwarding rule sequence in paths.
+spec:
+  rules:
+    - host: ''
+      http:
+        paths:  
+          - path: /C  # Define forwarding rule C.
+            backend:  # The backend Service associated with the rule. The value provided is only an example and can be modified as needed.
+              service:
+                name: nginx
+                port:
+                  number: 80
+            property:
+              ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
+            pathType: ImplementationSpecific
+          - path: /D  # Define forwarding rule D.
+            backend:  # The backend Service associated with the rule. The value provided is only an example and can be modified as needed.
+              service:
+                name: nginx
+                port:
+                  number: 80
+            property:
+              ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
+            pathType: ImplementationSpecific
+  ingressClassName: cce
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  The following table lists the sorting order of the load balancer's forwarding policies when ingresses A and B access the same load balancer port.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Table 1 Annotations for configuring the priorities of forwarding rules
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Type
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Type
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  kubernetes.io/elb.ingress-order
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  kubernetes.io/elb.ingress-order
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  String
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  String
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Specifies the sequence of forwarding rules of different ingresses. The value ranges from 1 to 1000. A smaller value indicates a higher priority. The priority of a forwarding rule must be unique under the same load balancer listener.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  The sequence of forwarding rules across different ingresses. The value ranges from 1 to 1000. A smaller value indicates a higher priority. The priority of a forwarding rule must be unique under the same load balancer listener.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  This parameter is available only for dedicated load balancers.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                   NOTE: 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  When this annotation is configured, the kubernetes.io/elb.rule-priority-enabled annotation is enabled by default. The forwarding rules of each ingress will be sorted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                   NOTE: 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • When this annotation is configured, the kubernetes.io/elb.rule-priority-enabled annotation is enabled by default. The forwarding rules of each ingress will be sorted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • The priority specified in the kubernetes.io/elb.ingress-order annotation does not directly equate to the priority of the load balancer's forwarding policy. This annotation can be used to prioritize different ingresses. Ingresses with this annotation have a higher priority than those without the annotation. If multiple ingresses are labeled with this annotation, they are prioritized by the annotation value. A smaller value indicates a higher priority. For more details, see Examples for Setting the Priorities of Forwarding Rules.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  kubernetes.io/elb.rule-priority-enabled
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  kubernetes.io/elb.rule-priority-enabled
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  String
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  String
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  This parameter can only be set to true, indicating to sort the forwarding rules of an ingress. The priorities of the forwarding rules are determined based on the sequence in which they are added during ingress creation. A forwarding rule added earlier indicates a higher priority.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  This parameter can only be set to true, indicating to sort the forwarding rules of an ingress. The forwarding rules are prioritized based on the order they were added during ingress creation. A higher-listed rule indicates a higher priority.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  If this parameter is not configured, the default sorting of the forwarding rules on the load balancer will be used. After this parameter is enabled, it cannot be disabled.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  This parameter is available only for dedicated load balancers.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Priority
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Forwarding Rule
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  1
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  A
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  ingress-a
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  2
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  B
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  ingress-a
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  3
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  C
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  ingress-b
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  4
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  D
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  ingress-b
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  If you add rule E to ingress-b and list the rule ahead of rules C and D, modify the YAML configuration for ingress-b as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: ingress-b
+  namespace: default
+  annotations:
+    kubernetes.io/elb.port: '88'    # The port on the interconnected load balancer
+    kubernetes.io/elb.id: f7fb2aa8-34af-48fb-b451-16e8f675ff45   # The ID of the existing load balancer
+    kubernetes.io/elb.class: performance    # The type of the existing load balancer, which can only be performance
+    kubernetes.io/elb.ingress-order: '2'    # The priority of forwarding rules across different ingresses
+    kubernetes.io/elb.rule-priority-enabled: 'true'   # The forwarding rules of an ingress are prioritized based on the forwarding rule sequence in paths.
+spec:
+  rules:
+    - host: ''
+      http:
+        paths:
+          - path: /E  # Define forwarding rule E.
+            backend:  # The backend Service associated with the rule. The value provided is only an example and can be modified as needed.
+              service:
+                name: nginx
+                port:
+                  number: 80
+            property:
+              ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
+            pathType: ImplementationSpecific
+          - path: /C  # Define forwarding rule C.
+            backend:  # The backend Service associated with the rule. The value provided is only an example and can be modified as needed.
+              service:
+                name: nginx
+                port:
+                  number: 80
+            property:
+              ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
+            pathType: ImplementationSpecific
+          - path: /D  # Define forwarding rule D.
+            backend:  # The backend Service associated with the rule. The value provided is only an example and can be modified as needed.
+              service:
+                name: nginx
+                port:
+                  number: 80
+            property:
+              ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
+            pathType: ImplementationSpecific
+  ingressClassName: cce
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  The following table lists the sorting order of the load balancer's forwarding rules.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Priority
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Forwarding Rule
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  1
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  A
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  ingress-a
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  2
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  B
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  ingress-a
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  3
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  E
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  ingress-b
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  4
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  C
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  ingress-b
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  5
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  D
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  ingress-b
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
diff --git a/docs/cce/umn/cce_10_0940.html b/docs/cce/umn/cce_10_0940.html
deleted file mode 100644
index 7e5e958fc..000000000
--- a/docs/cce/umn/cce_10_0940.html
+++ /dev/null
@@ -1,242 +0,0 @@
-
-
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Configuring Advanced Forwarding Rules for a LoadBalancer Ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Ingresses offer diverse forwarding rules that can match listeners based on different request parameters like HTTP request methods, headers, query strings, CIDR blocks, and cookies. Each listener is associated with an ELB access port. This facilitates flexible service distribution and resource allocation.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Figure 1 How an advanced forwarding rule operates
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • A CCE standard or Turbo cluster is available, and the cluster version meets the following requirements:
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • v1.23: v1.23.18-r10 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • v1.25: v1.25.16-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • v1.27: v1.27.16-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • v1.28: v1.28.13-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • v1.29: v1.29.8-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • v1.30: v1.30.4-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Other clusters of later versions
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • The cluster can be accessed using kubectl. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • This feature is only available when dedicated load balancers are used.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Using kubectl
                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. Create a YAML file named ingress-test.yaml. The file name can be customized.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    vi ingress-test.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    An example YAML file of an ingress created using an existing load balancer is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                    apiVersion: networking.k8s.io/v1 
-kind: Ingress 
-metadata: 
-  annotations: 
-    kubernetes.io/elb.class: performance
-    kubernetes.io/elb.id: ab53c3b2-xxxx-xxxx-xxxx-5ac3eb2887be
-    kubernetes.io/elb.port: '80'
-    # Access the svc-hello1 service. Ensure that this service is available.
-    kubernetes.io/elb.conditions.svc-hello1: |  
-        [ 
-          { 
-            "type": "Method", 
-            "methodConfig": { 
-              "values": [ 
-                "GET", 
-                "POST" 
-              ] 
-            } 
-          }, 
-          { 
-            "type": "Header", 
-            "headerConfig": { 
-              "key": "gray-hello", 
-              "values": [ 
-                "value1", 
-                "value2" 
-              ] 
-            } 
-          }, 
-          { 
-            "type": "Cookie", 
-            "cookieConfig": { 
-              "values": [ 
-                { 
-                  "key": "querystringkey1", 
-                  "value": "querystringvalue2" 
-                }, 
-                { 
-                  "key": "querystringkey3", 
-                  "value": "querystringvalue4" 
-                } 
-              ] 
-            } 
-          }, 
-          { 
-            "type": "QueryString", 
-            "queryStringConfig": { 
-              "key": "testKey", 
-              "values": [ 
-                "testValue" 
-              ] 
-            } 
-          }, 
-          { 
-            "type": "SourceIp", 
-            "sourceIpConfig": { 
-              "values": [ 
-                "192.168.0.0/16", 
-                "172.16.0.0/16" 
-              ] 
-            } 
-          } 
-        ] 
-  name: ingress-test 
-spec: 
-  ingressClassName: cce 
-  rules: 
-   - http: 
-      paths: 
-      - path: /hello1 
-        pathType: ImplementationSpecific 
-        backend: 
-          service: 
-            name: svc-hello1 
-            port: 
-              number: 80
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
-
-
-
-
-
-
-
-
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    Table 1 Annotations for advanced forwarding rules
                                                                                                                                                                                                                                                                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    Type
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.conditions.${svc_name}
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    Configure an advanced forwarding rule. ${svc_name} indicates the Service name, which can contain a maximum of 48 characters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    If the annotation value is set to [], the advanced forwarding rule is deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    An annotation value is in the form of a JSON array. For details, see Table 2.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                     NOTICE: 
                                                                                                                                                                                                                                                                                                                                                                                                                                                    The rules in a condition array are connected by an AND relationship, while the values in the same rule block are connected by an OR relationship. For example, if both Method and QueryString are configured, the target traffic can be distributed only when both rules are met. However, if the Method value is GET or POST, the target traffic can be distributed only when both rules are met and the Method value must be GET or POST.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    Table 2 Array structure
                                                                                                                                                                                                                                                                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    How to Use
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    Example
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    type
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    Matching type. Options:
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Method: HTTP requests are forwarded based on the matched method. This parameter must be used with methodConfig. This parameter can be configured only once.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Header: HTTP requests are forwarded based on the matched header. This parameter must be used with headerConfig.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Cookie: HTTP requests are forwarded based on the matched cookie. This parameter must be used with cookieConfig.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • QueryString: HTTP requests are forwarded based on the matched character string. This parameter must be used with queryStringConfig.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • SourceIp: HTTP requests are forwarded based on the matched CIDR block. This parameter must be used with sourceIpConfig. This parameter can be configured only once.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    None
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    methodConfig
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    An HTTP request method that is used to forward requests. This parameter is used only when type is set to Method.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    Multiple request methods can be concurrently configured, including GET, POST, PUT, DELETE, PATCH, HEAD, and OPTIONS.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    You only need to configure values (an array) for methodConfig.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    {
-  "type": "Method",
-  "methodConfig": {
-     "values": [
-        "GET",
-        "POST"
-     ]
-  }
-}
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    headerConfig
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    An HTTP request header that is used to forward requests. This parameter is used only when type is set to Header.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • A key can only contain letters, digits, underscores (_), and hyphens (-).
                                                                                                                                                                                                                                                                                                                                                                                                                                                      The first letter of the User-agent and Connection HTTP request headers must be capitalized.
                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Multiple values can be configured for a key. A value can only contain letters, digits, and special characters (!#$%&'()*+,.\/:;<=>?@[]^-_'{|}~). Asterisks (*) and question marks (?) can be used as wildcard characters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    You can only configure one key for each headerConfig rule. If you need multiple keys, configure multiple headerConfig rules.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    {
-  "type": "Header",
-  "headerConfig": {
-     "key": "gray-hello",
-     "values": [
-        "value1",
-        "value2"
-     ]
-  } 
-}
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    cookieConfig
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    A cookie that is used to forward requests. This parameter is used only when type is set to Cookie. A cookie consists of a key and a value, which must be configured separately.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • A key can contain 1 to 100 characters and cannot start or end with a space.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • A value can contain 1 to 100 characters. Configure a value for each key.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    You can enter multiple key-value pairs that can contain letters, digits, and special characters (!%'"()*+,./:=?@^-_`~).
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    When configuring cookieConfig, you can configure multiple key-value pairs in values, and these pairs will have an OR relationship with each other.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    { 
-  "type": "Cookie", 
-  "cookieConfig": { 
-     "values": [ 
-        { 
-          "key": "querystringkey1", 
-          "value": "querystringvalue2" 
-        }, 
-        { 
-           "key": "querystringkey3", 
-           "value": "querystringvalue4" 
-        } 
-     ] 
-  } 
-}
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    queryStringConfig
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    A character string that is used to forward requests. If the character string in a request matches the one in the configured forwarding rule, the request will be forwarded. This parameter is used only when type is set to QueryString.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    A query string consists of a key and one or more values. Configure the key and values separately.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • A key can only contain letters, digits, and special characters (!$'()*+,./:;=?@^-_').
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Multiple values can be configured for a key. A value can only contain letters, digits, and special characters (!$'()*+,./:;=?@^-_'). Asterisks (*) and question marks (?) can be used as wildcard characters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    You can only configure one key for each queryStringConfig rule. If you need multiple keys, configure multiple QueryStringConfig rules.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    { 
-   "type": "QueryString", 
-   "queryStringConfig": { 
-      "key": "testKey", 
-      "values": [ 
-          "testValue" 
-      ] 
-   } 
-}
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    sourceIpConfig
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    A CIDR block that is used to forward requests. This parameter is used only when type is set to SourceIp.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    Example CIDR block: 192.168.1.0/24 or 2020:50::44/127
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    You only need to configure values (an array) for sourceIpConfig.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    { 
-   "type": "SourceIp", 
-   "sourceIpConfig": { 
-      "values": [ 
-         "192.168.0.0/16", 
-         "172.16.0.0/16" 
-      ] 
-   } 
-}
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  3. Create an ingress.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    kubectl create -f ingress-test.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    If information similar to the following is displayed, the ingress has been created:
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    ingress/ingress-test created
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  4. Check the created ingress.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    kubectl get ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    If information similar to the following is displayed, the ingress has been created:
                                                                                                                                                                                                                                                                                                                                                                                                                                                    NAME          CLASS    HOSTS     ADDRESS          PORTS   AGE
-ingress-test  cce      *         121.**.**.**     80      10s
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
-
diff --git a/docs/cce/umn/cce_10_0944.html b/docs/cce/umn/cce_10_0944.html
index ee5e366ec..25a356812 100644
--- a/docs/cce/umn/cce_10_0944.html
+++ b/docs/cce/umn/cce_10_0944.html
@@ -3,11 +3,11 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Creating an HPA Policy with Custom Metrics
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Kubernetes' default HPA policy only allows for auto scaling based on CPU and memory usage. However, in more complex service scenarios, this may not be sufficient to meet routine O&M requirements. To resolve this issue, you can configure HPA policies with custom metrics, allowing for flexible workload scaling.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  This section uses an example to describe how to deploy an Nginx application, which uses the container_cpu_usage_core_per_second metric exposed by Prometheus to identify the number of CPU cores used by a container on a per-second basis. For more information about Prometheus metrics, see METRIC TYPES.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Step 1: Install Cloud Native Cluster Monitoring
                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Add-ons.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. Locate the Cloud Native Cluster Monitoring add-on and click Install.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    Prioritize the configurations listed below and adjust any other configurations as needed. For details, see Cloud Native Cluster Monitoring.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                    Step 1: Install Cloud Native Cluster Monitoring
                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    2. In the navigation pane, choose Add-ons. Locate Cloud Native Cluster Monitoring on the right and click Install.
                                                                                                                                                                                                                                                                                                                                                                                                                                                      Prioritize the configurations listed below and adjust any other configurations as needed. For details, see Cloud Native Cluster Monitoring.
                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Data Storage Configuration: Local data storage is mandatory, and other configurations are optional.
                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Custom Metric Collection: Enable this option in this example. If this option is not enabled, custom metrics cannot be collected.
                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                    3. Click Install.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    Step 2: Create a Workload
                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    2. In the navigation pane of the cluster console, choose Workloads. Then, click Create Workload in the upper right corner. Create an Nginx workload. For details, see Creating a Deployment.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                    Step 2: Create a Workload
                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    2. In the navigation pane of the cluster console, choose Workloads. Then, click Create Workload in the upper right corner. Create an Nginx workload. For details, see Creating a Deployment.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                    Step 3: Modify the Configuration File
                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. In the navigation pane of the cluster console, choose ConfigMaps and Secrets and switch to the monitoring namespace.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    2. Update user-adapter-config. You can modify the rules field in user-adapter-config to convert the metrics exposed by Prometheus to metrics that can be associated with HPA.
                                                                                                                                                                                                                                                                                                                                                                                                                                                      Add the following example rule:
                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                      rules:
@@ -27,22 +27,22 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                      • seriesQuery: PromQL request data, which specifies the metrics to be obtained by users. You can configure this parameter as needed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                      • metricsQuery: aggregates the PromQL query data in seriesQuery.
                                                                                                                                                                                                                                                                                                                                                                                                                                                      • resources: data labels in PromQL, which are used to match resources. The resources here refer to api-resource such as pods, namespaces, and nodes in a cluster. You can run kubectl api-resources -o wide to check the resources. The key corresponds to LabelName in the Prometheus data. Ensure that the Prometheus metric data contains LabelName.
                                                                                                                                                                                                                                                                                                                                                                                                                                                      • name: indicates that Prometheus metric names are converted to readable metric names based on regular expression matching. In this example, container_cpu_usage_seconds_total is converted to container_cpu_usage_core_per_second.
                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                    3. Redeploy the custom-metrics-apiserver workload in the monitoring namespace.
                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    4. Run the following command to check whether the metric has been added:
                                                                                                                                                                                                                                                                                                                                                                                                                                                      kubectl get --raw  "/apis/custom.metrics.k8s.io/v1beta1/namespaces/default/pods/*/container_cpu_usage_core_per_second"
                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                    5. Wait for about 15 seconds and run the following command to check whether the metric has been added.
                                                                                                                                                                                                                                                                                                                                                                                                                                                      kubectl get --raw  "/apis/custom.metrics.k8s.io/v1beta1/namespaces/default/pods/*/container_cpu_usage_core_per_second"
                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                    Step 4: Verify HPA Scaling
                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Choose Workloads in the navigation pane. Locate the target workload and choose More > Auto Scaling in the Operation column.
                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                    2. Set Policy Type to HPA+CronHPA and enable an HPA policy. You can use the custom metrics configured in rules to create the HPA policy.
                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    3. Click the workload name and switch to the Auto Scaling tab page. You can find that the HPA policy has been triggered.
                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                    4. Click the workload name and switch to the Auto Scaling tab. You can find that the HPA policy has been triggered.
                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    Parent topic: Scaling a Workload
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                    Parent topic: Workload Scaling
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
diff --git a/docs/cce/umn/cce_10_0945.html b/docs/cce/umn/cce_10_0945.html
index e512e5243..f1be0c5ed 100644
--- a/docs/cce/umn/cce_10_0945.html
+++ b/docs/cce/umn/cce_10_0945.html
@@ -1,7 +1,7 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                    DataPlane V2 Network Acceleration
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                    DataPlane V2 can be enabled for clusters that use Cloud Native 2.0 networks. After this function is enabled, eBPF redirection will be enabled for the capability of network policies.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                    DataPlane V2 can be enabled for clusters that use VPC networks or Cloud Native 2.0 networks. Once enabled, eBPF redirection is supported, which allows the use of network policies.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                     
                                                                                                                                                                                                                                                                                                                                                                                                                                                    CCE DataPlane V2 is released with restrictions. To use this feature, submit a service ticket to CCE.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
@@ -18,19 +18,20 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Supported cluster versions
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  CCE Turbo clusters of v1.27.16-r10, v1.28.15-r0, v1.29.10-r0, v1.30.6-r0, or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  CCE standard clusters (using the VPC networks) of v1.27.16-r30, v1.28.15-r20, v1.29.13-r0, v1.30.10-r0, v1.31.6-r0, or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  CCE Turbo clusters of v1.27.16-r10, v1.28.15-r0, v1.29.10-r0, v1.30.6-r0, or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Usage
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • When creating a CCE Turbo cluster, select Cloud Native Network 2.0 and enable DataPlane V2.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                   NOTICE: 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • After DataPlane V2 is enabled, secure containers (Kata Containers as the container runtime) are not supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Enabled DataPlane V2 cannot be disabled.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • DataPlane V2 can only be enabled for new clusters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • DataPlane V2 is in limited OBT. Upgrading it to a commercial version requires the node to be reset. Exercise caution when enabling this function.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • When creating a CCE standard cluster, select the VPC network in the container network configuration and enable DataPlane V2.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • When creating a CCE Turbo cluster, select Cloud Native Network 2.0 and enable DataPlane V2.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                   NOTICE: 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • After DataPlane V2 is enabled, secure containers (Kata Containers as the container runtime) are not supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Enabled DataPlane V2 cannot be disabled.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • DataPlane V2 can only be enabled for new clusters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • DataPlane V2 is in limited OBT. Upgrading it to a commercial version requires the node to be reset. Exercise caution when enabling this function.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • If Layer 7 network policies or DNS-based policies are enabled for services in your cluster, the traffic that matches these policies will be disrupted during a Cilium upgrade. For details, see the constraints in the community.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Supported OS
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  HCE OS 2.0
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Only HCE OS 2.0 is supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Performance optimization
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -40,14 +41,15 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Bandwidth
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  After DataPlane V2 network acceleration is enabled, pods on the nodes running HCE OS 2.0 use EDT to limit the egress bandwidth. The ingress bandwidth limitation is not supported. In other network modes, a TBF qdisc is used to limit the bandwidth. For details, see Configuring QoS for a Pod.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  After DataPlane V2 network acceleration is enabled, pods on the nodes running HCE OS 2.0 use EDT to limit the egress bandwidth. The ingress bandwidth limitation is not supported. If DataPlane V2 is not enabled, the TBF Qdisc is used to limit the bandwidth. For details, see Configuring QoS for Pods.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  NetworkPolicy
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • The implementation of network policies is different from that of container tunnel networks. For details, see Configuring Network Policies to Restrict Pod Access.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • The IPBlock selector can only select CIDR blocks outside a cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • The IPBlock selector does not have good support for the except keyword, so this keyword is not recommended.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • If a network policy of the egress type is used, the pod fails to access the IP addresses of the hostNetwork pod and node in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Resource consumption
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -97,7 +99,35 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  1.08
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  2.0.2
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  v1.27
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  v1.28
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  v1.29
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  v1.30
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  v1.31
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  v1.32
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Support for only the CCE standard clusters that use VPC networks
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Upgraded Cilium to v1.17.3.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Disabled bpf-lb-sock (by setting bpf-lb-sock=false).
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Disabled host-based firewalls (by setting enable-host-firewall=false).
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Enabled Layer 7 network policies (by setting enable-l7-proxy=true).
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Enabled host-routing (by setting enable-host-legacy-routing=false).
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  v1.17
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  1.0.15
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  v1.27
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  v1.28
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  v1.29
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  v1.30
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  v1.31
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  v1.32
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Disabled bpf-lb-sock (by setting bpf-lb-sock=false).
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  v1.14
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  1.08
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  v1.27
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  v1.28
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -105,24 +135,11 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  v1.30
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  v1.31
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Added Cloud Native Network 2.0 for CCE Turbo clusters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Disabled host-based firewalls (by setting enable-host-firewall=false).
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Disabled L7 network policies (by setting enable-l7-proxy=false).
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Supported CCE Turbo clusters that use Cloud Native 2.0 networks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Disabled host-based firewalls (by setting enable-host-firewall=false).
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Disabled L7 network policies (by setting enable-l7-proxy=false).
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  v1.14
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  1.0.14
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  v1.27
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  v1.28
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  v1.29
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  v1.30
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  v1.31
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Disabled bpf-lb-sock (by setting bpf-lb-sock=false).
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  v1.14
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                   
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
diff --git a/docs/cce/umn/cce_10_0947.html b/docs/cce/umn/cce_10_0947.html
index 7ff1ba43b..cafc74579 100644
--- a/docs/cce/umn/cce_10_0947.html
+++ b/docs/cce/umn/cce_10_0947.html
@@ -3,12 +3,12 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Configuring an ELB Certificate for NGINX Ingress Controller
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  CCE provides the following options for configuring ingress certificates for the Nginx Ingress Controller add-on:
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Secret certificate. Import the required certificate to a CCE secret and specify the default server certificate (default-ssl-certificate) for the add-on.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • ELB certificate. Use an ELB certificate created on the ELB console. There is no need to specify a secret certificate for the add-on.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Figure 1 Differences between the two methods of configuring certificates for the NGINX Ingress Controller
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Figure 1 Differences between the two methods of configuring certificates for the NGINX Ingress Controller
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  This section describes how to configure an ELB certificate for the NGINX Ingress Controller add-on and use that ELB certificate to manage the certificates used by requests.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • The version of the NGINX Ingress Controller add-on installed in the cluster must be 2.2.104, 2.6.53, 3.0.30, or later.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Before enabling the NGINX Ingress Controller add-on, it is necessary to ensure that the associated dedicated load balancer meets the required protocols. For example, an application load balancer supports only HTTP and HTTPS. If TCP is required, the load balancer must support both application and network load balancing.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • With an ELB certificate configured, the default server certificate (default-ssl-certificate) of the NGINX Ingress Controller add-on cannot be used. All external requests must carry the ELB certificate to access services within the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  Procedure
                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Add-ons, locate NGINX Ingress Controller on the right, and click Install.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    If the add-on has been installed, click Manage, select the pod for which you want to configure an ELB certificate, and click Edit.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. In the Extended Parameter Settings area, modify the parameters settings.
                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Configure the service.annotations parameter and check whether the protocol is correct.
                                                                                                                                                                                                                                                                                                                                                                                                                                                      An example is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                      Procedure
                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                      2. In the navigation pane, choose Add-ons. Locate NGINX Ingress Controller on the right and click Install.
                                                                                                                                                                                                                                                                                                                                                                                                                                                        If the add-on has been installed, click Manage, select the pod for which you want to configure an ELB certificate, and click Edit.
                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                      3. In the Extended Parameter Settings area, modify the parameters settings.
                                                                                                                                                                                                                                                                                                                                                                                                                                                        1. Configure the service.annotations parameter and check whether the protocol is correct.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          ...
         "service": {
            "annotations": {
@@ -19,44 +19,44 @@
         },
 ...
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@@ -66,14 +66,14 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          For details about the preceding parameters, see Configuring HTTP/HTTPS for a LoadBalancer Service.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                        2. Configure the targetPort parameter to direct the load balancer access traffic to the HTTP port of the container.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          An example is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                        3. Configure the targetPort parameter to direct the load balancer access traffic to the HTTP port of the container.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          ...
 		"targetPorts": {
 			"http": "http",
 			"https": "http"
 		},
 ...
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Once an ELB certificate is configured, the default server certificate (default-ssl-certificate) configured for the NGINX Ingress Controller becomes unavailable and invalid. It is essential for external requests to include the configured ELB certificate, because requests without it will not be processed properly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Once an ELB certificate is configured, the default server certificate (default-ssl-certificate) configured for the NGINX Ingress Controller becomes unavailable and invalid. It is essential for external requests to include the configured ELB certificate. Otherwise, they will not be processed correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                        4. Configure other mandatory parameters as required and click Install. For details about the parameters, see NGINX Ingress Controller.
                                                                                                                                                                                                                                                                                                                                                                                                                                                        5. After completing the configuration, choose Services & Ingresses in the navigation pane, switch to the kube-system namespace, and check the protocols and listening ports of the add-on. In this example, the protocol is HTTP and HTTPS instead of TCP.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_10_0949.html b/docs/cce/umn/cce_10_0949.html
index e1fd1979b..489d0621d 100644
--- a/docs/cce/umn/cce_10_0949.html
+++ b/docs/cce/umn/cce_10_0949.html
@@ -1,94 +1,477 @@
 
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Configuring Advanced Forwarding Actions for a LoadBalancer Ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Dedicated load balancers offer different forwarding actions to effectively distribute traffic. ELB directs client requests to backend servers based on the specified forwarding rules.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Figure 1 How an advanced forwarding action operates
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Configuring an Advanced Forwarding Policy for a LoadBalancer Ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          When a LoadBalancer ingress is created in a CCE cluster, CCE automatically provisions a listener for the load balancer associated with the ingress on ELB and adds forwarding policies. By default, the ingress routes incoming client requests based on the domain name and path and directs the requests through the listener to the appropriate backend server, either a node or a pod, for processing. During LoadBalancer ingress creation, CCE allows you to define custom forwarding rules and actions for flexible, fine-grained traffic distribution.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Figure 1 How an advanced forwarding policy operates
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          An advanced forwarding policy operates as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. The client initiates a request to the LoadBalancer ingress.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. The load balancer evaluates the request against the forwarding rules defined in the advanced forwarding policy.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. The load balancer forwards the request to the appropriate backend server based on the action specified in the forwarding rule.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          4. The backend server returns a response to the client.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • A CCE standard or Turbo cluster is available, and the cluster version meets the requirements.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • The cluster can be accessed using kubectl. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • This feature is only available when dedicated load balancers are used.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                                                                                                                                                          CCE allows you to configure  and limiting on requests, based on ELB's advanced forwarding for LoadBalancer ingresses. These functions are currently being rolled out, and availability depends on the actual regions that have been officially opened. To use some advanced forwarding actions that are not available on the console yet, submit a service ticket to enable required functions.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Forwarding Rules
                                                                                                                                                                                                                                                                                                                                                                                                                                                          LoadBalancer ingresses support advanced traffic routing by allowing you to configure forwarding rules using the kubernetes.io/elb.conditions.<svc-name> annotation. Incoming requests are evaluated against these rules. If the conditions are met, the requests are forwarded accordingly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          If you set up different rules for the same Service using the same annotation, they must all be matched for a request to go through. But if you set multiple values in the same rule, then the request only needs to match one of them. For example, if both Method and QueryString are configured, the traffic can be distributed only when both rules are met. However, if the Method value includes both GET and POST, the traffic can be distributed only when both rules are met and the request method is either GET or POST.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                                                                                                                                                          You can configure up to 10 advanced forwarding conditions (including domain names and paths) per ingress. Each individual value within a rule counts as one forwarding condition.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          For example, if you define a domain name and a path for an ingress, there are two forwarding conditions, leaving eight remaining. If you then specify two HTTP methods, for example, GET and POST, two more forwarding conditions are used.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                          6. Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Value Type
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Value Type
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          kubernetes.io/elb.class
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          kubernetes.io/elb.class
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          String
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          String
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Load balancer type.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Load balancer type.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • union: shared load balancer
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • performance: dedicated load balancer
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          kubernetes.io/elb.id
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          kubernetes.io/elb.id
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          String
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          String
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          The load balancer ID. You can view the load balancer ID on the ELB console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          The load balancer ID. You can view the load balancer ID on the ELB console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          kubernetes.io/elb.protocol-port
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          kubernetes.io/elb.protocol-port
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          String
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          String
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          The listener port of the NGINX Ingress Controller add-on. The listener protocol must match the type supported by the associated load balancer. For example, if the HTTP/HTTPS protocol is used, a dedicated load balancer that supports application load balancing is needed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          The listener port of the NGINX Ingress Controller add-on. The listener protocol must match the type supported by the associated load balancer. For example, if the HTTP/HTTPS protocol is used, a dedicated load balancer that supports application load balancing is needed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • HTTP/HTTPS: If ports 443 and 80 are used for HTTPS and HTTP, respectively, the parameter value is https:443,http:80.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • TLS: If ports 443 and 80 are used for TLS, the parameter value is tls:443,tls:80.
                                                                                                                                                                                                                                                                                                                                                                                                                                                             NOTE: 
                                                                                                                                                                                                                                                                                                                                                                                                                                                            • To configure TLS for ingresses, make sure the cluster version is v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or a later version.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            • TLS relies on ELB. Before enabling TLS on an ingress, check whether TLS is supported in the current region.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          kubernetes.io/elb.cert-id
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          kubernetes.io/elb.cert-id
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          String
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          String
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          ID of the ELB certificate.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          ID of the ELB certificate.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          To obtain the certificate, log in to the CCE console, choose Service List > Networking > Elastic Load Balance, and click Certificates in the navigation pane. In the load balancer list, copy the ID under the target certificate name.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Table 1 Advanced forwarding actions
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Action
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Table 1 ELB advanced forwarding rules
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Forwarding Rule
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Additional Action
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Reference
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Reference
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Cluster Version
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Cluster Version
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Forward to a backend server group
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          HTTP request method
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          None
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Route HTTP requests based on the request type (such as GET and POST). If a request matches the specified rule, the defined forwarding action is used.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          An annotation example is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          kubernetes.io/elb.conditions.<svc-name>: |  
+  [{ 
+    "type": "Method", 
+    "methodConfig": { 
+      "values": [ 
+        "GET", 
+        "POST" 
+      ] 
+    } 
+  }]
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Default forwarding action of a LoadBalancer ingress. Requests are directly forwarded to backend servers (backend nodes or pods in a cluster) without being processed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          For details about the configuration example and parameters of advanced forwarding rules, see Configuring Advanced Forwarding Rules for a LoadBalancer Ingress.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Creating a LoadBalancer Ingress on the Console
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                          No requirements on cluster versions
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.23: v1.23.18-r10 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.25: v1.25.16-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.27: v1.27.16-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.28: v1.28.13-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.29: v1.29.8-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.30: v1.30.4-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Other clusters of later versions
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Forward to a backend server group
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          HTTP request header
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Limit traffic on requests
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Support traffic limit on requests.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Configuring Traffic Limit for LoadBalancer Ingresses
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.27: v1.27.16-r10 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.28: v1.28.15-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.29: v1.29.10-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.30: v1.30.6-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Other clusters of later versions
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Route requests based on the specific information (such as User-Agent and Content-Type) in HTTP request headers. If a request matches the specified rule, the defined forwarding action is used.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          An annotation example is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          kubernetes.io/elb.conditions.<svc-name>: |  
+  [{ 
+    "type": "Header", 
+    "headerConfig": { 
+      "key": "gray-hello", 
+      "values": [ 
+        "value1", 
+        "value2" 
+      ] 
+    } 
+  }]
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Return a specific response body
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Cookie
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          None
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Directly return a fixed response and do not continue to forward the response to the backend server.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Returning a Specific Response Body for a LoadBalancer Ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.25: v1.25.16-r10 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.27: v1.27.16-r10 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.28: v1.28.15-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.29: v1.29.10-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.30: v1.30.6-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Other clusters of later versions
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Route requests based on the specified keys and values in cookies. If a request matches the specified rule, the defined forwarding action is used.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          An annotation example is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          kubernetes.io/elb.conditions.<svc-name>: |  
+  [{ 
+    "type": "Header", 
+    "headerConfig": { 
+      "key": "gray-hello", 
+      "values": [ 
+        "value1", 
+        "value2" 
+      ] 
+    } 
+  }]
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Return a fixed response
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Query string
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Limit traffic on requests
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Support traffic limit on requests.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Configuring Traffic Limit for LoadBalancer Ingresses
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.27: v1.27.16-r10 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.28: v1.28.15-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.29: v1.29.10-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.30: v1.30.6-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Other clusters of later versions
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Route requests based on the specific parameters and values of the query strings in the URLs. If a request matches the specified rule, the defined forwarding action is used.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          An annotation example is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          kubernetes.io/elb.conditions.<svc-name>: |  
+  [{ 
+    "type": "QueryString", 
+    "queryStringConfig": { 
+      "key": "querykey", 
+      "values": [ 
+        "queryvalue" 
+      ] 
+    } 
+  }]
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Forward to a custom backend server group
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          CIDR block
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Forward LoadBalancer ingress requests to both pods in the CCE cluster (default backend server group) and the ECS groups (custom backend server group) located outside the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Configuring a Custom Backend Server Group for a LoadBalancer Ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.25: v1.25.16-r20 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.27: v1.27.16-r20 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.28: v1.28.15-r10 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.29: v1.29.10-r10 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.30: v1.30.6-r10 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.31: v1.31.4-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Other clusters of later versions
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Route requests based on the source IP addresses from where the requests originate. If a request matches the specified rule, the defined forwarding action is used.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          An annotation example is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          kubernetes.io/elb.conditions.<svc-name>: |  
+  [{ 
+    "type": "SourceIp", 
+    "sourceIpConfig": { 
+      "values": [ 
+        "192.168.0.0/16", 
+        "172.16.0.0/16" 
+      ] 
+    }
+  }]
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                                                                                           
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                                                                                                                                                          CCE allows you to configure and traffic limit on requests, based on ELB's advanced forwarding for LoadBalancer ingresses. These functions are coming soon. To use some advanced forwarding actions that are not available on the console yet, submit a service ticket to enable required functions.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Forwarding Actions
                                                                                                                                                                                                                                                                                                                                                                                                                                                          LoadBalancer ingresses allow you to define multiple forwarding actions through annotations. This gives you flexible control over how requests are handled. The supported forwarding actions include:
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • (Default) Forward to a backend server group: Additional actions like rewrite, CORS, write/remove header, and limit request are supported. Load balancers handle requests based on these additional actions before forwarding them to backend server groups. Among all the additional actions, limit request has the highest priority.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Redirect to another listener: HTTP requests can be redirected to an HTTPS listener.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Return a specific response body: Additional actions such as limit request are supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Forward to a custom backend server group: This action cannot be used together with grayscale release, return a specific response body, or redirect to another URL.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Table 2 ELB advanced forwarding actions
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Forwarding Action
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Additional Action
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Reference
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Cluster Version
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          (Default) Forward to a backend server group
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Limit request
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Support rate limiting on requests.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          An annotation example is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          kubernetes.io/elb.actions.<svc-name>: |
+  [{
+     "type": "TrafficLimit", 
+     "trafficLimitConfig": { 
+       "QPS": 4,
+       "perSourceIpQps": 2,
+       "burst": 2
+     } 
+  }]
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          For details about the configuration example and parameters, see Configuring Limit Request for a LoadBalancer Ingress.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.27: v1.27.16-r10 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.28: v1.28.15-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.29: v1.29.10-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.30: v1.30.6-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Other clusters of later versions
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Return a specific response body
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          None
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Directly return a specific response body and do not continue to forward the response to the backend server.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          An annotation example is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          kubernetes.io/elb.actions.<svc-name>: |
+  [{ 
+     "type": "FixedResponse", 
+     "fixedResponseConfig": { 
+       "contentType": "text/plain", 
+       "statusCode": "503",
+       "messageBody": "503 error text"  
+     } 
+  }]
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          For details about the configuration example and parameters, see Configuring Return a Specific Response Body for a LoadBalancer Ingress.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.25: v1.25.16-r10 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.27: v1.27.16-r10 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.28: v1.28.15-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.29: v1.29.10-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.30: v1.30.6-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Other clusters of later versions
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Return a specific response body
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Limit request
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Support rate limiting on requests.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          An annotation example is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          kubernetes.io/elb.actions.<svc-name>: |
+  [{ 
+     "type": "FixedResponse", 
+     "fixedResponseConfig": { 
+       "contentType": "text/plain", 
+       "statusCode": "503",
+       "messageBody": "503 error text"  
+     } 
+   },
+  { 
+     "type": "TrafficLimit", 
+     "trafficLimitConfig": { 
+       "QPS": 4,
+       "perSourceIpQps": 2,
+       "burst": 2
+     } 
+  }]
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          For details about the configuration example and parameters, see Configuring Limit Request for a LoadBalancer Ingress.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.27: v1.27.16-r10 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.28: v1.28.15-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.29: v1.29.10-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.30: v1.30.6-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Other clusters of later versions
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Forward to a custom backend server group
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Forward LoadBalancer ingress requests to both pods in the CCE cluster (default backend server group) and an ECS group (custom backend server group) located outside the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          An annotation example is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          kubernetes.io/elb.actions.<svc-name>: |
+  [{ 
+     "type": "ForwardPool", 
+     "forwardConfig": [{ 
+       "serviceName": "test",
+       "servicePort": 80,
+       "weight": 90,
+       "type": "service"
+       },{ 
+       "poolID": "53d8516e-xxxx-xxxx-xxxx-b15ffd6b3cca", 
+       "weight": 70,
+       "type": "pool"
+     }]
+  }] 
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          For details about the configuration example and parameters, see Configuring the Forward to a Custom Backend Server Group Action for a LoadBalancer Ingress.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.25: v1.25.16-r20 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.27: v1.27.16-r20 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.28: v1.28.15-r10 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.29: v1.29.10-r10 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.30: v1.30.6-r10 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • v1.31: v1.31.4-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Other clusters of later versions
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          Configuring Advanced Forwarding Rules for a LoadBalancer Ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                          LoadBalancer ingresses can route traffic based on custom HTTP request methods, request headers, query strings, and source CIDR blocks. In this example, traffic is routed to the svc-hello1 Service only when the request path is /hello1 and the following advanced forwarding rules are met:
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • The request method is GET or POST.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • The key in the request header is gray-hello, and the value is value1 or value2.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • The key of the cookie is cookiekey1 and the value is cookievalue1, or the key of the cookie is cookiekey2 and the value is cookievalue2.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • The key of the query string is querykey, and the value is queryvalue.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • The source CIDR block is 192.168.0.0/16 or 172.16.0.0/16.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          The operations and parameter settings are as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. Create a YAML file named ingress-test.yaml. The file name can be customized.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            vi ingress-test.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            An example YAML file of an ingress created using an existing load balancer is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                            apiVersion: networking.k8s.io/v1 
+kind: Ingress 
+metadata: 
+  annotations: 
+    kubernetes.io/elb.class: performance
+    kubernetes.io/elb.id: ab53c3b2-xxxx-xxxx-xxxx-5ac3eb2887be
+    kubernetes.io/elb.port: '80'
+    # The following annotation indicates that the advanced forwarding rules are configured for the svc-hello1 Service. The Service name must be the same as that in the backend field.
+    kubernetes.io/elb.conditions.svc-hello1: |  
+        [ 
+          { 
+            "type": "Method", 
+            "methodConfig": { 
+              "values": [ 
+                "GET", 
+                "POST" 
+              ] 
+            } 
+          }, 
+          { 
+            "type": "Header", 
+            "headerConfig": { 
+              "key": "gray-hello", 
+              "values": [ 
+                "value1", 
+                "value2" 
+              ] 
+            } 
+          }, 
+          { 
+            "type": "Cookie", 
+            "cookieConfig": { 
+              "values": [ 
+                { 
+                  "key": "cookiekey1", 
+                  "value": "cookievalue1" 
+                }, 
+                { 
+                  "key": "cookiekey2", 
+                  "value": "cookievalue2" 
+                } 
+              ] 
+            } 
+          }, 
+          { 
+            "type": "QueryString", 
+            "queryStringConfig": { 
+              "key": "querykey", 
+              "values": [ 
+                "queryvalue" 
+              ] 
+            } 
+          }, 
+          { 
+            "type": "SourceIp", 
+            "sourceIpConfig": { 
+              "values": [ 
+                "192.168.0.0/16", 
+                "172.16.0.0/16" 
+              ] 
+            } 
+          } 
+        ] 
+  name: ingress-test 
+spec: 
+  ingressClassName: cce 
+  rules: 
+   - http: 
+      paths: 
+      - path: /hello1 
+        pathType: ImplementationSpecific 
+        backend: 
+          service: 
+            name: svc-hello1 
+            port: 
+              number: 80
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            Table 3 Annotation for advanced forwarding rules
                                                                                                                                                                                                                                                                                                                                                                                                                                                            Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            Type
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            kubernetes.io/elb.conditions.${svc_name}
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            String
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            Configure advanced forwarding rules. ${svc_name} indicates the Service name, which can contain a maximum of 48 characters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            If the annotation value is set to [], the advanced forwarding rules will be deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            The annotation value is a JSON array. For details, see Table 4.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                             CAUTION: 
                                                                                                                                                                                                                                                                                                                                                                                                                                                            If you set up different rules for the same condition array, they must all be matched for a request to go through. But if you set multiple values in the same rule, then the request only needs to match one of them. For example, if both Method and QueryString are configured, the traffic can be distributed only when both rules are met. However, if the Method value includes both GET and POST, the traffic can be distributed only when both rules are met and the request method is either GET or POST.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                            Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                                                            • A CCE standard or Turbo cluster is available, and the cluster version meets the requirements.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            • The cluster can be accessed using kubectl. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                            Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                                                                                                            • This feature is only available when dedicated load balancers are used.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            Table 4 Array structure
                                                                                                                                                                                                                                                                                                                                                                                                                                                            Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            Example
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            type
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            Matching type. Options:
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Method: HTTP requests are forwarded based on the matched method. This parameter must be used with methodConfig. Method can be configured only once.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Header: HTTP requests are forwarded based on the matched header. This parameter must be used with headerConfig.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Cookie: HTTP requests are forwarded based on the matched cookie. This parameter must be used with cookieConfig.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            • QueryString: HTTP requests are forwarded based on the matched character string. This parameter must be used with queryStringConfig.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            • SourceIp: HTTP requests are forwarded based on the matched CIDR block. This parameter must be used with sourceIpConfig. SourceIp can be configured only once.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            None
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            methodConfig
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            An HTTP request method that is used to forward requests. This parameter is used only when type is set to Method.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            Multiple methods can be concurrently configured, including GET, POST, PUT, DELETE, PATCH, HEAD, and OPTIONS.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            You do not need to configure keys for methodConfig. You only need to configure values (an array) for methodConfig.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            {
+  "type": "Method",
+  "methodConfig": {
+     "values": [
+        "GET",
+        "POST"
+     ]
+  }
+}
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            headerConfig
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            An HTTP request header that is used to forward requests. This parameter is used only when type is set to Header.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            • A key can only contain letters, digits, underscores (_), and hyphens (-).
                                                                                                                                                                                                                                                                                                                                                                                                                                                              The first letter of the User-agent and Connection HTTP request headers must be capitalized.
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Multiple values can be configured for a key. A value can only contain letters, digits, and special characters !#$%&'()*+,.\/:;<=>?@[]^-_'{|}~. Asterisks (*) and question marks (?) can be used as wildcard characters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            You can only configure one key for each headerConfig rule. If you need multiple keys, configure multiple headerConfig rules.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            {
+  "type": "Header",
+  "headerConfig": {
+     "key": "gray-hello",
+     "values": [
+        "value1",
+        "value2"
+     ]
+  } 
+}
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            cookieConfig
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            A cookie that is used to forward requests. This parameter is used only when type is set to Cookie. A cookie consists of a key and a value, which must be configured separately.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            • A key can contain 1 to 100 characters and cannot start or end with a space.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            • A value can contain 1 to 100 characters. Configure a value for each key.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            You can enter multiple key-value pairs that can contain letters, digits, and special characters (!%'"()*+,./:=?@^-_`~).
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            When configuring cookieConfig, you can configure multiple key-value pairs in values, and these pairs will have an OR relationship with each other.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            { 
+  "type": "Cookie", 
+  "cookieConfig": { 
+     "values": [ 
+        { 
+          "key": "cookiekey1", 
+          "value": "cookievalue1" 
+        }, 
+        { 
+           "key": "cookiekey2", 
+           "value": "cookievalue2" 
+        } 
+     ] 
+  } 
+}
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            queryStringConfig
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            A character string that is used to forward requests. If the character string in a request matches the one in the configured forwarding rule, the request will be forwarded. This parameter is used only when type is set to QueryString.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            A query string consists of a key and one or more values. Configure the key and values separately.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            • A key can only contain letters, digits, and special characters !$'()*+,./:;=?@^-_'.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Multiple values can be configured for a key. A value can only contain letters, digits, and special characters !$'()*+,./:;=?@^-_'. Asterisks (*) and question marks (?) can be used as wildcard characters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            You can only configure one key for each queryStringConfig rule. If you need multiple keys, configure multiple QueryStringConfig rules.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            { 
+   "type": "QueryString", 
+   "queryStringConfig": { 
+      "key": "querykey", 
+      "values": [ 
+          "queryvalue" 
+      ] 
+   } 
+}
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            sourceIpConfig
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            A CIDR block that is used to forward requests. This parameter is used only when type is set to SourceIp.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            Example CIDR block: 192.168.1.0/24 or 2020:50::44/127
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            You do not need to configure keys for sourceIpConfig. You only need to configure values (an array) for sourceIpConfig.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            { 
+   "type": "SourceIp", 
+   "sourceIpConfig": { 
+      "values": [ 
+         "192.168.0.0/16", 
+         "172.16.0.0/16" 
+      ] 
+   } 
+}
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                            Returning a Specific Response Body for a LoadBalancer Ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            2. Create a YAML file named ingress-test.yaml. The file name can be customized.
                                                                                                                                                                                                                                                                                                                                                                                                                                                              vi ingress-test.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            3. Create an ingress.
                                                                                                                                                                                                                                                                                                                                                                                                                                                              kubectl create -f ingress-test.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                              If information similar to the following is displayed, the ingress has been created:
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                              ingress/ingress-test created
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            4. Check the created ingress.
                                                                                                                                                                                                                                                                                                                                                                                                                                                              kubectl get ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                              If information similar to the following is displayed, the ingress has been created:
                                                                                                                                                                                                                                                                                                                                                                                                                                                              NAME          CLASS    HOSTS     ADDRESS          PORTS   AGE
+ingress-test  cce      *         121.**.**.**     80      10s
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            Configuring Return a Specific Response Body for a LoadBalancer Ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                            You can configure a specific response status code and content for a LoadBalancer ingress. In this example, when a user accesses the ingress, the status code 503 and "503 error text" are returned.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            The operations and parameter settings are as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                                                                                                                                                                                                                                                            2. Create a YAML file named ingress-test.yaml. The file name can be customized.
                                                                                                                                                                                                                                                                                                                                                                                                                                                              vi ingress-test.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                              An example YAML file of an ingress created using an existing load balancer is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                              apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   annotations:
     kubernetes.io/elb.class: performance
-    kubernetes.io/elb.id: 034baaf0-40e8-4e39-b0d9-bf6e5b883cf9
+    kubernetes.io/elb.id: *****
     kubernetes.io/elb.port: "80"
-    # Configure the capability of returning a fixed response body for the Service named test-service.
+    # The following annotation applies to the test-service Service and is used to configure the return a specific request body action for it.
     kubernetes.io/elb.actions.test-service: |
-    [{  
+     [{ 
        "type": "FixedResponse", 
        "fixedResponseConfig": { 
            "contentType": "text/plain", 
@@ -107,58 +490,58 @@ spec:
               service:
                 name: test-service
                 port:
-                  number: 8888
+                  number: 80
             path: /
             pathType: ImplementationSpecific
             property:
               ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                              Table 2 Annotations for advanced forwarding actions
                                                                                                                                                                                                                                                                                                                                                                                                                                                              Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
-
-
-
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                              Table 5 Annotations for advanced forwarding actions
                                                                                                                                                                                                                                                                                                                                                                                                                                                              Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                              Type
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                              Type
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                              Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                              Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                                                                                                                                                                                                                                               		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                              kubernetes.io/elb.actions.${svc_name}
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                              kubernetes.io/elb.actions.${svc_name}
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                              String
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                              String
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                              Configure an advanced forwarding action for an ingress. ${svc_name} indicates the Service name, which can contain a maximum of 51 characters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                              Configure an advanced forwarding action for an ingress. ${svc_name} indicates the Service name, which can contain a maximum of 51 characters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                              If the annotation value is set to [], all advanced forwarding actions will be deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                              The annotation value of a fixed response is a JSON string array. For details, see Table 3.
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                              The annotation value of a fixed response is a JSON string array. For details, see Table 6.
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                                                                                                                                                                                                                                               		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                                                                                                                                                                                                                                               
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                              Table 3 Parameters for a fixed response
                                                                                                                                                                                                                                                                                                                                                                                                                                                              Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
-
-
-
-
-
-
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                              Table 6 Parameters for a fixed response
                                                                                                                                                                                                                                                                                                                                                                                                                                                              Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                              Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                              Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                              Example
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                              Example
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                                                                                                                                                                                                                                               		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                              type
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                              type
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                              The value is fixed at FixedResponse, indicating that a fixed response will be returned.
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                              The value is fixed at FixedResponse, indicating that a fixed response will be returned.
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                               NOTE: 
                                                                                                                                                                                                                                                                                                                                                                                                                                                              For advanced forwarding actions, you can add a maximum of one fixed response configuration to an annotation.
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                              None
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                              None
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                                                                                                                                                                                                                                               		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                              fixedResponseConfig
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                              fixedResponseConfig
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                              • contentType: format of the returned content. The options are text/plain, text/css, text/html, application/javascript, and application/json.
                                                                                                                                                                                                                                                                                                                                                                                                                                                              • statusCode: By default, 2xx, 4xx, and 5xx status codes are supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                                              • messageBody: Enter 0 to 1024 characters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                 NOTICE: 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                This parameter cannot be left empty when rate limiting is configured.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                              • contentType: format of the returned content. The options are text/plain, text/css, text/html, application/javascript, and application/json.
                                                                                                                                                                                                                                                                                                                                                                                                                                                              • statusCode: By default, 2xx, 4xx, and 5xx status codes are supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                                              • (Mandatory) messageBody: Enter 0 to 1024 characters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                 NOTICE: 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                This parameter cannot be left empty when rate limiting is configured.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                              { 
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                              { 
    "type": "FixedResponse", 
    "fixedResponseConfig": { 
       "contentType": "text/plain", 
@@ -179,25 +562,27 @@ spec:
 ingress-test  cce      *         121.**.**.**     80      10s
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                              Configuring Traffic Limit for LoadBalancer Ingresses
                                                                                                                                                                                                                                                                                                                                                                                                                                                              1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                                                                                                                                                                                                                                                              2. Create a YAML file named ingress-test.yaml. The file name can be customized.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                vi ingress-test.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                              Configuring Limit Request for a LoadBalancer Ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                              You can configure limit request for a LoadBalancer ingress. In this example, when a user accesses the ingress, limit request is applied. The Queries Per Second (QPS) is set to 4, with a per-client source IP address QPS limit of 2. Additionally, up to 2 extra requests in a burst above the QPS limit is allowed during brief traffic spikes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                              The operations and parameter settings are as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                              1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                                                                                                                                                                                                                                                              2. Create a YAML file named ingress-test.yaml. The file name can be customized.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                vi ingress-test.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                An example YAML file of an ingress created using an existing load balancer is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   annotations:
     kubernetes.io/elb.class: performance
-    kubernetes.io/elb.id: 034baaf0-40e8-4e39-b0d9-bf6e5b883cf9
+    kubernetes.io/elb.id: *****
     kubernetes.io/elb.port: "80"
-    # Configure ELB traffic limit for the test-service Service.
+    # The following annotation applies to the test-service Service and is used to configure the limit request action for it.
     kubernetes.io/elb.actions.test-service: |
-     [{ 
+     [{ 
        "type": "TrafficLimit", 
        "trafficLimitConfig": { 
            "QPS": 4,
            "perSourceIpQps": 2,
            "burst": 2
        } 
-     }]
+     }]
   name: ingress-test
   namespace: default
 spec:
@@ -209,57 +594,59 @@ spec:
               service:
                 name: test-service
                 port:
-                  number: 8888
+                  number: 80
             path: /
             pathType: ImplementationSpecific
             property:
               ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                Table 4 Annotations for advanced forwarding actions
                                                                                                                                                                                                                                                                                                                                                                                                                                                                Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
-
-
-
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                Table 7 Annotations for advanced forwarding actions
                                                                                                                                                                                                                                                                                                                                                                                                                                                                Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                Type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                Type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                kubernetes.io/elb.actions.${svc_name}
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                kubernetes.io/elb.actions.${svc_name}
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                String
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                String
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                Configure an advanced forwarding action for an ingress. ${svc_name} indicates the Service name, which can contain a maximum of 51 characters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                Configure an advanced forwarding action for an ingress. ${svc_name} indicates the Service name, which can contain a maximum of 51 characters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                If the annotation value is set to [], all advanced forwarding actions will be deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                The value of an annotation for configuring traffic limit is a JSON array. For details, see Table 5.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                The value of an annotation for configuring traffic limit is a JSON array. For details, see Table 8.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                                 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                Table 5 Parameters for configuring traffic limit
                                                                                                                                                                                                                                                                                                                                                                                                                                                                Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
-
-
-
-
-
-
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                Table 8 Parameters for configuring traffic limit
                                                                                                                                                                                                                                                                                                                                                                                                                                                                Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                Example
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                Example
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                The value is fixed at TrafficLimit, indicating that traffic limit is enabled for a load balancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                The value is fixed at TrafficLimit, indicating that traffic limit is enabled for a load balancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                 NOTE: 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                For advanced forwarding actions, you can add a maximum of one traffic limit configuration to an annotation.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                None
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                trafficLimitConfig
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                trafficLimitConfig
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                • QPS: the total traffic limit, which specifies the maximum QPS value. The value ranges from 0 to 100000. Value 0 means no limit. If the number of requests reaches the specified value, new requests will be discarded and 503 Service Unavailable will be returned to the client.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                • (Optional) perSourceIpQps: traffic limit per client source IP address. The value ranges from 0 to 100000. Value 0 means no limit.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If both QPS and perSourceIpQps are configured, the latter value must be smaller than the former. If the number of requests reaches the specified value, new requests will be discarded and 503 Service Unavailable will be returned to the client.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                • QPS: the total traffic limit, which specifies the maximum QPS value. The value ranges from 0 to 100000. Value 0 means no limit. If the number of requests reaches the specified value, new requests will be discarded and 503 Service Unavailable will be returned to the client.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                • (Optional) perSourceIpQps: traffic limit per client source IP address. The value ranges from 0 to 100000. Value 0 means no limit.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If both QPS and perSourceIpQps are configured, the latter value must be smaller than the former. If the number of requests reaches the specified value, new requests will be discarded and 503 Service Unavailable will be returned to the client.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                • (Optional) burst: the size of a burst buffer. The value ranges from 0 to 100000. The burst rate enables temporary surges above the average rate to manage sudden spikes in requests. For instance, if the limit is set to 5 but the burst rate is 10, five more requests can be processed within 1 second. However, if the number of requests exceeds 10, only five requests are allowed within 1 second.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                 CAUTION: 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                After trafficLimitConfig is configured, deleting a single field in it on CCE does not remove the corresponding configuration from ELB. To disable rate limiting, set the parameter value to 0. To completely remove the rate limiting, delete the entire trafficLimitConfig field.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                { 
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                { 
    "type": "TrafficLimit", 
    "trafficLimitConfig": { 
       "QPS": "4", 
@@ -280,32 +667,34 @@ spec:
 ingress-test  cce      *         121.**.**.**     80      10s
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                Configuring a Custom Backend Server Group for a LoadBalancer Ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Configuring a custom backend server group for a LoadBalancer ingress is subject to the capabilities of your ELB service. Before using this feature, submit a service ticket to enable the required ELB capabilities.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Custom backend server groups cannot be used for grayscale release or fixed responses.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                • If you configure a custom backend server group for a LoadBalancer ingress, the number field for the backend Services of the ingress will be invalid and the port name must be set to use-annotation. For details, see the example provided in this section.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                • When configuring a custom backend server group for a LoadBalancer ingress, ensure that each Service name and backend server group ID are unique.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                Configuring the Forward to a Custom Backend Server Group Action for a LoadBalancer Ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Configuring a custom backend server group for a LoadBalancer ingress is subject to the capabilities of your ELB service. Before using this feature, submit a service ticket to enable the required ELB capabilities.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                • The forward to a custom backend server group action cannot be used together with grayscale release, return a specific response body, or redirect to another URL.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                • If you configure the forward to a custom backend server group action for a LoadBalancer ingress, the number field for the backend Services of the ingress will be invalid and the Service port name must be set to use-annotation. For details, see the example provided in this section.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                • When configuring the forward to a custom backend server group action for a LoadBalancer ingress, ensure that each Service name and backend server group ID are unique.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                • If you configure the kubernetes.io/elb.slowstart or kubernetes.io/elb.pool-protocol annotation when configuring the forward to a custom backend server group action for a LoadBalancer ingress, the annotation applies only to the default backend server groups automatically created by CCE. It does not apply to any custom backend server groups configured on ELB.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                2. Create a YAML file named ingress-test.yaml. The file name can be customized.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                  vi ingress-test.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                  You can forward requests from an ingress to multiple custom backend server groups by weight. In this example, when a user accesses example.com, traffic is distributed between two backend server groups. Some is distributed to the backend server group associated with the test Service, assigned a weight of 90. The remaining traffic is directed to the load balancer's backend server group, which has a weight of 70.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The operations and parameter settings are as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. Create a YAML file named ingress-test.yaml. The file name can be customized.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    vi ingress-test.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    An example YAML file of an ingress created using an existing load balancer is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   annotations:
     kubernetes.io/elb.class: performance
-    kubernetes.io/elb.id: 034baaf0-40e8-4e39-b0d9-bf6e5b883cf9
+    kubernetes.io/elb.id: *****
     kubernetes.io/elb.port: "80"
-    # Configure a custom backend server group for Service forward-demo, where the Service name in paths must match forward-demo and the port name must be use-annotation.
+    # The following annotation is used to configure a backend server group associated with a Service and a load balancer's backend server group for the ingress. forward-demo is the Service name in the backend field.
     kubernetes.io/elb.actions.forward-demo: |
-    [{ 
+     [{ 
        "type": "ForwardPool", 
        "forwardConfig": [{ 
-          "serviceName": "test", 
-          "servicePort": 80, 
-          "weight": 90, 
-          "type": "service" 
+          "serviceName": "test",
+          "servicePort": 80,
+          "weight": 90,
+          "type": "service"
           },{ 
-            "poolID": "53d8516e-xxxx-xxxx-xxxx-b15ffd6b3cca",  
-            "weight": 70, 
-            "type": "pool" 
-         }]
-    }] 
+          "poolID": "*****", 
+          "weight": 70,
+          "type": "pool"
+       }]
+     }] 
   name: ingress-test
   namespace: default
 spec:
@@ -316,56 +705,56 @@ spec:
         paths:
           - backend:
               service:
-                name: forward-demo
+                name: forward-demo   # When configuring a custom backend server group, ensure that it has the same name as the Service specified in the annotation. In this example, the Service name is forward-demo.
                 port:
-                  name: use-annotation   # When forwardPool is enabled, this parameter becomes invalid, and the port name must be set to use-annotation.
+                  name: use-annotation   # When you configure a custom backend server group, the original port.number field becomes invalid. You must instead specify the port.name parameter and set it to use-annotation.
             path: /
             pathType: ImplementationSpecific
             property:
               ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Table 6 Annotations for advanced forwarding actions
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
-
-
-
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Table 9 Annotations for advanced forwarding actions
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.actions.${svc_name}
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.actions.${svc_name}
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    String
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Configure an advanced forwarding action for an ingress. ${svc_name} indicates the Service name, which can contain a maximum of 51 characters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Configure an advanced forwarding action for an ingress. ${svc_name} indicates the Service name, which can contain a maximum of 51 characters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If the annotation value is set to [], all advanced forwarding actions will be deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The value of an annotation for configuring a custom backend server group is a JSON string array. For details, see Table 7.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The value of an annotation for configuring a custom backend server group is a JSON string array. For details, see Table 10.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                     
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Table 7 Parameters for configuring a custom backend server group
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
-
-
-
-
-
-
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Table 10 Parameters for configuring a custom backend server group
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Example
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Example
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The value is fixed at ForwardPool, indicating that a custom backend server group is configured for a load balancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The value is fixed at ForwardPool, indicating that a custom backend server group is configured for a load balancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                     NOTE: 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    A maximum of one custom backend server group can be added to an advanced forwarding action annotation.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    None
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    None
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    forwardConfig
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    forwardConfig
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                     NOTE: 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    A maximum of five custom backend server groups can be added to this parameter.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                     NOTE: 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    A maximum of five custom backend server groups can be added to this parameter.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • type: type of a custom backend server group, which can be service or pool.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • service: CCE automatically creates a backend server group for each Service and manages its lifecycle.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • pool: You need to create and maintain the backend server group on the ELB console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • poolID: mandatory when type is set to pool.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      This parameter specifies the ID of the backend server group under the target ingress's load balancer. The ID must be unique for each group.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
@@ -373,7 +762,7 @@ spec:
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • servicePort: mandatory when type is set to service.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      This parameter specifies a Service port.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • weight: weight for distributing traffic to each backend server group, ranging from 0 to 100.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    { 
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    { 
     "type": "ForwardPool", 
     "forwardConfig": [{ 
        "serviceName": "test",
@@ -395,15 +784,213 @@ spec:
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If information similar to the following is displayed, the ingress has been created:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    ingress/ingress-test created
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                  3. Check the created ingress.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    kubectl get ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If information similar to the following is displayed, the ingress has been created:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    NAME          CLASS    HOSTS     ADDRESS          PORTS   AGE
-ingress-test  cce      *         121.**.**.**     80      10s
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If information similar to the following is displayed, the ingress has been created:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    NAME          CLASS    HOSTS         ADDRESS          PORTS   AGE
+ingress-test  cce      example.com   121.**.**.**     80      10s
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4. 
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Combined Application Scenarios
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Advanced forwarding rules and actions can be combined to meet various requirements. Some examples are shown in the table below.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Rules to Be Applied When an Ingress Is Accessed
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Actions to Be Performed
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Target Service (Backend Service)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Domain name: example.com
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Request path: /path1
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Other advanced forwarding rules:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Request method: GET or POST
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Request header: gray-hello:value1 or gray-hello:value2
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Request cookie: cookiekey1:cookievalue1 or cookiekey2:cookievalue2
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Query string: querykey:queryvalue
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • CIDR block: 192.168.0.0/16 or 172.16.0.0/16
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The following actions will be performed during forwarding:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Write the user-defined request header aa:aa.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Delete the request header with the key dd.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    test
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Domain name: example.com
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Request path: /path2
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The following actions will be performed during forwarding:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Return a specific response with status code 503 and the content 503 error text.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Set the total QPS limit to 67 and limit the QPS per client source IP address to 3.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    test2
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Domain name: example.com
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Path: /path3
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The following actions will be performed during forwarding:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Forward to the backend server groups associated with the test (weight: 90) and test2 (weight: 10) and Services.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Set the total QPS limit to 67 and limit the QPS per client source IP address to 3.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Write the user-defined request header aa:aa.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    test and test2
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The YAML file example is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: ingress-demo
+  namespace: default
+  annotations:
+    kubernetes.io/elb.class: performance
+    kubernetes.io/elb.id: *****
+    kubernetes.io/elb.listener-master-ingress: default/ingress-demo
+    kubernetes.io/elb.port: '80' 
+    # The following annotation applies to the test Service and is used to add multiple load balancer forwarding matching conditions to it.
+    kubernetes.io/elb.conditions.test: |  
+        [ 
+          { 
+            "type": "Method", 
+            "methodConfig": { 
+              "values": [ 
+                "GET", 
+                "POST" 
+              ] 
+            } 
+          }, 
+          { 
+            "type": "Header", 
+            "headerConfig": { 
+              "key": "gray-hello", 
+              "values": [ 
+                "value1", 
+                "value2" 
+              ] 
+            } 
+          }, 
+          { 
+            "type": "Cookie", 
+            "cookieConfig": { 
+              "values": [ 
+                { 
+                  "key": "cookiekey1", 
+                  "value": "cookievalue1" 
+                }, 
+                { 
+                  "key": "cookiekey2", 
+                  "value": "cookievalue2" 
+                } 
+              ] 
+            } 
+          }, 
+          { 
+            "type": "QueryString", 
+            "queryStringConfig": { 
+              "key": "querykey", 
+              "values": [ 
+                "queryvalue" 
+              ] 
+            } 
+          }, 
+          { 
+            "type": "SourceIp", 
+            "sourceIpConfig": { 
+              "values": [ 
+                "192.168.0.0/16", 
+                "172.16.0.0/16" 
+              ] 
+            } 
+          } 
+        ]  
+    # The following annotation applies to the test Service and is used to configure the write/remove header action for it.
+    kubernetes.io/elb.actions.test: |
+      [{
+          "type": "InsertHeader",
+          "InsertHeaderConfig": {
+              "key": "aa",
+              "value_type": "USER_DEFINED",
+              "value": "aa"
+          }
+      },{
+          "type": "RemoveHeader",
+          "RemoveHeaderConfig": {
+              "key": "dd"
+          }
+      }]   
+    # The following annotation applies to the test2 Service and is used to configure the return a specific response body and limit request actions for it.
+    kubernetes.io/elb.actions.test2: |
+        [{ 
+          "type": "FixedResponse", 
+          "fixedResponseConfig": { 
+              "contentType": "text/plain", 
+              "statusCode": "503",
+              "messageBody": "503 error text"  
+          }},{
+         "type": "TrafficLimit",
+         "TrafficLimItConfig": {
+             "perSourceIpQps": 3,
+             "qps": 67
+                }}
+         ]
+    # The following annotation applies to the test3 Service and is used to configure the write header, limit request, and forward to custom backend server groups (associated with test and test2) actions for it.
+    kubernetes.io/elb.actions.test3: | 
+      [{
+          "type": "InsertHeader",
+          "InsertHeaderConfig": {
+              "key": "aa",
+              "value_type": "USER_DEFINED",
+              "value": "aa"
+          }
+      },{
+       "type": "ForwardPool",
+       "forwardConfig": [{
+            "serviceName": "test",
+            "servicePort": 80,
+            "weight": 90,
+            "type": "service"
+         },{
+            "serviceName": "test2",
+            "servicePort": 80,
+            "weight": 10,
+            "type": "service"
+         }]
+       },{
+       "type": "TrafficLimit",
+       "TrafficLimItConfig": {
+           "perSourceIpQps": 3,
+           "qps": 67
+           }}
+       ]
+spec:
+  ingressClassName: cce
+  rules:
+    - host: example.com
+      http:
+        paths:
+          - path: /path1
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: test
+                port:
+                  number: 80
+            property:
+              ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
+          - path: /path2
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: test2
+                port:
+                  number: 80
+            property:
+              ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
+          - path: /path3
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: test3
+                port:
+                  name: use-annotation  # If the forward to custom backend server group ("type": "ForwardPool") action is specified, port.name must be set to use-annotation.
+            property:
+              ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
 
 
diff --git a/docs/cce/umn/cce_10_0950.html b/docs/cce/umn/cce_10_0950.html
index 022f9a212..0a9783105 100644
--- a/docs/cce/umn/cce_10_0950.html
+++ b/docs/cce/umn/cce_10_0950.html
@@ -2,39 +2,66 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Forwarding Policy Priorities of LoadBalancer Ingresses
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    CCE sets up forwarding policies on the ELB console based on the rules specified in the ingress configurations when creating LoadBalancer ingresses.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    To handle more complex traffic routing needs, CCE has integrated the advanced forwarding policies of ELB, which means it supports advanced features like URL redirection and rewriting. However, note that the sorting logic for the advanced forwarding policies is different from the logic used for common forwarding policies.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Specifically:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • If the ELB advanced forwarding policies are not enabled, the forwarding policies are sorted by domain name or path. For details, see Default Sorting.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • After the ELB advanced forwarding policies are enabled, requests are matched based on the priorities and then forwarded to clients. For details, see Priority.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Default Sorting
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If the ELB advanced forwarding policies are not enabled, the default sorting rule of forwarding policies is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Forwarding rule priorities are independent of each other regardless of domain names. When a request matches both a domain name-based rule and a URL-based rule, the domain name-based rule is matched first.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • URL-based forwarding rules are applied in the following order of priority: an exact match rule, a prefix match rule, and a regular expression match rule. For multiple matches of the same type, only the longest URL-based forwarding rule will be applied.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    To address more complex traffic routing requirements, CCE has integrated advanced forwarding policies from ELB. This integration enables features such as URL redirection and rewriting. Note that the sorting logic for these advanced forwarding policies differs from that of standard forwarding policies.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The following table lists their differences.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Table 1 Example of a forwarding policy with the default sorting
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Forwarding Policy
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
-
-
-
-
-
-
-
-
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Scenario
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Specified Value
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    No Priority Specified
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Order
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Priority Specified
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    URL (exact match)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    ELB advanced forwarding disabled
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    /test1/test2/test3
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Forwarding policies are sorted based on domain name or path mappings. For details, see Default Sorting.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Forwarding policies are sorted based on a specified priority.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • For forwarding policies within the same ingress: Use the kubernetes.io/elb.rule-priority-enabled annotation. If this annotation is set to true, the forwarding policies are sorted according to the sequence of forwarding rules defined in the paths field in the ingress YAML file. Policies listed higher in the YAML file have a higher priority.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • For forwarding policies across different ingresses: The kubernetes.io/elb.ingress-order annotation is used to determine the priority. Additionally, kubernetes.io/elb.rule-priority-enabled is set to true by default. The rules are as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The kubernetes.io/elb.ingress-order value ranges from 1 to 1000. A smaller value indicates a higher priority.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Ingresses with the kubernetes.io/elb.ingress-order annotation have a higher priority than those without the annotation.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • If multiple ingresses are labeled with the kubernetes.io/elb.ingress-order annotation, they are sorted by the annotation value. Within the same ingress, forwarding policies are then sorted by their listed sequence.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    For more details, see Configuring the Priorities of Forwarding Rules for LoadBalancer Ingresses.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    URL (prefix match)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    ELB advanced forwarding enabled
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    /test1/test2
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Forwarding policies are prioritized by creation time, with earlier-created policies having a higher priority. Requests are matched and forwarded accordingly. For details, see Sort by Creation Time.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    URL (prefix match)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Default Sorting
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If the ELB advanced forwarding policies are not enabled, the default sorting rule of forwarding policies is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Forwarding rule priorities are independent of each other regardless of domain names. When a request matches both a domain name-based rule and a URL-based rule, the domain name-based rule is matched first.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • URL-based forwarding rules are applied in the following order of priority: an exact match rule, a prefix match rule, and a regular expression match rule. For multiple matches of the same type, only the longest URL-based forwarding rule will be applied.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
+
+
+
+
-
-
+
+
+
+
+
+
+
+
@@ -43,30 +70,30 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Once a forwarding policy is created, the system automatically sorts it based on the default sorting rule. Examples are as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • The access request to www.example.com/test1/test2 matches both forwarding policies 2 and 3. If the match types are the same, the priority is determined by the length of the URL, with longer URLs having higher priority. In this case, the access request will be forwarded based on the forwarding policy 2.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • The access request to www.example.com/test1/test2/test3 matches forwarding policies 1, 2, and 3. An exact match is preferred, so the access request will be forwarded based on the forwarding policy 1.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Priority
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    With ELB advanced forwarding policies enabled, each request is matched based on the forwarding policy priority (a smaller value indicates a higher priority). Once a forwarding policy is matched, the request is forwarded based on this forwarding policy.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Sort by Creation Time
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    When ELB advanced forwarding is enabled, each forwarding policy is numbered based on its creation time. A smaller value indicates a higher priority. Requests are matched sequentially to these policies. Once a policy is matched, the request is forwarded accordingly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The rules for configuring the priority of a forwarding policy are as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • The existing forwarding policies will maintain their original priority sequence before an advanced forwarding policy is configured.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Once an advanced forwarding policy is set up, any new forwarding policy added will have the lowest priority. The default forwarding policy always has the lowest priority and is not included in the sorting process. Additionally, you have the option to manually specify the priority of a new forwarding policy. For details, see Configuring the Priorities of Forwarding Rules for LoadBalancer Ingresses.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • The existing forwarding policies will maintain their original priority sequence before an advanced forwarding policy is configured.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Once an advanced forwarding policy is set up, any new forwarding policy added will have the lowest priority. The default forwarding policy always has the lowest priority and is not included in the sorting process.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Table 1 Example of a forwarding policy with the default sorting
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Forwarding Policy
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Specified Value
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Order
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    URL (exact match)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    /test1
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    /test1/test2/test3
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    URL (prefix match)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    /test1/test2
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    URL (prefix match)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    /test1
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                     
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Table 2 Example of a forwarding policy configured with priorities
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Forwarding Policy
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
-
-
-
-
-
-
-
diff --git a/docs/cce/umn/cce_10_0954.html b/docs/cce/umn/cce_10_0954.html
index c373a6c7f..a075ee1fc 100644
--- a/docs/cce/umn/cce_10_0954.html
+++ b/docs/cce/umn/cce_10_0954.html
@@ -1,58 +1,84 @@
 
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Configuring Multiple Ingresses to Use the Same External ELB Port
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    In a cluster, multiple ingresses can share a listener, allowing them to use the same port on a single load balancer. If two ingresses have different listener configurations, the listener configuration of the earlier ingress (known as the first route) will be used. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Configuring Multiple Ingresses to Use the Same Load Balancer
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Multiple Ingresses Accessing the Same External ELB Port
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    In a cluster, you can configure multiple ingresses to use the same ELB listener, allowing them to use the same port on a single load balancer. If two ingresses have different listener configurations, the listener configuration of the earlier ingress (known as the first route) will be used. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Figure 1 Diagram for multiple ingresses to use the same external ELB port
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The following table lists listener parameters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Table 2 Example of a forwarding policy configured with priorities
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Forwarding Policy
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Specified Value
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Specified Value
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Priority
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Priority
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    URL (prefix match)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    URL (prefix match)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    /test1
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    /test1
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    URL (exact match)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    URL (exact match)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    /test1
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    /test1
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Listener
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Listener
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Annotation
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Annotation
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Documentation
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Helpful Links
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Configuring ELB Certificates
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Configuring ELB Certificates
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.tls-certificate-ids
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.tls-ciphers-policy
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.tls-certificate-ids
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.tls-ciphers-policy
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Configuring an HTTPS Certificate for a LoadBalancer Ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Configuring an HTTPS Certificate for a LoadBalancer Ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Using HTTP/2
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Using HTTP/2
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.http2-enable
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.http2-enable
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Configuring HTTP/2 for a LoadBalancer Ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Configuring HTTP/2 for a LoadBalancer Ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Configuring Timeout for an Ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Configuring Timeout for an Ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.keepalive_timeout
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.client_timeout
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.member_timeout
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.keepalive_timeout
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.client_timeout
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.member_timeout
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Configuring Timeout for a LoadBalancer Ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Configuring Timeout for a LoadBalancer Ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Configuring a Blocklist/Trustlist
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Configuring a Blocklist/Trustlist
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.acl-id
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.acl-status
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.acl-type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.acl-id
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.acl-status
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    kubernetes.io/elb.acl-type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Configuring a Blocklist/Trustlist Access Policy for a LoadBalancer Ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Configuring a Blocklist/Trustlist Access Policy for a LoadBalancer Ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                     
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Ensure that the configurations of different listeners for various ingresses are synchronized. To do so, perform the following operations:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2. In the navigation pane, choose Services & Ingresses. Then, click the Ingresses tab, and choose More > Update in the Operation column.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3. Synchronize Configuration is available if the listener configuration of the ingress differs from that of the ELB. Click Synchronize Configuration. Then, the listener configuration will be automatically synchronized.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Ensure that the configurations of different listeners for various ingresses are synchronized. To do so, perform the following operations:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2. In the navigation pane, choose Services & Ingresses. Then, click the Ingresses tab, and choose More > Update in the Operation column.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      3. Synchronize Configuration is available if the listener configuration of the ingress differs from that of the ELB. Click Synchronize Configuration. Then, the listener configuration will be automatically synchronized.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Multiple Ingresses Associated with the Same Service Accessing the Same ELB Port
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      When you create an ingress, CCE automatically adds a backend server group on the ELB based on the associated Service.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      In a cluster, if multiple ingresses access the same ELB port and are associated with the same Service and port, only one backend server group will be created on the ELB. The configuration applied to this backend server group will be that of the first ingress created (referred to as the first route). If ingresses use multiple load balancers to access the same Service, multiple backend server groups will be created. In this case, the sequence of ingress configurations does not matter. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Figure 2 Diagram for multiple ingresses associated with the same Service to access the same ELB port
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The following table lists backend server settings.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Backend Server Setting
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Annotation
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Helpful Link
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Slow start
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      kubernetes.io/elb.slowstart
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Configuring a Slow Start for a LoadBalancer Ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Parent topic: LoadBalancer Ingresses
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_10_0955.html b/docs/cce/umn/cce_10_0955.html
index 8ff978880..a64eb9150 100644
--- a/docs/cce/umn/cce_10_0955.html
+++ b/docs/cce/umn/cce_10_0955.html
@@ -2,7 +2,7 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      GPU Metrics
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The CCE AI Suite (NVIDIA GPU) add-on provides GPU monitoring metrics. This add-on offers additional GPU observability options. This section describes the metrics provided by CCE AI Suite (NVIDIA GPU).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      GPU Metrics Provided by CCE
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      GPU Metrics Provided by CCE
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Table 1 Basic GPU monitoring metrics
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Category
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Metric
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
@@ -118,6 +118,9 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      GPU cards
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Used GPU memory
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                       NOTE: 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If the NVIDIA driver version is 510 or later, the cce_gpu_memory_used value may be inaccurate in full GPU mode. The details are as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • In CCE AI Suite (NVIDIA GPU) of a version earlier than 2.7.60 or 2.1.44, the cce_gpu_memory_used value might be approximately 250 MB higher than the actual usage. This discrepancy reflects the memory reserved by the system for the GPU driver or firmware.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • In CCE AI Suite (NVIDIA GPU) of version 2.7.60, 2.1.44, or later, the cce_gpu_memory_used value may be about 100 KB higher than the actual value.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      cce_gpu_memory_total
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
@@ -340,11 +343,162 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Table 2 xGPU monitoring metrics
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Metric
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Unit
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Monitoring Level
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      xgpu_memory_total
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Gauge
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Byte
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      GPU processes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Total xGPU memory
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      xgpu_memory_used
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Gauge
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Byte
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      GPU processes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Used xGPU memory
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      xgpu_core_percentage_total
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Gauge
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      %
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      GPU processes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Total xGPU cores
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      xgpu_core_percentage_used
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Gauge
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      %
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      GPU processes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Used xGPU cores
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      gpu_schedule_policy
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Gauge
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      N/A
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      GPU cards
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      xGPU scheduling policy. Options:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • 0: xGPU memory is isolated and cores are shared.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • 1: Both xGPU memory and cores are isolated.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • 2: default mode, indicating that the current card is not used by any xGPU device for allocation.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      xgpu_device_health
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Gauge
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      N/A
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      GPU cards
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      xGPU device health. Options:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • 0: The xGPU device is healthy.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • 1: The xGPU device is unhealthy.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                       
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • To use the metrics listed in Table 3, ensure that the version of the CCE AI Suite (NVIDIA GPU) add-on is 2.1.30, 2.7.46, or later. If you require these metrics, promptly upgrade the add-on.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Cloud Native Cluster Monitoring does not automatically collect GPU pod monitoring metrics. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • If the NVIDIA driver version is 510 or later, the gpu_pod_memory_used value may be inaccurate in full GPU mode. The details are as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • In CCE AI Suite (NVIDIA GPU) of a version earlier than 2.7.60 or 2.1.44, the gpu_pod_memory_used value might be approximately 250 MB higher than the actual usage. This discrepancy reflects the memory reserved by the system for the GPU driver or firmware.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • In CCE AI Suite (NVIDIA GPU) of version 2.7.60, 2.1.44, or later, the gpu_pod_memory_used value may be about 100 KB higher than the actual value.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Table 3 GPU pod monitoring metrics
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Metric
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Unit
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Monitoring Process
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      gpu_pod_core_percentage_total
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Gauge
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      %
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      GPU processes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      GPU compute allocated by a GPU card to GPU workloads. It is measured in percentages relative to the compute of an entire GPU card. For example, a setting of 30% means that 30% of the GPU card's compute is dedicated to processing GPU virtualization workloads.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • When GPU virtualization is disabled, the compute of the entire GPU card is used, resulting in a metric value of 100%.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • When GPU virtualization is enabled, this metric aligns with the xgpu_core_percentage_total value.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      gpu_pod_core_percentage_used
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Gauge
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      %
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      GPU processes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Used GPU compute, that is, the GPU compute used by the GPU workloads. It is measured in percentages relative to the compute of an entire GPU card. For example, a setting of 30% means that the GPU workloads are actively using 30% of the GPU card's compute.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • When GPU virtualization is disabled, this metric aligns with the cce_gpu_utilization value.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • When GPU virtualization is enabled, this metric aligns with the xgpu_core_percentage_used value.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      gpu_pod_memory_total
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Gauge
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Byte
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      GPU processes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      GPU memory allocated by a GPU card to the GPU workloads. It is measured in bytes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • When GPU virtualization is disabled, this metric aligns with the cce_gpu_memory_total value.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • When GPU virtualization is enabled, this metric aligns with the xgpu_memory_total value × 1024 × 1024.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      gpu_pod_memory_used
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Gauge
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Byte
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      GPU processes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Used GPU memory, that is, the GPU memory used by the GPU workloads. It is measured in bytes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • When GPU virtualization is disabled, this metric aligns with the cce_gpu_memory_used value.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • When GPU virtualization is enabled, this metric aligns with the xgpu_memory_used value × 1024 × 1024.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Parent topic: GPU Scheduling
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Parent topic: GPU Monitoring
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
diff --git a/docs/cce/umn/cce_10_0959.html b/docs/cce/umn/cce_10_0959.html
new file mode 100644
index 000000000..2855d57be
--- /dev/null
+++ b/docs/cce/umn/cce_10_0959.html
@@ -0,0 +1,21 @@
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Changing the Default NodeLocal DNSCache Port
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      NodeLocal DNSCache defaults to using port 8080 on the host node, but this can cause conflicts with other services sharing the same port. This section describes how to change the default NodeLocal DNSCache port.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                       
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      You can change the default port of the NodeLocal DNSCache add-on of 1.6.66 or later.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2. Choose Add-ons in the navigation pane, find the NodeLocal DNSCache add-on on the right, and click Install. If this add-on has been installed in the cluster, click Edit.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      3. On the displayed page, configure parameters and click Installation Using YAML in the upper part of the page. If this add-on has been installed in the cluster, click Edit YAML.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                         
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        To simplify configuration, configure other parameters on the console, and then change the port number in the YAML file. For more information about other parameters, see NodeLocal DNSCache.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      4. Configure both parameters to the specified port number, ensuring they have the same value.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        1. Search for the healthPort parameter and change its value to a specified port number, for example, 8081.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2. Search for the cluster.local parameter and change the value of port in the array to the specified port number, for example, 8081.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      5. Click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Parent topic: DNS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
diff --git a/docs/cce/umn/cce_10_0960.html b/docs/cce/umn/cce_10_0960.html
new file mode 100644
index 000000000..4982739d8
--- /dev/null
+++ b/docs/cce/umn/cce_10_0960.html
@@ -0,0 +1,26 @@
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Migrating Custom Views of Grafana
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      In Grafana v1.3.1 and later versions, open-source Grafana versions v10 and v7 are available. However, if you upgrade the open-source Grafana version from v7.x to v10.x, custom views may be incompatible. In this case, you need to uninstall Grafana and reinstall it using open-source version v10. If there are custom views, perform the following operations to migrate them.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Step 1: Export Custom Views from Grafana of a Version Earlier Than 1.3.1
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Log in to the Grafana console. In the navigation pane, choose Dashboards > Manage. Then, click the view name to go to the details page.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2. In the upper left corner, click Share dashboard or panel.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      3. Click the Export tab and click Save to file.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      4. Repeat the preceding steps to export all custom views.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Step 2: Uninstall and Reinstall Grafana
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2. In the navigation pane, choose Add-ons. On the displayed page, locate the installed Grafana add-on and click Uninstall.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      3. Reinstall the add-on. Select v10 for Open-Source Community Version. For more parameters, see Grafana.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      4. Click Install.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Step 3: Import Custom Views
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Log in to Grafana of the new version and go to the Dashboards page.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2. Click Import on the right.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      3. Upload a custom view exported in Step 1: Export Custom Views from Grafana of a Version Earlier Than 1.3.1.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      4. Click Import.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      5. Check whether the view is normal and repeat the preceding steps to import all custom views.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Parent topic: O&M Best Practices
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
diff --git a/docs/cce/umn/cce_10_0961.html b/docs/cce/umn/cce_10_0961.html
new file mode 100644
index 000000000..dcd2392d7
--- /dev/null
+++ b/docs/cce/umn/cce_10_0961.html
@@ -0,0 +1,65 @@
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Cluster Access Overview
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Accessing a cluster involves establishing communication with it and executing cluster management tasks. A CCE cluster is a distributed system consisting of multiple nodes. Resources in a cluster such as pods, Services, and Deployments need to be centrally managed and operated via various tools and methodologies. The process of accessing a cluster involves interacting with the cluster using tools such as kubectl, CloudShell, and X.509 certificates to create, configure, monitor, and debug resources.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Cluster Access Modes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      You can select a proper mode to access a CCE cluster. The following table lists cluster access modes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Table 1 Comparison between cluster access modes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Mode
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Pros
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Cons
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Application Scenario
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Accessing a Cluster Using kubectl
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • High flexibility and comprehensive functions
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Automatic and batch operations
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Manual configuration for the local environment and credentials
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Credential management-based security
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      This mode is intended for developers and O&M personnel for the daily management of clusters, including resource creation, status monitoring, and debugging.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Accessing a Cluster Using an X.509 Certificate
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • High security, preventing attacks
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Enhanced identity authentication and data encryption
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Complex configuration that requires certificates, keys, and related permissions
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Complex certificate management and update
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      This mode is ideal for scenarios requiring secure service communication, identity authentication, and encryption.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Accessing a Cluster Using a Custom Domain Name
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Easy-to-remember domain name, facilitating cluster access
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Complex SAN configuration
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      This mode is designed for scenarios where a simple domain name instead of an IP address is used to access a cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Configuring a Cluster's API Server for Internet Access
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Comprehensive remote access capabilities
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Cross-region and global access
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Security measures such as firewalls, encryption, and authentication need to be taken to minimize the risk of attacks on the API server exposed to the Internet
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Affected by bandwidth and latency, especially on global access
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      This mode is ideal for managing clusters in cloud environments or across regions, particularly when access from multiple locations is required.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Revoking a Cluster Credential
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      CCE clusters allow you to revoke credentials. In multi-tenant scenarios, CCE generates a unique credential (such as a kubeconfig file or an X.509 certificate) for each user to access their designated cluster. These credentials contain user identity and authorization details, enabling users to perform authorized operations while ensuring secure isolation and management. However, credentials typically have a fixed validity period. If an employee resigns or a credential is compromised, manual revocation is required to maintain cluster security. For details, see Revoking a Cluster Access Credential.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Parent topic: Accessing a Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
diff --git a/docs/cce/umn/cce_10_0962.html b/docs/cce/umn/cce_10_0962.html
new file mode 100644
index 000000000..20f0a4d3b
--- /dev/null
+++ b/docs/cce/umn/cce_10_0962.html
@@ -0,0 +1,41 @@
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Cluster Management Overview
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Efficient, stable operation of containerized applications relies on proper management of CCE standard or Turbo clusters. CCE standard and Turbo clusters offer comprehensive management capabilities, including cluster configuration, resource scheduling, security control, and lifecycle management. Configure, optimize, and manage clusters according to your service needs to ensure stable, high-performance operation of containerized applications.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Cluster Configurations and Resource Management
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Cluster configuration and resource management enable flexible parameter adjustments and dynamic resource allocation. This allows you to optimize cluster performance and efficiently utilize resources based on service requirements. For details, see Table 1.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Table 1 Cluster configuration and resource management features
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Feature
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Modifying Cluster Configurations
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Cluster configuration parameters define node behavior, resource allocation, communication rules, and scaling policies in a distributed system. They affect the cluster's performance, stability, scalability, and fault tolerance. You can customize the core components of a CCE standard or Turbo cluster by adjusting these parameter settings.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Enabling Overload Control for a Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Overload control dynamically limits concurrent external requests based on the resource pressure of the master node, ensuring the stability and reliability of both the master node and the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      In a CCE standard or Turbo cluster, you can enable cluster overload control, monitor cluster overload, and configure overload alarms to mitigate the risk of cluster overload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Changing a Cluster Scale
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      A cluster scale specifies the maximum number of nodes a cluster can manage. If the current cluster scale does not meet your requirements, you can change it to handle changing workloads.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Cluster Security and Access Control
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      A security group is a virtual firewall that controls inbound and outbound network traffic for a cluster. You can modify the default security group rules of cluster nodes to enhance network security based on your needs. For details, see Changing the Default Security Group of a Node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Parent topic: Managing Clusters
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
diff --git a/docs/cce/umn/cce_10_0965.html b/docs/cce/umn/cce_10_0965.html
new file mode 100644
index 000000000..b4f402b5a
--- /dev/null
+++ b/docs/cce/umn/cce_10_0965.html
@@ -0,0 +1,131 @@
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Equal Distribution Scheduling on Virtual GPUs
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      In AI training, inference, and scientific computing, a single GPU often falls short due to limited compute power or memory. Multiple GPUs are therefore needed to work together. However, using entire GPU cards for collaboration can lead to resource wastage, especially when tasks require only a portion of the GPU's memory or compute power. Equal distribution scheduling on virtual GPUs addresses this issue by efficiently utilizing GPU memory and compute power across multiple cards, optimizing resource use.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      This policy equally allocates requested GPU resources (such as GPU memory and compute power) across multiple virtual GPUs, improving utilization and reducing waste. With this approach, a pod can flexibly use multiple virtual GPUs, with each providing an equal number of resources. This enables refined allocation and efficient utilization of GPU resources. Equal distribution scheduling on virtual GPUs supports GPU memory isolation by configuring volcano.sh/gpu-mem.128Mi and isolation of both compute and memory resources by configuring both volcano.sh/gpu-mem.128Mi and volcano.sh/gpu-core.percentage.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • GPU memory isolation: Tasks can split their requested GPU memory across multiple cards for sharing. For example, if an application requests M MiB of GPU memory and specifies to use N GPU cards on a single node, CCE will equally allocate the M MiB of memory across the N cards. During execution, each task is limited to using M/N MiB of memory per GPU card, ensuring memory isolation between tasks and preventing resource contention.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Isolation of both compute and memory resources: Tasks can split their requested GPU memory and compute power across multiple cards for sharing. For example, if an application requests M MiB of GPU memory and T% of compute power and specifies to use N GPU cards on a single node, CCE will equally allocate the M MiB of memory and T% of compute power across the N cards. During execution, each task is limited to using M/N MiB of memory and T/N% of compute power per GPU card.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                       
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      In GPU virtualization, the allocated GPU memory in MiB must be an integer multiple of 128. Therefore, M/N, the GPU memory per card, must meet this requirement. Additionally, the compute power in percentage must be an integer multiple of 5. Therefore, T/N, the compute power per card, must be a multiple of 5.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • A CCE standard or Turbo cluster of v1.27.16-r20, v1.28.15-r10, v1.29.10-r10, v1.30.6-r10, v1.31.4-r0, or later is available.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • CCE AI Suite (NVIDIA GPU) has been installed in the cluster. For details, see CCE AI Suite (NVIDIA GPU). The add-on version must meet the following requirements:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • If the cluster version is 1.27 or earlier, the add-on version must be 2.1.41 or later.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • If the cluster version is 1.28 or later, the add-on version must be 2.7.57 or later.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • GPU nodes with virtualization enabled at the node pool level are available in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Volcano of v1.16.10 or later has been installed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Equal distribution scheduling on virtual GPUs is not compatible with Kubernetes' default GPU scheduling (which involves workloads using nvidia.com/gpu resources).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Node pool auto scaling is not supported in equal distribution scheduling on virtual GPUs scenarios. If node pool auto scaling is enabled, scale-out behavior may become unpredictable.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Using the Console
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Workloads. In the upper right corner of the displayed page, click Create Workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2. In the Container Settings area, choose Basic Info in the navigation pane and then set GPU Quota to GPU Virtualization. Enable Multi-card Equal Distribution Scheduling. For details about parameter settings, see Table 1.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        The settings of multi-card equal distribution scheduling and the number of GPUs apply cluster-wide. Any modifications made will affect all containers in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Table 1 Parameters for multi-card equal distribution scheduling
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Example Value
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        GPUs
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        1
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        (Mandatory) The number of GPUs for multi-card equal distribution scheduling.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Total GPU Memory
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        128
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        (Mandatory) The requested GPU memory size in MiB. It must be a positive integer and a multiple of 128. If the specified value exceeds the total GPU memory, scheduling will fail.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Total Computing
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        5
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        (Optional) The requested GPU computing as a percentage. The value must be a multiple of 5 and is determined by the number of GPUs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • If this parameter is left blank, the container uses GPU memory isolation.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • If set, the container uses isolation of both compute and memory resources.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      3. Configure other parameters by referring to Creating a Workload. Then, click Create Workload in the lower right corner. When the status changes to Running, the workload has been created.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Using kubectl
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The following example illustrates how to create a workload that uses equal distribution scheduling on virtual GPUs with GPU memory isolation: Configure this workload as follows: Set the number of pods to 1, the requested GPU memory to 8 GiB, and specify the workload to use two GPUs. Each GPU will allocate 4 GiB of memory. After the workload is created, CCE will automatically schedule it to a GPU node that meets these conditions.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Use kubectl to access the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2. Run the following command to create a YAML file for a workload that requires equal distribution scheduling on virtual GPUs:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        vim gpu-app.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Example file content:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: gpu-app
+  namespace: default
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: gpu-app
+  template:
+    metadata:
+      labels:
+        app: gpu-app
+        volcano.sh/gpu-num: '2'    # Number of GPUs for equal distribution scheduling. In this example, the pod requests two GPUs, with each GPU providing 4 GiB of memory.
+    spec:
+      schedulerName: volcano
+      containers:
+      - image: <your_image_address>     # Replace it with your image address.
+        name: container-0
+        resources:
+          requests:
+            cpu: 250m
+            memory: 512Mi
+            volcano.sh/gpu-mem.128Mi: '64' # Requested GPU memory. The value 64 indicates that 8 GiB of GPU memory is requested (64 × 128 MiB/1024).
+          limits:
+            cpu: 250m
+            memory: 512Mi
+            volcano.sh/gpu-mem.128Mi: '64' # Upper limit of the GPU memory that can be used, which is 8 GiB
+      imagePullSecrets:
+      - name: default-secret
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        To enable isolation of both compute and memory resources, configure volcano.sh/gpu-core.percentage in both resources.requests and resources.limits to allocate GPU compute power to pods, for example, set volcano.sh/gpu-core.percentage to 5.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      3. Run the following command to create the workload:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        kubectl apply -f gpu-app.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        If information similar to the following is displayed, the workload has been created:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        deployment.apps/gpu-app created
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      4. Run the following command to view the created pod:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        kubectl get pod -n default
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Information similar to the following is displayed:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        NAME                      READY   STATUS    RESTARTS   AGE
+gpu-app-6bdb4d7cb-pmtc2   1/1     Running   0          21s
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      5. Log in to the pod and check the total GPU memory allocated to the pod.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        kubectl exec -it gpu-app-6bdb4d7cb-pmtc2 -- nvidia-smi
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Expected output:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Fri Mar  7 03:36:03 2025
++---------------------------------------------------------------------------------------+
+| NVIDIA-SMI 535.216.03             Driver Version: 535.216.03   CUDA Version: 12.2     |
+|-----------------------------------------+----------------------+----------------------+
+| GPU  Name                 Persistence-M | Bus-Id        Disp.A | Volatile Uncorr. ECC |
+| Fan  Temp   Perf          Pwr:Usage/Cap |         Memory-Usage | GPU-Util  Compute M. |
+|                                         |                      |               MIG M. |
+|=========================================+======================+======================|
+|   0  Tesla T4                       Off | 00000000:00:0D.0 Off |                    0 |
+| N/A   33C    P8               9W /  70W |      0MiB /  4096MiB |      0%      Default |
+|                                         |                      |                  N/A |
++-----------------------------------------+----------------------+----------------------+
+|   1  Tesla T4                       Off | 00000000:00:0E.0 Off |                    0 |
+| N/A   34C    P8               9W /  70W |      0MiB /  4096MiB |      0%      Default |
+|                                         |                      |                  N/A |
++-----------------------------------------+----------------------+----------------------+
++---------------------------------------------------------------------------------------+
+| Processes:                                                                            |
+|  GPU   GI   CI        PID   Type   Process name                            GPU Memory |
+|        ID   ID                                                             Usage      |
+|=======================================================================================|
+|  No running processes found                                                           |
++---------------------------------------------------------------------------------------+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        The command output shows that the pod can use two GPUs, each providing 4 GiB of GPU memory (4096 MiB/1024). The pod's requested GPU memory has been evenly distributed across the two GPUs, with each GPU's memory resources isolated.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Additional Information
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      When GPU memory or compute is allocated to xGPU services, CCE applies bin packing by default to distribute workloads efficiently across multiple GPUs on a node. This helps reduce resource fragmentation and improves overall utilization in the cluster. However, when an equal distribution scheduling job is delivered, it may still enter a pending state despite sufficient total idle resources on the node. This happens because the number of available GPUs may not meet the scheduling requirement. That is an expected behavior.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      For example, a node has three GPUs (numbered 0, 1, and 2) with remaining memory of 4 GiB, 4 GiB, and 8 GiB, respectively. There is a workload with two pods, each pod requesting two GPUs and 4 GiB of memory per GPU. The total GPU memory available on the node is 16 GiB (4 + 4 + 8), exactly what the workload demands (2 pods × 2 × 4 = 16 GiB). Following bin packing rules, CCE assigns GPU 0 and GPU 1 to the first pod. This satisfies its requirements of two separate GPUs and 4 GiB of memory. There is only one GPU left, GPU 2 with 8 GiB of memory. The second pod still needs two separate GPUs, but the node no longer meets that condition. So even though there is enough memory, the second pod fails to schedule, and the workload cannot be placed on the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Parent topic: GPU Virtualization
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
diff --git a/docs/cce/umn/cce_10_0966.html b/docs/cce/umn/cce_10_0966.html
new file mode 100644
index 000000000..4a76a0e41
--- /dev/null
+++ b/docs/cce/umn/cce_10_0966.html
@@ -0,0 +1,57 @@
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Automatically Applying Updated Access Keys (AK/SK) for an OBS Volume
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If your service containers use OBS for data storage and access, you must manually restart them whenever the OBS volume's access keys are changed to apply the new keys. This process may interrupt service continuity.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      CCE Container Storage (Everest) can automatically apply the new access keys for an OBS volume after they are updated. After the access keys of an OBS volume are updated, CCE automatically detects the change and applies the new keys to all affected workloads. This eliminates the need to manually restart these workloads, ensuring seamless service continuity during the key update.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • A CCE standard or Turbo cluster is available, and the cluster version meets the following requirements:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • v1.25: v1.25.16-r30 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • v1.27: v1.27.16-r30 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • v1.28: v1.28.15-r20 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • v1.29: v1.29.13-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • v1.30: v1.30.10-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • v1.31: v1.31.6-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • v1.32: v1.32.1-r0 or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Clusters of later versions
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The CCE Container Storage (Everest) add-on v2.4.150 or later has been installed in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • If the add-on version is between 2.4.150 (inclusive) and 2.4.165 (exclusive), automatic access key updating applies only to parallel file systems. Starting from version 2.4.165 and onward, both parallel file systems and OBS buckets are supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Automatic access key updating applies only to workloads created after CCE Container Storage (Everest) is updated to a specific version (2.4.150 or later for parallel file systems, and 2.4.165 or later for OBS buckets). To enable existing workloads to support this function, manually rebuild these workloads after CCE Container Storage (Everest) is upgraded.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Step 1: Check Whether a Workload Supports Automatic Key Updates
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Automatic key updates for OBS volumes are only available for workloads created after CCE Container Storage (Everest) is upgraded to the required version. Ensure this add-on is correctly upgraded and the target workload is created afterward.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2. In the navigation pane, choose Add-ons. Check whether the CCE Container Storage (Everest) version is 2.4.150 or later.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Click Edit. In Edit Add-on, ensure dynamic AK/SK update is enabled in Extended Parameter Settings under Advanced Settings. Verify enable_aksk_refresh is set to true.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      3. Check the workloads that use OBS buckets and the nodes where these workloads are running in the cluster. The following uses a parallel file system as an example.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        1. In the navigation pane, choose Storage. Click the PersistentVolumeClaims (PVCs) tab on the right and check whether there are storage volumes using parallel file systems across all namespaces.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2. Confirm parallel file system storage across all namespaces. The following uses the default namespace as an example, where {pvc_name} indicates the PVC name:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          kubectl get pods -n default -o custom-columns="POD:.metadata.name,PVC:.spec.volumes[*].persistentVolumeClaim.claimName,hostIP:.status.hostIP,UID:.metadata.uid" | grep {pvc_name}
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Information similar to the following is displayed:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          obs-test-65c6dd7675-c67ss     obs      192.168.0.227   adb83cd4-58cc-4d01-a91a-584c6ed477fc
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          The obs-test-65c6dd7675-c67ss pod is mounted with the obs PVC. The IP address of the node where the pod is running is 192.168.0.227, and the node's UID is adb83cd4-58cc-4d01-a91a-584c6ed477fc.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      4. Log in to the node where the pod is deployed and run the following command to check when the obsfs tool will be updated after CCE Container Storage (Everest) is upgraded:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        ls -l /usr/bin/obsfs
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Information similar to the following is displayed, which indicates that obsfs was updated at 17:09 on March 20:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        -rwx------ 1 root root 9424176 Mar 20 17:09 /usr/bin/obsfs
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      5. Check the start time of obsfs on the node where the pod is deployed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        ps -ef | grep {pod_uid}
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Information similar to the following is displayed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        The obsfs used by the pod was mounted at 10:34, which is later than the time when obsfs was updated by CCE Container Storage (Everest). Therefore, the pod supports automatic key updates.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        If the obsfs process used by the pod is earlier than the time when the obsfs tool was updated by CCE Container Storage (Everest), you need to manually restart the pod. Automatic key updates will take effect automatically.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Step 2: Update the Custom Access Keys (AK/SK) of the OBS Volume
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      After confirming that the workload with the OBS volume mounted supports automatic key updates, you can update the custom access keys (AK/SK) of the OBS volume.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2. In the navigation pane, choose Storage. On the PVCs tab, locate the volume and click More > Update Access Key in the Operation column.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      3. Upload the new access keys (AK/SK) and click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                         
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Ensure that the updated keys are valid and have the permissions to access the corresponding OBS volume. Otherwise, the workload cannot access the mounted object storage.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Step 3: Confirm Updated Keys for a Workload
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      After the access keys used by OBS are updated, you can take the following steps to verify that the update takes effect in about 30 seconds by viewing pod events or alarms:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2. In the navigation pane, choose Workloads. Click the workload name to go to the details page.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      3. On the Pods tab, click View Events in the Operation column of the pod.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        If the event "failed to refresh ak/sk for xxx" is displayed, the keys fail to be updated for the workload. Locate the cause as prompted. For details, see Common Events. If no alarm or event is generated, the update is successful.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Common Events
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The certificate is invalid. The event is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        failed to refresh ak/sk for xxx, reason: invalid credentials(host=xxx:443) - result of checking service.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Change the certificate to a valid one and then check whether the fault is rectified.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Updating the AK/SK times out. The event is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        failed to refresh ak/sk for xxx, reason: wait timeout...
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        This alarm may be generated occasionally when the obsfs process exits due to pod deletion or migration. This is a normal situation. If no alarm is reported continuously, ignore it.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        If this alarm persists, rebuild the pod and then check whether the fault is rectified.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Parent topic: OBS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
diff --git a/docs/cce/umn/cce_10_0967.html b/docs/cce/umn/cce_10_0967.html
index e3f8f5c70..030c9d9cf 100644
--- a/docs/cce/umn/cce_10_0967.html
+++ b/docs/cce/umn/cce_10_0967.html
@@ -1,55 +1,55 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Specifying Node Scale-in Conditions for a Node Pool
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      When you use the CCE Cluster Autoscaler add-on to automatically adjust the number of nodes, you need to specify the scale-in conditions for each node pool in a cluster based on service requirements.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • A cluster of v1.25 or later is available.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The CCE Cluster Autoscaler add-on has been installed in the cluster, and the add-on version is 1.25.181, 1.27.152, 1.28.120, 1.29.81, 1.30.48, 1.31.10, or later.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      When you use the CCE Cluster Autoscaler add-on to automatically adjust the number of nodes, you need to specify the scale-in conditions for each node pool in a cluster based on service requirements.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • A cluster of v1.25 or later is available.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The CCE Cluster Autoscaler add-on has been installed in the cluster, and the add-on version is 1.25.181, 1.27.152, 1.28.120, 1.29.81, 1.30.48, 1.31.10, or later.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Step 1: Create a Node Pool
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      In this example, you need to create a node pool and configure custom scale-in conditions for it.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2. Click the cluster name to access the cluster console. In the navigation pane, choose Nodes. Then click the Node Pools tab.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      3. Click Create Node Pool in the upper right corner and then configure the parameters as required. For details about the parameter settings, see Creating a Node Pool.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Step 1: Create a Node Pool
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      In this example, you need to create a node pool and configure custom scale-in conditions for it.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2. Choose Nodes in the navigation pane and click the Node Pools tab on the right.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      3. Click Create Node Pool in the upper right corner and then configure the parameters as required. For details about the parameter settings, see Creating a Node Pool.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Step 2: Specify Custom Scale-in Conditions for the Node Pool
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2. In the navigation pane, choose Settings. Then click the Auto Scaling tab.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • If CCE Cluster Autoscaler is not installed, configure add-on parameters based on service requirements, click Install, and wait until the add-on is installed. For details about how to configure the add-on, see CCE Cluster Autoscaler.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • If CCE Cluster Autoscaler has been installed, configure scaling policies.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      3. Configure auto scale-in. Auto scale-in is disabled by default. After you enable this feature, you can configure Node Scale-In Conditions.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Nodes in a cluster are automatically scaled in when the scale-in conditions are met. If no custom scale-in conditions are configured, the default scale-in conditions are used for each node pool. If you configure custom scale-in conditions for a node pool, the custom scale-in conditions are preferentially used for the node pool.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Default Scale-In Conditions
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        In this example, if the pre-allocated CPU and memory of a node in the cluster are below 50% for 10 minutes, or the node is unavailable for more than 20 minutes, the node is selected for scale-in.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        (Optional) Custom Scale-In Conditions
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Click Add, select a node pool, enter the scale-in conditions, and click Confirm Settings. If auto scaling is not enabled for all specifications in a node pool, custom scale-in conditions configured for the node pool do not take effect. For details about how to enable auto scaling for a node pool, see Configuring Auto Scaling Policies for a Node Pool.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Step 2: Specify Custom Scale-in Conditions for the Node Pool
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2. In the navigation pane, choose Settings. Then click the Auto Scaling tab.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • If CCE Cluster Autoscaler is not installed, configure add-on parameters based on service requirements, click Install, and wait until the add-on is installed. For details about how to configure the add-on, see CCE Cluster Autoscaler.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • If CCE Cluster Autoscaler has been installed, configure scaling policies.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        3. Configure auto scale-in. Auto scale-in is disabled by default. After you enable this feature, you can configure Node Scale-In Conditions.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Nodes in a cluster are automatically scaled in when the scale-in conditions are met. If no custom scale-in conditions are configured, the default scale-in conditions are used for each node pool. If you configure custom scale-in conditions for a node pool, the custom scale-in conditions are preferentially used for the node pool.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Default Scale-In Conditions
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          In this example, if the pre-allocated CPU and memory of a node in the cluster are below 50% for 10 minutes, or the node is unavailable for more than 20 minutes, the node is selected for scale-in.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          (Optional) Custom Scale-In Conditions
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Click Add, select a node pool, enter the scale-in conditions, and click Confirm Settings. If auto scaling is not enabled for all specifications in a node pool, custom scale-in conditions configured for the node pool do not take effect. For details about how to enable auto scaling for a node pool, see Configuring Auto Scaling Policies for a Node Pool.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_bestpractice_0002.html b/docs/cce/umn/cce_bestpractice_0002.html
index 8c953a125..08de92346 100644
--- a/docs/cce/umn/cce_bestpractice_0002.html
+++ b/docs/cce/umn/cce_bestpractice_0002.html
@@ -3,7 +3,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Solution Overview
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          This chapter provides CCE best practices to walk you through the application containerization.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          What Is a Container?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          A container is a lightweight high-performance resource isolation mechanism implemented based on the Linux kernel. It is a built-in capability of the operating system (OS) kernel. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          CCE is an enterprise-class container service based on open source Kubernetes. It is a high-performance and high-reliability service through which enterprises can manage containerized applications. CCE supports native Kubernetes applications and tools, allowing you to easily set up a container runtime in the cloud.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          CCE is an enterprise-class container service based on open-source Kubernetes. It is a high-performance and high-reliability service through which enterprises can manage containerized applications. CCE supports native Kubernetes applications and tools, allowing you to easily set up a container runtime in the cloud.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Why Is a Container Preferred?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • More efficient use of system resources
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            A container does not require extra costs such as fees for hardware virtualization and those for running a complete OS. Therefore, a container has higher resource usage. Compared with a VM with the same configurations, a container can run more applications. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Faster startup
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            A container directly runs on the host kernel and does not need to start a complete OS. Therefore, a container can be started within seconds or even milliseconds, greatly saving the development, testing, and deployment time.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
diff --git a/docs/cce/umn/cce_bestpractice_0003.html b/docs/cce/umn/cce_bestpractice_0003.html
index 6f44991ee..21029072e 100644
--- a/docs/cce/umn/cce_bestpractice_0003.html
+++ b/docs/cce/umn/cce_bestpractice_0003.html
@@ -5,8 +5,8 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            No recoding or re-architecting is required. You only need to pack the entire application into a container image and deploy the container image on CCE.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Introduction
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            In this example, the enterprise management application is developed by enterprise A. This application is provided for third-party enterprises for use, and enterprise A is responsible for application maintenance.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            When a third-party enterprise needs to use this application, a suit of Tomcat application and MongoDB database must be deployed for the third-party enterprise. The MySQL database, used to store data of third-party enterprises, is provided by enterprise A.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Figure 1 Application architecture
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            As shown in Figure 1, the application is a standard Tomcat application, and its backend interconnects with MongoDB and MySQL databases. For this type of applications, there is no need to split the architecture. The entire application is built as an image, and the MongoDB database is deployed in the same image as the Tomcat application. In this way, the application can be deployed or upgraded through the image.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Figure 1 Application architecture
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            As shown in Figure 1, the application is a standard Tomcat application that connects to both MongoDB and MySQL databases. There is no need to separate the architecture for this type of application. The entire application, including the Tomcat application and MongoDB database, is packaged as an image. In this way, the application can be deployed or upgraded through the image.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Interconnecting with the MongoDB database for storing user files.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Interconnecting with the MySQL database for storing third-party enterprise data. The MySQL database is an external cloud database.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Benefits
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            In this example, the application was deployed on a VM. During application deployment and upgrade, a series of problems is encountered, but application containerization has solved these problems.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
diff --git a/docs/cce/umn/cce_bestpractice_00035.html b/docs/cce/umn/cce_bestpractice_00035.html
index b1dbbad84..c9c904b5a 100644
--- a/docs/cce/umn/cce_bestpractice_00035.html
+++ b/docs/cce/umn/cce_bestpractice_00035.html
@@ -13,13 +13,13 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            X-Forwarded-For: <client-source-IP-address>, <proxy-server-1-IP-address>, <proxy-server-2-IP-address>, ...
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            The first IP address obtained from the X-Forwarded-For field is the client source IP address.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Nginx Ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • For an Nginx ingress that uses a dedicated load balancer, transparent transmission of source IP addresses is enabled by default. This means that you can easily obtain the source IP address of the client without any additional configurations.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • For an Nginx ingress that uses a shared load balancer, perform the following steps to obtain the source IP address of the client:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Nginx Ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • For an Nginx ingress that uses a dedicated load balancer, transparent transmission of source IP addresses is enabled by default. This means that you can easily obtain the source IP address of the client without any additional configurations.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • For an Nginx ingress that uses a shared load balancer, take the following steps to obtain the source IP address of the client:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Take the Nginx workload as an example. Before configuring the source IP address, obtain the access logs. nginx-c99fd67bb-ghv4q indicates the pod name.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              kubectl logs nginx-c99fd67bb-ghv4q
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Information similar to the following is displayed:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              ...
 10.0.0.7 - - [17/Aug/2023:01:30:11 +0000] "GET / HTTP/1.1" 200 19 "http://114.114.114.114:9421/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.0.1901.203" "100.125.**.**"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              100.125.**.** specifies the CIDR block of the load balancer, indicating that the traffic is forwarded through the load balancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            2. Enable Transfer Client IP Address. This operation is required only when shared load balancers are used. For dedicated load balancers, source IP address-based transparent transmission is enabled by default.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              1. Click  in the upper left corner of the management console and select a region and a project.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              2. Choose Service List > Networking > Elastic Load Balance.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              3. On the Elastic Load Balance page, click the name of the target load balancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              4. Click the Listeners tab, locate the row containing the target listener, and click Edit. If modification protection exists, disable the protection on the basic information page of the listener and try again.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              5. Enable Transfer Client IP Address.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            3. Enable Transfer Client IP Address. This operation is required only when shared load balancers are used. For dedicated load balancers, source IP address-based transparent transmission is enabled by default.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              1. Click  in the upper left corner of the management console and select a region and a project.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              2. Choose Service List > Networking > Elastic Load Balance.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              3. On the Elastic Load Balance page, click the name of the target load balancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              4. Click the Listeners tab, locate the row containing the target listener, and click Edit. If modification protection exists, disable the protection on the basic information page of the listener and try again.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              5. Enable Transfer Client IP Address.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            4. Access the workload again and view the new access log.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              ...
 10.0.0.7 - - [17/Aug/2023:02:43:11 +0000] "GET / HTTP/1.1" 304 0 "http://114.114.114.114:9421/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.0.1901.203" "124.**.**.**"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              The source IP address of the client is obtained.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
@@ -39,8 +39,8 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              LoadBalancer
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              For a LoadBalancer Service, different types of clusters obtain source IP addresses in different scenarios. In some scenarios, source IP addresses cannot be obtained currently.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • CCE Clusters (using VPC or Tunnel network): Source IP addresses can be obtained when either a shared or dedicated load balancer is used.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • CCE Turbo Clusters (using the Cloud Native Network 2.0): Source IP addresses can be obtained for dedicated load balancers, and for shared load balancers with hostNetwork enabled.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              VPC and Container Tunnel Network Models
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              To enable the function of obtaining the source IP address on the console, perform the following steps:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              1. When creating a LoadBalancer Service on the CCE console, set Service Affinity to Node-level instead of Cluster-level.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              2. Go to the ELB console and enable the function of obtaining the client IP address of the listener corresponding to the load balancer. Transparent transmission of source IP addresses is enabled for dedicated load balancers by default. You do not need to manually enable this function.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                1. Click  in the upper left corner of the management console and select a region and a project.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                2. Choose Service List > Networking > Elastic Load Balance.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                3. On the Elastic Load Balance page, click the name of the target load balancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                4. Click the Listeners tab, locate the row containing the target listener, and click Edit. If modification protection exists, disable the protection on the basic information page of the listener and try again.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                5. Enable Transfer Client IP Address.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                To enable the function of obtaining the source IP address on the console, take the following steps:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                1. When creating a LoadBalancer Service on the CCE console, set Service Affinity to Node-level instead of Cluster-level.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                2. Go to the ELB console and enable the function of obtaining the client IP address of the listener corresponding to the load balancer. Transparent transmission of source IP addresses is enabled for dedicated load balancers by default. You do not need to manually enable this function.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Click  in the upper left corner of the management console and select a region and a project.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. Choose Service List > Networking > Elastic Load Balance.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  3. On the Elastic Load Balance page, click the name of the target load balancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  4. Click the Listeners tab, locate the row containing the target listener, and click Edit. If modification protection exists, disable the protection on the basic information page of the listener and try again.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  5. Enable Transfer Client IP Address.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Cloud Native 2.0 Network Model (CCE Turbo Clusters)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                When a LoadBalancer Service associated with a shared load balancer is created:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • For workloads with hostNetwork enabled, you can set Service Affinity to Node-level to obtain the source IP addresses.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • For other workloads, you cannot set Service Affinity to Node-level, so the source IP addresses cannot be obtained.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
diff --git a/docs/cce/umn/cce_bestpractice_0004.html b/docs/cce/umn/cce_bestpractice_0004.html
index bc02f8066..e79915b99 100644
--- a/docs/cce/umn/cce_bestpractice_0004.html
+++ b/docs/cce/umn/cce_bestpractice_0004.html
@@ -4,7 +4,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                To fully containerize an application, you must go through the entire process.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                This involves analyzing the application, setting up the runtime environment for the application, compiling the startup script and Dockerfile, creating and uploading images, and creating containerized workloads.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                For details about each step of the containerization, see Containerization Process.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Figure 1 Process of containerizing an application
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Figure 1 Process of containerizing an application
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
diff --git a/docs/cce/umn/cce_bestpractice_0007.html b/docs/cce/umn/cce_bestpractice_0007.html
index daa7180ad..a65220cd1 100644
--- a/docs/cce/umn/cce_bestpractice_0007.html
+++ b/docs/cce/umn/cce_bestpractice_0007.html
@@ -10,7 +10,7 @@
 # Load system environment variables.
 source  /etc/profile
 # Start MongoDB. The data is stored in /usr/local/mongodb/data.
-./usr/local/mongodb/bin/mongod --dbpath=/usr/local/mongodb/data --logpath=/usr/local/mongodb/logs --port=27017 –fork
+./usr/local/mongodb/bin/mongod --dbpath=/usr/local/mongodb/data --logpath=/usr/local/mongodb/logs --port=27017 -fork
 # These three script commands indicate that the contents related to the MySQL database in the environment variables are written into the configuration file when Docker is started.
 sed -i "s|mysql://.*/awcp_crmtile|mysql://$MYSQL_URL/$MYSQL_DB|g" /root/apache-tomcat-7.0.82/webapps/awcp/WEB-INF/classes/conf/jdbc.properties
 sed -i "s|username=.*|username=$MYSQL_USER|g" /root/apache-tomcat-7.0.82/webapps/awcp/WEB-INF/classes/conf/jdbc.properties
diff --git a/docs/cce/umn/cce_bestpractice_0009.html b/docs/cce/umn/cce_bestpractice_0009.html
index d05b41fbe..c259e9343 100644
--- a/docs/cce/umn/cce_bestpractice_0009.html
+++ b/docs/cce/umn/cce_bestpractice_0009.html
@@ -10,7 +10,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Procedure
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                1. Log in as the root user to the device running Docker.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                2. Enter the apptest directory.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  cd apptest
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Ensure that files used to build the image are stored in the same directory.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                3. Build an image.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  docker build -t apptest:v1 .
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                4. Upload the image to SWR. For details, see Uploading an Image Through the Client.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
diff --git a/docs/cce/umn/cce_bestpractice_0010.html b/docs/cce/umn/cce_bestpractice_0010.html
index 870d4b774..d938ab947 100644
--- a/docs/cce/umn/cce_bestpractice_0010.html
+++ b/docs/cce/umn/cce_bestpractice_0010.html
@@ -5,7 +5,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Containerized workloads are deployed in a similar way. The difference lies in:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Whether environment variables need to be set.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Whether cloud storage is used.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Required Cloud Services
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Cloud Container Engine (CCE): a highly reliable and high-performance service that allows enterprises to manage containerized applications. With support for Kubernetes-native applications and tools, CCE makes it simple to set up an environment for running containers in the cloud.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Elastic Cloud Server (ECS): a scalable and on-demand cloud server. It helps you to efficiently set up reliable, secure, and flexible application environments, ensuring stable service running and improving O&M efficiency.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Virtual Private Cloud (VPC): an isolated and private virtual network environment that users apply for in the cloud. You can configure the IP address ranges, subnets, and security groups, as well as assign elastic IP addresses and allocate bandwidth in a VPC.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Required Cloud Services
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Cloud Container Engine (CCE): a highly reliable and high-performance service that allows enterprises to manage containerized applications. With support for Kubernetes-native applications and tools, CCE makes it simple to set up an environment for running containers in the cloud.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Elastic Cloud Server (ECS): a scalable and on-demand cloud server. It helps you to efficiently set up reliable, secure, flexible application environments, ensuring stable service running and improving O&M efficiency.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Virtual Private Cloud (VPC): an isolated and private virtual network environment that users apply for in the cloud. You can configure the IP address ranges, subnets, and security groups, as well as assign elastic IP addresses and allocate bandwidth in a VPC.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Basic Concepts
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • A cluster is a collection of computing resources, including a group of node resources. A container runs on a node. Before creating a containerized application, you must have an available cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • A node is a virtual or physical machine that provides computing resources. You must have sufficient node resources to ensure successful operations such as creating applications. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • A workload indicates a group of container pods running on CCE. CCE supports third-party application hosting and provides the full lifecycle (from deployment to O&M) management for applications. This section describes how to use a container image to create a workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
@@ -24,7 +24,7 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
-
-
-
-
-
-
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Example Value
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Example Value
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Pre-allocated CPU and memory in the Node Scale-In Condition column
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Pre-allocated CPU and memory in the Node Scale-In Condition column
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          When the ratio of the total CPU or memory of all pods running on the node to the allocatable resources on the node is lower than the threshold, the node can be scaled in.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          For example, if this parameter is set to 30%, scale-in evaluation is triggered when the resource usage is lower than 30%. If this parameter is not configured, the CCE Cluster Autoscaler add-on uses the default resource usage threshold.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          When the ratio of the total CPU or memory of all pods running on the node to the allocatable resources on the node is lower than the threshold, the node can be scaled in.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          For example, if this parameter is set to 30%, scale-in evaluation is triggered when the resource usage is lower than 30%. If this parameter is not configured, the CCE Cluster Autoscaler add-on uses the default resource usage threshold.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          30%
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          30%
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Time specified in the Node Scale-In Condition column
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Time specified in the Node Scale-In Condition column
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          This is the duration during which a node is in the unneeded state before the scale-in operation can be performed. CCE Cluster Autoscaler removes a node only when the node is not needed for a specified period of time. This prevents frequent scale-in triggered by temporary resource fluctuation and improves system stability. If this parameter is not configured, the CCE Cluster Autoscaler add-on uses the default setting.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          This is the duration during which a node is in the unneeded state before the scale-in operation can be performed. CCE Cluster Autoscaler removes a node only when the node is not needed for a specified period of time. This prevents frequent scale-in triggered by temporary resource fluctuation and improves system stability. If this parameter is not configured, the CCE Cluster Autoscaler add-on uses the default setting.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          10 minutes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          10 minutes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                                                                                                           
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        4. In the displayed dialog box, click Save.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          5. 
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        5. In the displayed dialog box, click Save.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          6. 
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Step 3: Verify that the Custom Scale-in Conditions Take Effect
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          In this example, the custom scale-in threshold is set to 30% for the node pool, while the default scale-in threshold is 50%. If the node CPU and memory in the node pool remains between 30% and 50% and scale-in is not triggered, the node pool preferentially follows the custom scale-in conditions instead of the default scale-in conditions.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Step 3: Verify that the Custom Scale-in Conditions Take Effect
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          In this example, the custom scale-in threshold is set to 30% for the node pool, while the default scale-in threshold is 50%. If the node CPU and memory in the node pool remains between 30% and 50% and scale-in is not triggered, the node pool preferentially follows the custom scale-in conditions instead of the default scale-in conditions.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Helpful Links
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Helpful Links
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Parent topic: Scaling a Node
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Parent topic: Node Scaling
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
diff --git a/docs/cce/umn/cce_10_0968.html b/docs/cce/umn/cce_10_0968.html
index 39c3248b5..244311e81 100644
--- a/docs/cce/umn/cce_10_0968.html
+++ b/docs/cce/umn/cce_10_0968.html
@@ -1,30 +1,41 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          NGINX Ingress Controller Upgrade Compatibility
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Compatibility
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          CCE NGINX Ingress Controller is based on the community version of Ingress NGINX Controller. Upgrades to the community version may introduce new features, optimize existing ones, or address security issues. As a result, compatibility differences may occur after you upgrade CCE NGINX Ingress Controller. These differences can include configuration changes between versions, deprecated Kubernetes APIs, default actions, and compatibility with dependency components. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Before upgrading the NGINX Ingress Controller, pay attention to the following compatibility issues identified by CCE:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Compatibility
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          CCE NGINX Ingress Controller is based on the community version of Ingress NGINX Controller. Upgrades to the community version may introduce new features, optimize existing ones, or address security issues. As a result, compatibility differences may occur after you upgrade CCE NGINX Ingress Controller. These differences can include configuration changes between versions, deprecated Kubernetes APIs, default actions, and compatibility with dependency components. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Before upgrading the NGINX Ingress Controller, pay attention to the following compatibility issues identified by CCE:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Native Nginx Validity Check Disabled by Default
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Affected versions: earlier than 3.0.34
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          The NGINX Ingress Controller v3.0.34 corresponds to community version v1.11.5. In this community version, the security vulnerability CVE-2025-1974 has been fixed, and nginx -t (syntax check) has been removed from webhooks. In the community version v1.11.5, the format of ingress resources is still verified using admission webhooks. However, if you enable snippet annotations and the configuration contains syntax errors, invalid configurations may be directly injected into the nginx.conf file. Since there is no pre-check to validate the injected configuration, such errors may cause the Nginx configuration reload to fail. Therefore, if you enable snippet annotations, check NGINX Ingress Controller's pod logs for errors each time you modify the ingress rules. To do so, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          kubectl logs -f {nginx-ingress-controller-pod-name} -n kube-system | grep Error
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Native Nginx Validity Check Disabled by Default
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Affected versions: 3.0.34 and later
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          After the upgrade, the default behavior of the add-on will be adjusted. Check whether the change affects your services.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          The NGINX Ingress Controller v3.0.34 corresponds to community version v1.11.5. In this community version, the security vulnerability CVE-2025-1974 has been fixed, and nginx -t (syntax check) has been removed from webhooks. In the community version v1.11.5, the format of ingress resources is still verified using admission webhooks. However, if you enable snippet annotations and the configuration contains syntax errors, invalid configurations may be directly injected into the nginx.conf file. Since there is no pre-check to validate the injected configuration, such errors may cause the Nginx configuration reload to fail. Therefore, if you enable snippet annotations, check NGINX Ingress Controller's pod logs for errors each time you modify the ingress rules. To do so, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          kubectl logs -f {nginx-ingress-controller-pod-name} -n kube-system | grep Error
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Snippet Annotations Disabled by Default
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Affected versions: earlier than 2.4.6
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Starting from version 2.4.6, the NGINX Ingress Controller has disabled snippet annotations by default to improve security and configuration stability. The snippet annotations include:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • nginx.ingress.kubernetes.io/configuration-snippet
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • nginx.ingress.kubernetes.io/server-snippet
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • nginx.ingress.kubernetes.io/stream-snippet
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • nginx.ingress.kubernetes.io/auth-snippet
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • nginx.ingress.kubernetes.io/modsecurity-snippet
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          For security and stability, use built-in annotations or other configuration settings provided by the NGINX Ingress Controller to implement the required functionality, rather than relying on snippet annotations.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          If you still need to use snippet annotations, fully evaluate the associated risks and manually enable the annotation function. To do so, go to Settings, click YAML under Nginx Parameters and add "allow-snippet-annotations": "true".
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Snippet Annotations Disabled by Default
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Affected versions: 2.4.6 and later
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          After the add-on is upgraded, the existing incompatible settings are not updated. These settings do not take effect by default in the new version. You need to perform additional configurations.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Starting from version 2.4.6, the NGINX Ingress Controller has disabled snippet annotations by default to improve security and configuration stability. The snippet annotations include:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • nginx.ingress.kubernetes.io/configuration-snippet
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • nginx.ingress.kubernetes.io/server-snippet
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • nginx.ingress.kubernetes.io/stream-snippet
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • nginx.ingress.kubernetes.io/auth-snippet
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • nginx.ingress.kubernetes.io/modsecurity-snippet
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          If you still need to use snippet annotations, fully evaluate the associated risks and manually enable the annotation function. To do so, go to Settings, click YAML under Nginx Parameters and add the following annotations:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • "allow-snippet-annotations": "true"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • "annotations-risk-level": "Critical"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                             
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            In NGINX Ingress Controller 4.0.4 and later versions, you need to add annotations-risk-level.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            This is because the default value of annotations-risk-level is downgraded to High in these versions. For details, see Changelog. Snippet annotations are at the critical level. So, you need to change the value of annotations-risk-level to Critical, or snippet annotations are still unavailable.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Earlier TLS Versions Not Supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Affected versions: earlier than 2.3.3
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          TLS v1.1 and earlier versions have security issues. The NGINX Ingress Controller of v2.3.3 and later versions does not support TLS v1.1 and TLS v1.0 by default. Therefore, before upgrading the NGINX Ingress Controller, ensure your services do not rely on TLS v1.1 or earlier versions. Remove these versions from your configuration to maintain compatibility and security.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Earlier TLS Versions Not Supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Affected versions: 2.3.3 and later
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          After the upgrade, the default behavior of the add-on will be adjusted. Check whether the change affects your services.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          TLS v1.1 and earlier versions have security issues. The NGINX Ingress Controller of v2.3.3 and later versions does not support TLS v1.1 and TLS v1.0 by default. Therefore, before upgrading the NGINX Ingress Controller, ensure your services do not rely on TLS v1.1 or earlier versions. Remove these versions from your configuration to maintain compatibility and security.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Nginx Native root and alias Directives Not Supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Affected versions: earlier than 2.1.1
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          To prevent sensitive file leakage or path conflicts caused by incorrect configurations, the NGINX Ingress Controller of v2.1.1 and later versions has removed support for the root and alias directives. Therefore, before upgrading the NGINX Ingress Controller, ensure your ingresses do not contain the Nginx native root or alias directives configured using snippets.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Nginx Native root and alias Directives Not Supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Affected versions: 2.1.1 and later
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          After the add-on is upgraded, the existing incompatible settings are not updated. These settings do not take effect in the new version.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          To prevent sensitive file leakage or path conflicts caused by incorrect configurations, the NGINX Ingress Controller of v2.1.1 and later versions has removed support for the root and alias directives. Therefore, before upgrading the NGINX Ingress Controller, ensure your ingresses do not contain the Nginx native root or alias directives configured using snippets.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Graceful Upgrades Supported by NGINX Ingress Controller
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          To ensure a smooth upgrade and maintain service stability, pay attention to the following add-on versions:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • 2.1.x: The NGINX Ingress Controller of v2.1.33 and later versions supports graceful shutdown and hitless upgrade.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • 2.2.x: The NGINX Ingress Controller of v2.2.42 and later versions supports graceful shutdown and hitless upgrade.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • 2.4.6 or later: The NGINX Ingress Controller supports graceful shutdown and hitless upgrade.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          For versions beyond the preceding ranges, services may experience temporary downtime during upgrades. To ensure service continuity and stability, plan and conduct an upgrade during off-peak hours.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Graceful Upgrades Supported by NGINX Ingress Controller
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          To ensure a smooth upgrade and maintain service stability, pay attention to the following add-on versions:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • 2.1.x: The NGINX Ingress Controller of v2.1.33 and later versions supports graceful shutdown and hitless upgrade.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • 2.2.x: The NGINX Ingress Controller of v2.2.42 and later versions supports graceful shutdown and hitless upgrade.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • 2.4.6 or later: The NGINX Ingress Controller supports graceful shutdown and hitless upgrade.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          For versions beyond the preceding ranges, services may experience temporary downtime during upgrades. To ensure service continuity and stability, plan and conduct an upgrade during off-peak hours.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_10_0997.html b/docs/cce/umn/cce_10_0997.html
new file mode 100644
index 000000000..b47de27b3
--- /dev/null
+++ b/docs/cce/umn/cce_10_0997.html
@@ -0,0 +1,240 @@
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Using Dex for OIDC Authentication on CCE
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Dex is an open-source OpenID Connect (OIDC) identity provider. It enables flexible authentication and federated identity management in Kubernetes. As an intermediary layer, Dex translates multiple identity sources, such as Lightweight Directory Access Protocol (LDAP), GitHub, and Security Assertion Markup Language (SAML), into the standard OIDC protocol, for Kubernetes and other applications.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          OIDC is an authentication method based on OAuth 2.0. It provides both an access token and an ID token, which is a JSON Web Token (JWT) signed by the server and contains well known fields such as a user's email. Kubernetes leverages the user information within ID tokens for RBAC authorization, enabling the translation of third-party identity sources into Kubernetes permissions. For details, see OpenID Connect Tokens.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          The typical application scenarios include:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • LDAP/AD integration: Enterprises using LDAP seamlessly integrate their existing user systems with Kubernetes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Unified authentication for multiple clusters: Multiple Kubernetes clusters share the same Dex instance for unified login.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Unified identity federation: During multi-team collaboration, user identity authentication from different sources (such as GitHub and GitLab) is transformed into the OIDC protocol via Dex, and an OIDC token that can be identified by Kubernetes is obtained.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          This section uses an LDAP OAuth account as an example to describe how to complete OIDC authentication on CCE.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Solution Overview
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          When Dex is used for OIDC authentication in a Kubernetes cluster, two key components are involved: Dex and dex-k8s-authenticator.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Dex acts as a portal for identity providers. It forwards authentication requests to LDAP, SAML, GitHub, GitLab, or other identity providers.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • dex-k8s-authenticator is a web application that interacts with Dex. It retrieves tokens from Dex and provides necessary commands to create or update a kubeconfig file. After running these commands, you can configure the kubeconfig file.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Figure 1 Dex login verification process
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          The process of using Dex for login authentication is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. A user accesses the login page.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. The system redirects the login request to Dex for authentication.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. Dex forwards the request to the third-party identity provider.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4. If authentication is successful, the third-party identity provider returns an ID token.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          5. When using kubectl, the user sets --token to the ID token or adds the ID token to the kubeconfig file.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          6. kubectl places the ID token in the Authorization header and sends it to the Kubernetes API server.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          7. The API server validates the JWT signature to confirm authenticity.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          8. The API server communicates with Dex to verify if the ID token is authorized.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          9. Dex confirms user authorization and returns the verification result.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          10. If authentication is successful, the API server sends a response to kubectl.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          11. kubectl presents the API server response to the user in a readable format.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Preparations
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Create a CCE cluster of v1.30 or later on the CCE console. For details about how to buy a cluster, see Creating a CCE Standard/Turbo Cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. Prepare a VM that is in the same VPC as the cluster and can access the Internet, install kubectl for cluster access and Helm v3 on the VM.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. Create a load balancer and bind an EIP to it.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4. Get the following domain names ready:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Public network domain name 1: dex.k8s.example.com, which is the domain name for accessing Dex
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Public network domain name 2: login.k8s.example.com, which is the domain name for accessing dex-k8s-authenticator
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          5. Configure DNS A records. Configure DNS public network resolution for these domain names. If the domain names are accessed only over the private network, you can configure the node host file.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          6. Install the NGINX Ingress Controller add-on and select the load balancer created in 3. For details, see NGINX Ingress Controller.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          7. Ensure that there are an LDAP service, user groups, and users.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          8. (Optional) Configure SNAT for the node subnet. If Dex is deployed in another cluster, you need to create a public NAT gateway for the VPC where the cluster resides and the subnet where the nodes reside to allow kube-apiserver to access the Internet. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Step 1: Create a Key (Skip This Step If You Already Have a Certificate)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Log in to the VM where kubectl and Helm have been installed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. Create a Dex self-signed certificate. When Dex is accessed over HTTPS, certificate authentication is required. This involves obtaining both a self-signed server certificate and a CA certificate.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Create a create_cert.sh script file. The file content is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            #!/bin/bash
+mkdir -p ssl
+cat << EOF > ssl/req.cnf
+[req]
+req_extensions = v3_req
+distinguished_name = req_distinguished_name
+
+[req_distinguished_name]
+
+[ v3_req ]
+basicConstraints = CA:FALSE
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+subjectAltName = @alt_names
+
+[alt_names]
+DNS.1 = *.k8s.example.com  #  All domain names with the k8s.example.com suffix are trusted by this certificate.
+EOF
+
+openssl genrsa -out ssl/ca-key.pem 2048
+openssl req -x509 -new -nodes -key ssl/ca-key.pem -days 3650 -out ssl/ca.pem -subj "/CN=kube-ca"
+
+openssl genrsa -out ssl/key.pem 2048
+openssl req -new -key ssl/key.pem -out ssl/csr.pem -subj "/CN=kube-ca" -config ssl/req.cnf
+openssl x509 -req -in ssl/csr.pem -CA ssl/ca.pem -CAkey ssl/ca-key.pem -CAcreateserial -out ssl/cert.pem -days 3650 -extensions v3_req -extfile ssl/req.cnf
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Run the following scripts:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            chmod +x create_cert.sh
+./create_cert.sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. Generate a server certificate secret, which is required for accessing dex.k8s.example.com and login.k8s.example.com. In this example, the secret name is dex.example.com.tls.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            kubectl create ns dex
+cd ssl; mv key.pem tls.key; mv cert.pem tls.crt
+kubectl create secret tls -n dex dex.example.com.tls \
+   --cert=tls.crt\
+   --key=tls.key
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Step 2: Deploy a Dex Application
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Deploy a Dex application using Helm. For details, see Kubernetes Authentication Through Dex.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Log in to the VM where kubectl and Helm have been installed and add a Helm repository.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            helm repo add dex https://charts.dexidp.io
+helm repo update
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. Create a dex-values.yaml file to specify Dex parameters. This file defines the Dex access mode and the LDAP backend service registered in Dex.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            The file content is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            tls: 
+  enabled: true 
+  clientCA: "" 
+ingress: 
+  enabled: true 
+  className: nginx   # Create an Nginx ingress.
+  hosts: 
+    - host: dex.k8s.example.com   # Domain name for accessing Dex
+      paths: 
+        - path: / 
+          pathType: ImplementationSpecific 
+  tls: 
+    - secretName: dex.example.com.tls  # Dex access key created in step 1
+      hosts: 
+        - dex.k8s.example.com   # Domain name for accessing Dex
+config: 
+  issuer: https://dex.k8s.example.com   # Domain name for accessing Dex. The access address can also be HTTP.
+  storage: 
+    type: kubernetes 
+    config: 
+      inCluster: true 
+  oauth2:
+    responseTypes: ["code", "token", "id_token"] 
+    skipApprovalScreen: true 
+  connectors: 
+   - type: ldap 
+     id: ldap 
+     name: LDAP 
+     config:  
+       host: xxx.xxx.xxx.xxx:389 # ldap server 
+       insecureNoSSL: true 
+       insecureSkipVerify: true 
+       bindDN: CN=admin,DC=example,DC=com # Administrator distinguished name (DN), which is the unique identifier in the LDAP directory
+       bindPW: "*****" # Set the administrator password.
+        userSearch: # Obtain the user information in LDAP and map it to Dex.
+         baseDN: dc=example,dc=com 
+         filter: "(objectClass=posixAccount)" 
+         username: uid  # User login name
+         idAttr: DN # In this example, the DN in the LDAP record is mapped to Dex.
+         emailAttr: mail # In this example, the mail field in the LDAP record is mapped to Dex.
+         nameAttr: cn # In this example, the cn field in the LDAP record is mapped to Dex.
+       groupSearch: 
+         baseDN: dc=example,dc=com 
+         filter: "(objectClass=posixGroup)" 
+         userMatchers: 
+         - userAttr: uid 
+           groupAttr: memberUid 
+         nameAttr: cn 
+  staticClients: 
+    - id: kubernetes    # Register a client ID.
+      secret: *****    # Set the client password.
+      name: "kubernetes" 
+      redirectURIs: 
+       - https://login.k8s.example.com/callback   # Domain name for accessing dex-k8s-authenticator
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            For more parameter settings, see the official examples:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. Install Dex based on the custom configuration.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            helm install dex dex/dex --namespace dex --create-namespace --version 0.19.1 --values dex-values.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            View the installed releases.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            helm list
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Step 3: Configure Intra-Cluster Domain Name Resolution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. In the navigation pane, choose Add-ons. Then, click Edit under CoreDNS.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. In the Parameters area, edit the extended parameters and add the following content to the plugins field to configure the Dex service domain name resolution:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            {
+  "configBlock": "10.247.82.158 dex.k8s.example.com\nfallthrough", 
+  "name": "hosts"
+}
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            10.247.82.158 is the ClusterIP of the nginx-ingress-controller Service.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4. Click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Step 4: Deploy the dex-k8s-authenticator Application
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Add a Helm repository.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            helm repo add skm https://charts.sagikazarmark.dev
+helm repo update
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. Create an authen-values.yaml file to configure the dex-k8s-authenticator parameter. For details about the configuration example, see dex-k8s-authenticator.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            config: 
+  clusters: 
+    - name: Hello-CCE 
+      short_description: "Your cluster" 
+      description: "Your cluster" 
+      issuer: https://dex.k8s.example.com    # Domain name for accessing Dex
+      client_id: kubernetes                  # Client ID in Dex config in Step 2: Deploy a Dex Application.
+      client_secret: *****                   # Client secret in Dex config in Step 2: Deploy a Dex Application.
+      redirect_uri: https://login.k8s.example.com/callback        # Domain name for accessing dex-k8s-authenticator
+      k8s_master_uri: https://192.168.0.158:5443                  # Address for accessing the cluster API server
+      # CA certificate of the cluster
+      k8s_ca_pem: | 
+        -----BEGIN CERTIFICATE----- 
+        ...
+        -----END CERTIFICATE----- 
+  # If HTTPS is used for Dex access, the CA certificate of the Dex domain name must be provided.
+  trusted_root_ca: |
+    -----BEGIN CERTIFICATE----- 
+    ...
+    -----END CERTIFICATE----- 
+ingress: 
+  enabled: true 
+  className: nginx 
+  hosts: 
+    - host: login.k8s.example.com # Change the value to the domain name for accessing dex-k8s-authenticator.
+      paths: 
+        - path: / 
+          pathType: ImplementationSpecific 
+  tls: 
+    - secretName: dex.example.com.tls  # Dex access key created in Step 1: Create a Key (Skip This Step If You Already Have a Certificate)
+      hosts: 
+        - login.k8s.example.com    # Change the value to the domain name for accessing dex-k8s-authenticator.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. Install dex-k8s-authenticator based on the custom configuration.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            helm install dex-k8s-authenticator skm/dex-k8s-authenticator --namespace dex --version 0.0.3 --values authen-values.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Step 5: Modify the Startup Parameters of the Cluster API Server
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. In the navigation pane, choose Settings.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. Click the Cluster Access tab, enable OIDC, and configure the parameters required for kube-apiserver to use OIDC.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Example Value
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Issuer URL (oidc-issuer-url)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            The URL for OIDC authentication. It must be HTTPS-compliant.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            https://dex.k8s.example.com
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Client ID (oidc-client-id)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Client ID registered with the OIDC authentication service. For example, the client ID registered in Step 2: Deploy a Dex Application is kubernetes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            kubernetes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Username (oidc-username-claim)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            The value to be used as the username. You need to specify a field in JWT claims for it. The default value is sub. It is typically the unique identifier of the end user. You can also select other fields, such as email or name.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            You can grant Kubernetes permissions based on the username in the cluster. For details, see Step 6: Grant Kubernetes Permissions to a Third-Party User.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            email
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Setting the parameter to email means that the value of the email field (the email address) in the JWT claim is used as the username.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            OIDC Group (oidc-groups-claim)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            The value to be used as the user group. You need to specify a field in JWT claims for it. The field name of the user group is typically groups. You can grant Kubernetes permissions based on the user group. For details, see Step 6: Grant Kubernetes Permissions to a Third-Party User.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            groups
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Setting this parameter to groups means that the value of groups in the JWT claim is used as the user group.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            CA File (oidc-ca-pem)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            A CA certificate in PEM format. It is used to sign the identity provider's web certificate.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            CA certificate of the Dex domain name in Step 1: Create a Key (Skip This Step If You Already Have a Certificate)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4. Click Confirm Settings.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Step 6: Grant Kubernetes Permissions to a Third-Party User
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Since Dex only handles authentication and does not directly authorize users within Kubernetes, you need to manually assign Kubernetes permissions to authenticated users.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          In this example, permissions are granted to the group specified in Step 5: Modify the Startup Parameters of the Cluster API Server. That means that Kubernetes permissions are granted to the user group in the returned JWT. (In this example, the user group name is CCE.) If the logged-in user is a member of the specified user group, the user automatically inherits the corresponding Kubernetes permissions assigned to that group. An example of configuring a ClusterRoleBinding and ClusterRole is shown below. You can assign permissions as required.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          kind: ClusterRoleBinding 
+apiVersion: rbac.authorization.k8s.io/v1 
+metadata: 
+  name: cce-admin 
+subjects: 
+- kind: Group 
+  name: "CCE"  # The CCE user group is the user group that the LDAP user belongs to. Users in this user group are granted Kubernetes permissions.
+  apiGroup: rbac.authorization.k8s.io 
+roleRef: 
+  kind: ClusterRole 
+  name: cluster-admin 
+   apiGroup: rbac.authorization.k8s.io 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Step 7: Perform Login Tests
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Open a browser and enter the dex-k8s-authenticator domain name in the address bar. In this example, the domain name is login.k8s.example.com.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. Enter the username and password of a user in the CCE user group in LDAP.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. Run commands by following the instructions. After the login is successful, dex-k8s-authenticator provides executable commands to help you configure the kubeconfig file.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4. After the kubeconfig file is configured, access Kubernetes resources for testing using kubectl.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Parent topic: Permissions
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
diff --git a/docs/cce/umn/cce_10_1006.html b/docs/cce/umn/cce_10_1006.html
new file mode 100644
index 000000000..8238b7339
--- /dev/null
+++ b/docs/cce/umn/cce_10_1006.html
@@ -0,0 +1,139 @@
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Using AppArmor to Confine Container Access to Resources
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Application Armor (AppArmor) is a security module of the Linux kernel, which is usually used in OSs such as Ubuntu. AppArmor allows system administrators to associate each program with a security profile to confine program functions. AppArmor is an access control system similar to SELinux. It can be used to specify which files a program can read, write, or run, and whether the program can access network ports. AppArmor supplements the traditional Unix discretionary access control (DAC) model by providing mandatory access control (MAC). It has been integrated into the Linux kernel since version 2.6.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          This section describes how to use AppArmor to confine container access to resources on Ubuntu nodes in a CCE cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Constraints
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • This feature is supported only in clusters of v1.31.6-r0 or later, and the nodes must run Ubuntu. Ensure that your cluster version and node OS meet the requirements.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • The version of the Everest add-on in the cluster must be 2.4.158 or later.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • After AppArmor is enabled on a node, Docker or containerd applies the default AppArmor profile to pods scheduled to the node even if the appArmorProfile parameters are not configured for the pods. The AppArmor profile is not enforced when the appArmorProfile.type parameter is explicitly set to Unconfined for the pods. For details, see Using AppArmor Profiles to Secure Pods.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Operations that trigger node reset, such as resetting a node or synchronizing a node pool, will disable AppArmor. If you need to disable AppArmor on a node, reset the node. Currently, AppArmor cannot be manually disabled.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Enabling AppArmor on a Node
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Log in to the Ubuntu node and install AppArmor.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            sudo DEBIAN_FRONTEND=noninteractive apt-get -y install apparmor
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                             
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            If a private Ubuntu image is used, pre-install AppArmor in the image.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. Check the AppArmor status.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            sudo aa-status
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            If the following information is displayed, AppArmor has been loaded:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            apparmor module is loaded.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. Start AppArmor and set it to be automatically started upon system boot. When the node is restarted, the AppArmor profile is automatically reloaded.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            sudo systemctl enable apparmor
+sudo systemctl start apparmor
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4. Check whether the system is started. If Y is returned, the system is started.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            sudo cat /sys/module/apparmor/parameters/enabled
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            The parameters in the command output are read by kubelet to check whether AppArmor is enabled on the node. If AppArmor is not enabled on the node, pods with AppArmor settings will be intercepted when they are scheduled to this node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Restart kubelet to read the parameters in the command output. (AppArmor is enabled by default in kubelet 1.31 GA.)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            sudo systemctl restart kubelet 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Enabling AppArmor for the Container Engine
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          If the container engine is containerd, take the following steps:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Modify the containerd configuration.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            vim /etc/containerd/config.toml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. Modify the following content and save the modification:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            [plugins."io.containerd.grpc.v1.cri"]
+  disable_apparmor = false 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. Restart containerd.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            sudo systemctl restart containerd
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          If the container engine is Docker, take the following steps:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Modify the Docker configuration.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            vim /etc/default/docker
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. Use # to comment out container='disable apparmor'.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            # container='disable apparmor'
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. Restart Docker.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            sudo systemctl restart docker
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Using AppArmor Profiles to Secure Pods
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          AppArmor profiles can be specified at the pod or container level. If a pod-level profile is set, it will be used as the default profile for all containers (including init, sidecar, and ephemeral containers) in the pod. If both pod- and container-level profiles are set, the container-level profile is preferentially used. The following shows an example configuration:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          ...
+securityContext:
+  appArmorProfile:
+    type: <profile_type>
+...
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          The options of <profile_type> are as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          For details about the AppArmor profile API, see Specifying AppArmor Confinement.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          When privileged containers are enabled for a pod (privileged: true), configure rules for the AppArmor configuration to take effect. For details, see Rules for AppArmor Configurations to Take Effect After AppArmor Is Enabled for Privileged Containers.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          To verify that a container's root process is running with the correct profile, you can check its process attributes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          kubectl exec <pod_name> -- cat /proc/1/attr/current 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          An example output is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          cri-containerd.apparmor.d (enforce)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Example: Using Custom AppArmor Profile to Confine a Pod
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Load the custom AppArmor profile onto the node. You can define the profile name.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            vim /etc/apparmor.d/k8s-apparmor-example-deny-write
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            The following is an example. The profile denies all file write operations. For details about the profile writing syntax, see the AppArmor Profile Quick Guide.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            #include <tunables/global>
+profile k8s-apparmor-example-deny-write flags=(attach_disconnected) {
+  #include <abstractions/base>
+  file,
+  # Deny all file writes.
+  deny /** w,
+}
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Load the profile.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            apparmor_parser -r /etc/apparmor.d/k8s-apparmor-example-deny-write
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                             
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            The AppArmor profile needs to be loaded onto each node that needs to use AppArmor.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. Create a simple pod as follows and add the AppArmor rules for the pod to reject file writing as set in the previous step.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Create the hello-apparmor.yaml file and add the following content to the file:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            apiVersion: v1
+kind: Pod
+metadata:
+  name: hello-apparmor
+spec:
+  securityContext:
+    appArmorProfile:
+      type: Localhost  # Use the AppArmor profile loaded on the node.
+      localhostProfile: k8s-apparmor-example-deny-write  # Define the name of the AppArmor profile loaded on the node.
+  containers:
+  - name: hello
+    image: busybox:1.28
+    command: [ "sh", "-c", "echo 'Hello AppArmor!' && sleep 1h" ]
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                             
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            If the cluster contains nodes that do not support AppArmor, use affinity scheduling to schedule the pod to a node that supports AppArmor. For details, see Configuring Node Affinity Scheduling (nodeAffinity).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. Create a sample pod.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            kubectl create -f hello-apparmor.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4. When the pod is running, check the /proc/1/attr/current file of the container to verify that the container is running with the AppArmor profile.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            kubectl exec hello-apparmor -- cat /proc/1/attr/current
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            If the following information is displayed, the AppArmor profile has been applied to the container:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            k8s-apparmor-example-deny-write (enforce)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          5. Write files to violate the AppArmor profile and check whether the profile takes effect.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            kubectl exec hello-apparmor -- touch /tmp/test
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            If the following information is displayed, the write operation is rejected, and the profile takes effect:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            touch: /tmp/test: Permission denied
+command terminated with exit code 1
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Rules for AppArmor Configurations to Take Effect After AppArmor Is Enabled for Privileged Containers
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          If privileged containers are enabled for a pod (privileged: true), the rules for AppArmor configurations to take effect are as follows.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Pod AppArmor Configuration
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Privileged Containers Not Used
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Privileged Containers Used (privileged: true)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          AppArmor not enabled
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Use the default policy of the container engine.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          The AppArmor profile is not enforced.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          RuntimeDefault
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Use the default policy of the container engine.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          The AppArmor profile is not enforced.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Unconfined
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          The AppArmor profile is not enforced.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          The AppArmor profile is not enforced.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Localhost
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Use the AppArmor profile loaded on the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Use the AppArmor profile loaded on the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Helpful Links
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Parent topic: Pod Security
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
diff --git a/docs/cce/umn/cce_10_1012.html b/docs/cce/umn/cce_10_1012.html
new file mode 100644
index 000000000..000ee5780
--- /dev/null
+++ b/docs/cce/umn/cce_10_1012.html
@@ -0,0 +1,104 @@
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Configuring EVS Mount Options
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Mount options are parameters passed to the kernel during file system mounting. They control the access mode, performance optimization, and security policies of storage devices (such as EVS, SFS, and OBS). CCE allows you to configure mount options in PVs and StorageClasses.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Configuring mount options in a PV applies only to that specific PV. This method is used when custom mount parameters are needed for a particular storage volume.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Configuring mount options in a StorageClass applies to all PVs created using that StorageClass. This method is used for centrally configuring mount options for EVS disks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          The CCE Container Storage (Everest) version must be 2.4.153 or later. This add-on identifies the mount options and transfers them to the underlying storage resources. The parameter settings take effect only if the underlying storage resources support the specified options.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Mount options cannot be configured for secure containers.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          EVS Mount Options
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          CCE supports the mount options listed in the following table.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Table 1 Mount options
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Value
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          noatime/strictatime/relatime
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Blank
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Specify how file access time (atime) is updated. You can choose one of the following options:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • noatime: atime is not updated. This option provides the highest performance but completely loses atime information. It is suitable for high-concurrency read scenarios, such as databases and static file services.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • relatime (default): atime is updated only if it is earlier than mtime or if it has not been updated for more than 24 hours. This option has low overhead.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • strictatime: atime is updated every time a file is read. This option is the most accurate but has the worst performance. It is suitable for scenarios where access time needs to be strictly recorded.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Configuring Mount Options
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          You can configure mount options using one of the following methods.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Configuring Mount Options in a PV
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          You can use mountOptions to configure mount options in a PV. This configuration applies only to that specific PV. For details about mountOptions, see EVS Mount Options.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. Configure mount options in a PV. Example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            apiVersion: v1
+kind: PersistentVolume
+metadata:
+  annotations:
+    pv.kubernetes.io/provisioned-by: everest-csi-provisioner
+  name: pv-disk  # PV name
+  labels:
+    failure-domain.beta.kubernetes.io/region: 
+    failure-domain.beta.kubernetes.io/zone: 
+spec:
+  accessModes:
+    - ReadWriteOnce
+  capacity:
+    storage: 10Gi # Storage capacity
+  csi:
+    driver: disk.csi.everest.io
+    fsType: ext4
+    volumeHandle: {your_volume_id}   # EVS volume ID
+    volumeAttributes:
+      storage.kubernetes.io/csiProvisionerIdentity: everest-csi-provisioner
+      everest.io/disk-mode: SCSI
+      everest.io/disk-volume-type: SATA
+      everest.io/enterprise-project-id: '0'
+  persistentVolumeReclaimPolicy: Retain
+  storageClassName: csi-disk
+  mountOptions: # Mount options
+    - strictatime
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. After creating a PV, you can create a PVC, bind it to the PV, and mount the PV to the containers in the workload. For details, see Using an Existing EVS Disk Through a Static PV.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4. Check whether the mount options are effective. In this example, the PVC is mounted to a workload using the nginx:latest image, with the mount path /testdir in the container. To verify the settings, do as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Check the name of the pod to which the PVC has been mounted. In this example, the workload name is web-disk.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              kubectl get pod | grep web-disk
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Information similar to the following is displayed:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              web-disk-xxx     1/1     Running   0             23m
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            2. Run the following command to access the pod:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              kubectl exec -it web-disk-xxx -- bash
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            3. Run the following command to access the mount path and obtain a test file:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              cd /testdir
+echo 'ok' > testfile
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            4. Run the command repeatedly and check the Access value in the output. If the Access value changes, the strictatime mount option is effective.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              stat testfile && cat testfile > /dev/null
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Configuring Mount Options in a StorageClass
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          You can also use mountOptions to configure mount options in a StorageClass. This configuration applies to all PVs created using this StorageClass. For details about mountOptions, see EVS Mount Options.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. Create a custom StorageClass. Example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            allowVolumeExpansion: true
+apiVersion: storage.k8s.io/v1
+kind: StorageClass 
+metadata:
+  name: csi-disk # The StorageClass name
+mountOptions: # Mount options
+- strictatime
+parameters:
+  csi.storage.k8s.io/csi-driver-name: disk.csi.everest.io
+  csi.storage.k8s.io/fstype: ext4
+  everest.io/disk-volume-type: SAS
+  everest.io/passthrough: "true"
+provisioner: everest-csi-provisioner
+reclaimPolicy: Delete
+volumeBindingMode: Immediate
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. After the StorageClass is configured, you can use it to create a PVC. By default, dynamically created PVs inherit the mount options configured in the StorageClass. For details, see Using an EVS Disk Through a Dynamic PV.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4. Check whether the mount options are effective. In this example, the PVC is mounted to a workload using the nginx:latest image, with the mount path /testdir in the container. To verify the settings, do as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Check the name of the pod to which the PVC has been mounted. In this example, the workload name is web-disk.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              kubectl get pod | grep web-disk
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Information similar to the following is displayed:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              web-disk-xxx     1/1     Running   0             23m
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            2. Run the following command to access the pod:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              kubectl exec -it web-disk-xxx -- bash
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            3. Run the following command to access the mount path and obtain a test file:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              cd /testdir
+echo 'ok' > testfile
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            4. Run the command repeatedly and check the Access value in the output. If the Access value changes, the strictatime mount option is effective.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              stat testfile && cat testfile > /dev/null
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Parent topic: EVS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
diff --git a/docs/cce/umn/cce_10_1016.html b/docs/cce/umn/cce_10_1016.html
new file mode 100644
index 000000000..2161e07d7
--- /dev/null
+++ b/docs/cce/umn/cce_10_1016.html
@@ -0,0 +1,21 @@
+
+
+
+  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          GPU Monitoring
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
+  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
+
+
diff --git a/docs/cce/umn/cce_10_1017.html b/docs/cce/umn/cce_10_1017.html
new file mode 100644
index 000000000..cca0b21e3
--- /dev/null
+++ b/docs/cce/umn/cce_10_1017.html
@@ -0,0 +1,19 @@
+
+
+
+  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          GPU Auto Scaling
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
+  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
+
+
diff --git a/docs/cce/umn/cce_10_1077.html b/docs/cce/umn/cce_10_1077.html
new file mode 100644
index 000000000..e29ed5a3c
--- /dev/null
+++ b/docs/cce/umn/cce_10_1077.html
@@ -0,0 +1,27 @@
+
+
+
+  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Configuring a Security Group for a Workload in a CCE Turbo Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
+  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
+
+
diff --git a/docs/cce/umn/cce_10_1078.html b/docs/cce/umn/cce_10_1078.html
new file mode 100644
index 000000000..3002dd3e5
--- /dev/null
+++ b/docs/cce/umn/cce_10_1078.html
@@ -0,0 +1,72 @@
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Comparison of Workload Security Group Configuration Methods
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          In CCE Turbo clusters, pods can be directly bound to security groups using VPC network interfaces or supplementary network interfaces. CCE Turbo provides multi-dimensional security group binding methods to meet your service needs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          If multiple security group configuration methods are used, the method with the highest priority will be applied. In the table below, smaller values indicate higher priorities.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Table 1 Comparison between methods for configuring workload security groups
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Priority
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          How to Configure
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Application and Advantage
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Constraint
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Binding a Security Group to a Pod Using an Annotation
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • This method is suitable for debugging services.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Security groups added using this method can be used by other configuration methods.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Newly added security groups apply only to new pods. To apply the configuration to existing pods, they must be rebuilt.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Pre-bound container network interfaces cannot be associated with a target security group.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Binding a Security Group to a Workload Using a Security Group Policy
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • This method applies to the entire namespace and requires workloads within the namespace.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Security group settings can be updated for pods in real time. This eliminates the need to rebuild existing pods.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Pre-bound container network interfaces cannot be associated with a target security group.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Using Node Pool Settings to Bind the Default Security Group to Pods in the Node Pool
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Services are classified by node pool. You may need to configure associated scheduling policies based on your services.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Pre-bound container network interfaces can be associated with a target security group.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Newly added security groups apply only to new pods. To apply the configuration to existing pods, they must be rebuilt.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Only newly bound container network interfaces on the node can be associated with a target security group.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Binding a Subnet and Security Group to a Namespace or Workload Using a Container Network Configuration
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • This method applies to the entire cluster and supports multiple namespaces.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Security groups can be configured with subnets.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Newly added security groups apply only to new pods. To apply the configuration to existing pods, they must be rebuilt.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Pre-bound container network interfaces cannot be associated with a target security group.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          5
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Default network interface security group of a Turbo cluster 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • This method is the default configuration. If your cluster requires general security hardening, you can directly modify the rules in the default security group.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Pre-bound container network interfaces can be associated with a target security group.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          None
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
+
diff --git a/docs/cce/umn/cce_10_1079.html b/docs/cce/umn/cce_10_1079.html
new file mode 100644
index 000000000..7b637b547
--- /dev/null
+++ b/docs/cce/umn/cce_10_1079.html
@@ -0,0 +1,20 @@
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Using Node Pool Settings to Bind the Default Security Group to Pods in the Node Pool
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          In Cloud Native Network 2.0, pods can be directly bound to security groups using VPC network interfaces or supplementary network interfaces. CCE Turbo allows you to configure the default security group for pods in a node pool. This operation is applicable to the following scenarios:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Access control by node pool: If your services are classified by node pool, you can use the method described in this section to implement security access control by node pool. Plan the security rules for the default security group of pods in different node pools based on your services.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Scaling pods in a CCE Turbo cluster: A security group can be associated with a maximum of 50,000 network interfaces. If the number of pods in a single CCE Turbo cluster exceeds 50,000, you can configure different security groups for different node pools. This allows each node pool to schedule up to 50,000 pods, thereby expanding the maximum number of pods supported by a CCE Turbo cluster. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          To bind the default security group to pods in a node pool, classify services by node pool and configure associated scheduling policies based on your services. Otherwise, the security group may change if the workload is rescheduled to another node pool. For details about how to configure workload scheduling policies, see Configuring Node Affinity Scheduling (nodeAffinity).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Newly added security groups apply only to new pods. To apply the configuration to existing pods, they must be rebuilt.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Only newly bound container network interfaces on the node can be associated with a target security group.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Procedure
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Create a security group in the VPC and copy the security group ID.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. Choose Nodes in the navigation pane and click the Node Pools tab on the right.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4. Locate the target node pool and choose More > Manage. In the Pod Security Group area, set Default Pod Security Group to the security group ID planned for this node pool.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          5. Click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
+
diff --git a/docs/cce/umn/cce_bestpractice_0000.html b/docs/cce/umn/cce_bestpractice_0000.html
index 733d91866..669692218 100644
--- a/docs/cce/umn/cce_bestpractice_0000.html
+++ b/docs/cce/umn/cce_bestpractice_0000.html
@@ -12,7 +12,7 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        6. Containerization
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          7. 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        7. Migration
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        8. Backup and Migration
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          9. 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        9. DevOps
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          10. 
diff --git a/docs/cce/umn/cce_bestpractice_00002.html b/docs/cce/umn/cce_bestpractice_00002.html
index 612f4c34c..8c80a4cff 100644
--- a/docs/cce/umn/cce_bestpractice_00002.html
+++ b/docs/cce/umn/cce_bestpractice_00002.html
@@ -35,7 +35,7 @@ spec:
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          The args parameters indicate that the container attempts to request 250 MiB memory, which exceeds the pod's upper limit (100 MiB).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Creating a pod:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          kubectl create -f https://k8s.io/docs/tasks/configure-pod-container/memory-request-limit-2.yaml --namespace=mem-example 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          kubectl create -f memory-request-limit-2.yaml --namespace=mem-example 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Viewing the details about the pod:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          kubectl get pod memory-demo-2 --namespace=mem-example 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          In this stage, the container may be running or be killed. If the container is not killed, repeat the previous command until the container is killed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
@@ -51,7 +51,7 @@ memory-demo-2   0/1       OOMKilled   1          24s
      finishedAt: 2020-02-20T17:35:12Z
      reason: OOMKilled
      startedAt: null
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          In this example, the container can be automatically restarted. Therefore, kubelet will start it again. You can run the following command several times to see how the container is killed and started:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          In this example, the container supports automatic restart, so kubelet will restart it upon termination. You can run the following command multiple times to see how the container is stopped and restarted:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          kubectl get pod memory-demo-2 --namespace=mem-example
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          The preceding command output indicates how the container is killed and started back and forth:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          $ kubectl get pod memory-demo-2 --namespace=mem-example 
diff --git a/docs/cce/umn/cce_bestpractice_00004.html b/docs/cce/umn/cce_bestpractice_00004.html
index aa99383c1..28565aabe 100644
--- a/docs/cce/umn/cce_bestpractice_00004.html
+++ b/docs/cce/umn/cce_bestpractice_00004.html
@@ -5,63 +5,68 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          This topic describes the addresses in a CCE cluster in a VPC and how to plan CIDR blocks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          To access a CCE cluster through a VPN, ensure that the VPN does not conflict with the VPC CIDR block where the cluster resides and the container CIDR block.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Basic Concepts
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • VPC CIDR Block
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Virtual Private Cloud (VPC) enables you to provision logically isolated, configurable, and manageable virtual networks for cloud servers, cloud containers, and cloud databases. You have complete control over your virtual network, including selecting your own CIDR block, creating subnets, and configuring security groups. You can also assign EIPs and allocate bandwidth in your VPC for secure and easy access to your business system.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Subnet CIDR Block
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            A subnet is a network that manages ECS network planes. It supports IP address management and DNS. The IP addresses of all ECSs in a subnet belong to the subnet.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Figure 1 VPC CIDR block architecture
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Basic Concepts
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • VPC CIDR Block
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Virtual Private Cloud (VPC) enables you to provision logically isolated, configurable, and manageable virtual networks for cloud servers, cloud containers, and cloud databases. You can configure IP address ranges, subnets, security groups, and more in a VPC, and assign EIPs and bandwidth to build your service system.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Subnet CIDR Block
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              A subnet is a network that manages ECS network planes. It supports IP address management and DNS. ECSs in a subnet are assigned IP addresses from this subnet.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Figure 1 VPC CIDR block architecture
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              By default, ECSs in all subnets of the same VPC can communicate with one another, while ECSs in different VPCs cannot communicate with each other.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              You can create a peering connection on VPC to enable ECSs in different VPCs to communicate with each other.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              By default, ECSs in all subnets of the same VPC can communicate with one another, but ECSs in different VPCs cannot.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              You can create a VPC peering connection to enable ECSs in different VPCs to communicate with each other.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Container (Pod) CIDR Block
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Pod is a Kubernetes concept. Each pod has an IP address.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              When creating a cluster on CCE, you can specify the pod (container) CIDR block, which cannot overlap with the subnet CIDR block. For example, if the subnet CIDR block is 192.168.0.0/16, the container CIDR block of the cluster cannot be 192.168.0.0/18 or 192.168.64.0/18 because these addresses are covered by 192.168.0.0/16.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              When creating a cluster on CCE, you can specify the pod (container) CIDR block. The container CIDR block cannot overlap with the VPC CIDR block or subnet CIDR block. For example, if the subnet CIDR block is 192.168.0.0/16, the container CIDR block of the cluster cannot be 192.168.0.0/18 or 192.168.64.0/18 because these addresses are covered by 192.168.0.0/16.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Container Subnet (Only for CCE Turbo Clusters)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              In a CCE Turbo cluster, a container is assigned an IP address from the CIDR block of a VPC. The container subnet can overlap with the subnet CIDR block. Note that the subnet you select determines the maximum number of pods in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Service CIDR Block
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Service is also a Kubernetes concept. Each Service has an address. When creating a cluster on CCE, you can specify the Service CIDR block. Similarly, the Service CIDR block cannot overlap with the subnet CIDR block or the container CIDR block. The Service CIDR block can be used only within a cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Service CIDR Block
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Service is also a Kubernetes concept. Each Service has an address. When creating a cluster on CCE, you can specify the Service CIDR block. Similarly, the Service CIDR block cannot overlap with the VPC CIDR block, subnet CIDR block, or container CIDR block. The Service CIDR block can be used only within a cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Single-VPC Single-Cluster Scenarios
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            CCE Clusters: include clusters in VPC network model and container tunnel network model. Figure 2 shows the CIDR block planning of a cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • VPC CIDR Block: specifies the VPC CIDR block where the cluster resides. The size of this CIDR block affects the maximum number of nodes that can be created in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Subnet CIDR Block: specifies the subnet CIDR block where the node in the cluster resides. The subnet CIDR block is included in the VPC CIDR block. Different nodes in the same cluster can be allocated to different subnet CIDR blocks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Container CIDR Block: cannot overlap with the subnet CIDR block.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Service CIDR Block: cannot overlap with the subnet CIDR block or the container CIDR block.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Figure 2 Network CIDR block planning in single-VPC single-cluster scenarios (CCE cluster)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Single-VPC Single-Cluster Scenarios
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            CCE Clusters: include clusters in VPC network model and container tunnel network model. Figure 2 shows the CIDR block planning of a cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • VPC CIDR Block: specifies the VPC CIDR block where the cluster resides. The size of this CIDR block affects the maximum number of nodes that can be created in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Subnet CIDR Block: specifies the subnet CIDR block where the node in the cluster resides. The subnet CIDR block is included in the VPC CIDR block. Different nodes in the same cluster can be allocated to different subnet CIDR blocks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Container CIDR block: cannot overlap with the VPC CIDR block or subnet CIDR block.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Service CIDR block: cannot overlap with the VPC CIDR block, subnet CIDR block, or container CIDR block.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Figure 2 Network CIDR block planning in single-VPC single-cluster scenarios (CCE cluster)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Figure 3 shows the CIDR block planning for a CCE Turbo cluster (Cloud Native Network 2.0).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • VPC CIDR Block: specifies the VPC CIDR block where the cluster resides. The size of this CIDR block affects the maximum number of nodes that can be created in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Subnet CIDR Block: specifies the subnet CIDR block where the node in the cluster resides. The subnet CIDR block is included in the VPC CIDR block. Different nodes in the same cluster can be allocated to different subnet CIDR blocks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Container Subnet CIDR Block: The container subnet is included in the VPC CIDR block and can overlap with the subnet CIDR block or even be the same as the subnet CIDR block. Note that the container subnet size determines the maximum number of containers in the cluster because IP addresses in the VPC are directly allocated to containers. Set a larger IP address segment for the container subnet to prevent insufficient container IP addresses.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Service CIDR Block: cannot overlap with the subnet CIDR block or the container CIDR block.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Figure 3 Network CIDR block planning in single-VPC single-cluster scenarios (CCE Turbo cluster)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Figure 3 Network CIDR block planning in single-VPC single-cluster scenarios (CCE Turbo cluster)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Single-VPC Multi-Cluster Scenarios
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            VPC network model
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Single-VPC Multi-Cluster Scenarios
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            VPC network model
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Pod packets are forwarded through VPC routes. CCE automatically configures a routing table on the VPC routes to each container CIDR block. The network scale is limited by the VPC route table. Figure 4 shows the CIDR block planning of the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • VPC CIDR Block: specifies the VPC CIDR block where the cluster resides. The size of this CIDR block affects the maximum number of nodes that can be created in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Subnet CIDR Block: The subnet CIDR block in each cluster cannot overlap with the container CIDR block.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Container CIDR Block: If multiple VPC network model clusters exist in a single VPC, the container CIDR blocks of all clusters cannot overlap because the clusters use the same routing table. In this case, if the node security group allows container CIDR block from the peer cluster, pods in one cluster can directly access pods in another cluster through the pod IP addresses.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Service CIDR Block: can be used only in clusters. Therefore, the Service CIDR blocks of different clusters can overlap, but cannot overlap with the subnet CIDR block and container CIDR block of the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Figure 4 VPC network - multi-cluster scenario
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Figure 4 VPC network - multi-cluster scenario
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Tunnel network model
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Though at some cost of performance, the tunnel encapsulation enables higher interoperability and compatibility with advanced features (such as network policy-based isolation), meeting the requirements of most applications. Figure 5 shows the CIDR block planning of the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • VPC CIDR Block: specifies the VPC CIDR block where the cluster resides. The size of this CIDR block affects the maximum number of nodes that can be created in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Subnet CIDR Block: The subnet CIDR block in each cluster cannot overlap with the container CIDR block.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Container CIDR Block: The container CIDR blocks of all clusters can overlap. In this case, pods in different clusters cannot be directly accessed through pod IP addresses. Services are needed for accessing pods in different clusters. The LoadBalancer Services are recommended.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Service CIDR Block: can be used only in clusters. Therefore, the Service CIDR blocks of different clusters can overlap, but cannot overlap with the subnet CIDR block and container CIDR block of the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Figure 5 Tunnel network - multi-cluster scenario
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Figure 5 Tunnel network - multi-cluster scenario
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Cloud Native 2.0 network model (CCE Turbo Clusters)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            In this mode, container IP addresses are allocated from the VPC CIDR block. ELB passthrough networking is supported to direct access requests to containers. Security groups and multiple types of VPC networks can be bound to deliver high performance.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • VPC CIDR Block: specifies the VPC CIDR block where the cluster resides. In a CCE Turbo cluster, the CIDR block size affects the total number of nodes and containers that can be created in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Subnet CIDR Block: There is no special restriction on the subnet CIDR blocks in CCE Turbo clusters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Container Subnet: The CIDR block of the container subnet is included in the VPC CIDR block. Container subnets in different clusters can overlap with each other or overlap with the subnet CIDR block. However, you are advised to stagger the container CIDR blocks of different clusters and ensure that the container subnet CIDR blocks have sufficient IP addresses. In this case, if the ENI security group of the cluster allows the container CIDR block of the peer cluster, pods in different clusters can directly access each other through IP addresses.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Service CIDR Block: can be used only in clusters. Therefore, the Service CIDR blocks of different clusters can overlap, but cannot overlap with the subnet CIDR block and container subnet CIDR block of the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Figure 6 Cloud Native 2.0 network - multi-cluster scenario
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            In this mode, container IP addresses are allocated from the VPC CIDR block. ELB passthrough networking is supported to direct access requests to containers. Security groups and multiple types of VPC networks can be bound to deliver high performance.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • VPC CIDR Block: specifies the VPC CIDR block where the cluster resides. In a CCE Turbo cluster, the CIDR block size affects the total number of nodes and containers that can be created in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Subnet CIDR Block: There is no special restriction on the subnet CIDR blocks in CCE Turbo clusters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Container Subnet: The CIDR block of the container subnet is included in the VPC CIDR block. Container subnets in different clusters can overlap with each other or overlap with the subnet CIDR block. However, you are advised to stagger the container CIDR blocks of different clusters and ensure that the container subnet CIDR blocks have sufficient IP addresses. In this case, if the elastic network interface security group of the cluster allows the container CIDR block of the peer cluster, pods in different clusters can directly access each other through IP addresses.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Service CIDR Block: can be used only in clusters. Therefore, the Service CIDR blocks of different clusters can overlap, but cannot overlap with the subnet CIDR block and container subnet CIDR block of the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Figure 6 Cloud Native 2.0 network - multi-cluster scenario
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Clusters using different networks
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            When a VPC contains clusters created with different network models, comply with the following rules when creating a cluster:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • VPC CIDR Block: In this scenario, all clusters are located in the same VPC CIDR block. Ensure that there are sufficient available IP addresses in the VPC.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Subnet CIDR Block: Ensure that the subnet CIDR block does not overlap with the container CIDR block. Even in some scenarios (for example, coexistence with CCE Turbo clusters), the subnet CIDR block can overlap with the container (subnet) CIDR block. However, this is not recommended.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Container CIDR Block: Ensure that the container CIDR blocks of clusters in VPC network model do not overlap.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Service CIDR Block: The Service CIDR blocks of all clusters can overlap, but cannot overlap with the subnet CIDR block and container CIDR block of the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Cross-VPC Cluster Interconnection
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            If VPCs cannot communicate with each other, a VPC peering connection is used to ensure communication between VPCs. When two VPC networks are interconnected, you can configure the packets to be sent to the peer VPC in the route table. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Cross-VPC Cluster Interconnection
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            If VPCs cannot communicate with each other, a VPC peering connection is used to ensure communication between VPCs. When two VPC networks are interconnected, you can configure the packets to be sent to the peer VPC in the route table. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Clusters using VPC networks
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            To allow clusters that use VPC networks to access each other across VPCs, add routes to the two ends of the VPC peering after a VPC peering connection is created.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Figure 7 VPC network - VPC interconnection scenario
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Figure 7 VPC network - VPC interconnection scenario
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            When creating a VPC peering connection between containers across VPCs, pay attention to the following points:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • The VPC to which the clusters belong must not overlap. In each cluster, the subnet CIDR block cannot overlap with the container CIDR block.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • The container CIDR blocks of clusters at both ends cannot overlap, but the Service CIDR blocks can.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • If the request end cluster uses the VPC network, check whether the node security group in the destination cluster allows the container CIDR block of the request end cluster. If yes, pods in one cluster can directly access pods in another cluster through the pod IP address. Similarly, if nodes running in the clusters at the two ends of the VPC peering connection need to access each other, the node security group must allow the VPC CIDR block of the peer cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • You need to add routes for accessing the peer network CIDR block to the VPC routing tables at both ends. For example, you need to add a route for accessing the CIDR block of VPC 2 to the route table of VPC 1, and add a route for accessing VPC 1 to the route table of VPC 2.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Add the VPC CIDR block of the peer cluster: After the route of the VPC CIDR block is added, a pod in a cluster can access another cluster node. For example, the pod can access the port of a NodePort Service.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Add peer container CIDR block: After the route of the container CIDR block is added, a pod can directly access pods in another cluster through the container IP addresses.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • The VPC to which the clusters belong must not overlap. In each cluster, the subnet CIDR block cannot overlap with the container CIDR block.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • The container CIDR blocks of clusters at both ends cannot overlap, but the Service CIDR blocks can.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • If the request end cluster uses the VPC network, check whether the node security group in the target cluster allows the container CIDR block of the request end cluster. If yes, pods in one cluster can directly access pods in another cluster through the pod IP address. Similarly, if nodes running in the clusters at the two ends of the VPC peering connection need to access each other, the node security group must allow the VPC CIDR block of the peer cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • You need to add routes for accessing the peer network CIDR block to the VPC routing tables at both ends. For example, you need to add a route for accessing the CIDR block of VPC 2 to the route table of VPC 1, and add a route for accessing VPC 1 to the route table of VPC 2.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Add the VPC CIDR block of the peer cluster: After the route of the VPC CIDR block is added, a pod in a cluster can access another cluster node. For example, the pod can access the port of a NodePort Service.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Add peer container CIDR block: After the route of the container CIDR block is added, a pod can directly access pods in another cluster through the container IP addresses.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Clusters using tunnel networks
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              To allow clusters that use tunnel networks to access each other across VPCs, add routes to the two ends of the VPC peering after a VPC peering connection is created.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Figure 8 Tunnel network - VPC interconnection scenario
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Figure 8 Tunnel network - VPC interconnection scenario
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Pay attention to the following:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • The VPCs of the peer clusters must not overlap.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • The container CIDR blocks of all clusters can overlap, so do the Service CIDR blocks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • If the request end cluster uses the tunnel network, check whether the node security group in the destination cluster allows the VPC CIDR block (including the node subnets) of the request end cluster. If yes, nodes in one cluster can access nodes in another cluster. However, pods in different clusters cannot be directly accessed using pod IP addresses. Access between pods in different clusters requires Services. The LoadBalancer Services are recommended.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • The VPC CIDR block route of the peer cluster must be added to the VPC routing tables of both ends. For example, you need to add a route for accessing the CIDR block of VPC 2 to the route table of VPC 1, and add a route for accessing VPC 1 to the route table of VPC 2. After the route of the VPC CIDR block is added, the pod can access another cluster node, for example, accessing the port of a NodePort Service.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • The VPCs of the peer clusters must not overlap.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • The container CIDR blocks of all clusters can overlap, so do the Service CIDR blocks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • If the request end cluster uses the tunnel network, check whether the node security group in the target cluster allows the VPC CIDR block (including the node subnets) of the request end cluster. If yes, nodes in one cluster can access nodes in another cluster. However, pods in different clusters cannot be directly accessed using pod IP addresses. Access between pods in different clusters requires Services. The LoadBalancer Services are recommended.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • The VPC CIDR block route of the peer cluster must be added to the VPC routing tables of both ends. For example, you need to add a route for accessing the CIDR block of VPC 2 to the route table of VPC 1, and add a route for accessing VPC 1 to the route table of VPC 2. After the route of the VPC CIDR block is added, the pod can access another cluster node, for example, accessing the port of a NodePort Service.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Clusters using Cloud Native 2.0 networks (CCE Turbo clusters)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              After creating a VPC peering connection, add routes of the VPC peering connection to both ends so that the two VPCs can communicate with each other. Pay attention to the following:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • The VPCs of the clusters at the two ends must not overlap.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • If the request end cluster uses the Cloud Native 2.0 network, check whether the ENI security group (named in the format of {Cluster name}-cce-eni-{Random ID}) of the destination cluster allows the VPC CIDR block (including the node subnets and container CIDR block) of the request end cluster. If yes, pods in one cluster can directly access pods in another cluster through the pod IP addresses. Similarly, if nodes in the clusters at the two ends of the VPC peering need to access each other, allow the VPC CIDR block of the peer cluster in the node security group (named in the format of {Cluster name}-cce-node-{Random ID}).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • The VPC CIDR block route of the peer cluster must be added to the VPC routing tables of both ends. For example, you need to add a route for accessing the CIDR block of VPC 2 to the route table of VPC 1, and add a route for accessing VPC 1 to the route table of VPC 2. After the route of the VPC CIDR block is added, the pod can access pod IP addresses or nodes in another cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              After creating a VPC peering connection, add routes of the VPC peering connection to both ends so that the two VPCs can communicate with each other. Pay attention to the following:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • The VPCs of the clusters at the two ends must not overlap.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • If the request end cluster uses the Cloud Native 2.0 network, check whether the elastic network interface security group (named in the format of {Cluster name}-cce-eni-{Random ID}) of the target cluster allows the VPC CIDR block (including the node subnets and container CIDR block) of the request end cluster. If yes, pods in one cluster can directly access pods in another cluster through the pod IP addresses. Similarly, if nodes in the clusters at the two ends of the VPC peering need to access each other, allow the VPC CIDR block of the peer cluster in the node security group (named in the format of {Cluster name}-cce-node-{Random ID}).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • The VPC CIDR block route of the peer cluster must be added to the VPC routing tables of both ends. For example, you need to add a route for accessing the CIDR block of VPC 2 to the route table of VPC 1, and add a route for accessing VPC 1 to the route table of VPC 2. After the route of the VPC CIDR block is added, the pod can access pod IP addresses or nodes in another cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Clusters using different networks
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              If clusters using different networks need to communicate with each other across VPCs, every one of them may serve as the request end or destination end. Pay attention to the following:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • The VPC CIDR block to which the cluster belongs cannot overlap with the VPC CIDR block of the peer cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Cluster subnet CIDR blocks cannot overlap with the container CIDR blocks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Container CIDR blocks in different clusters cannot overlap with each other.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • If pods or nodes in different clusters need to access each other, the security groups of the clusters on both ends must allow the corresponding CIDR blocks based on the following rules:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • If the request end cluster uses the VPC network, the node security group of the destination cluster must allow the VPC CIDR block (including the node subnets and container CIDR block) of the request end cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • If the request end cluster uses the tunnel network, the node security group of the destination cluster must allow the VPC CIDR block (including the node subnets) of the request end cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • If the request end cluster uses the Cloud Native 2.0 network, the ENI security group and node security group of the destination cluster must allow the VPC CIDR block (including node subnets and container CIDR block) of the request end cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • The VPC CIDR block to which the cluster belongs cannot overlap with the VPC CIDR block of the peer cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Cluster subnet CIDR blocks cannot overlap with the container CIDR blocks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Container CIDR blocks in different clusters cannot overlap with each other.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • If pods or nodes in different clusters need to access each other, the security groups of the clusters on both ends must allow the corresponding CIDR blocks based on the following rules:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • If the request end cluster uses the VPC network, the node security group of the target cluster must allow the VPC CIDR block (including the node subnets and container CIDR block) of the request end cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • If the request end cluster uses the tunnel network, the node security group of the target cluster must allow the VPC CIDR block (including the node subnets) of the request end cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • If the request end cluster uses the Cloud Native 2.0 network, the elastic network interface security group and node security group of the target cluster must allow the VPC CIDR block (including node subnets and container CIDR block) of the request end cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • The VPC CIDR block route of the peer cluster must be added to the VPC routing tables of both ends. For example, you need to add a route for accessing the CIDR block of VPC 2 to the route table of VPC 1, and add a route for accessing VPC 1 to the route table of VPC 2. After the route of the VPC CIDR block is added, the pod can access another cluster node, for example, accessing the port of a NodePort Service.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If a cluster uses the VPC network, the VPC routing tables at both ends must contain its container CIDR block. After the container CIDR block route is added, the pod can directly access pods in another cluster through the container IP addresses.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              VPC-IDC Scenarios
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Similar to the VPC interconnection scenario, some CIDR blocks in the VPC are routed to the IDC. The pod IP addresses of CCE clusters cannot overlap with the addresses within these CIDR blocks. To access the pod IP addresses in the cluster in the IDC, configure the route table to the private line VBR on the IDC.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Cloud Service Access from a CCE Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            CCE clusters can be used with other cloud services, such as RDS and Kafka. To ensure stable communication and avoid network conflicts, a cluster's network plan must be carefully designed. Specifically, the network CIDR blocks used by other services must not overlap with those used by the cluster. The following requirements apply based on the cluster's network:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • For a cluster that uses a VPC network: The network CIDR blocks of other cloud services must not overlap with the container or Service CIDR block within the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • For a cluster that uses a tunnel network: The network CIDR blocks of other cloud services must not overlap with the container or Service CIDR block within the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • For a CCE Turbo cluster that uses a Cloud Native 2.0 network: The network CIDR blocks of other cloud services must not overlap with the Service CIDR block within the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                             
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • In addition to the network CIDR block planning, it is essential to verify whether the target cloud service supports external access and whether the relevant security group rules or ACL configurations permit communication. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • If the CCE cluster and the cloud services reside in different VPCs, their VPC CIDR blocks must remain non-overlapping. To enable communication between the cluster and external services across VPCs, a VPC peering connection can be established.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            VPC-IDC Scenarios
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Similar to the VPC interconnection scenario, some CIDR blocks in the VPC are routed to the IDC. The pod IP addresses of CCE clusters cannot overlap with the addresses within these CIDR blocks. To access the pod IP addresses in the cluster from the IDC, configure the route table to the private line for the IDC.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
diff --git a/docs/cce/umn/cce_bestpractice_00006.html b/docs/cce/umn/cce_bestpractice_00006.html
index a87ad6084..c885bc856 100644
--- a/docs/cce/umn/cce_bestpractice_00006.html
+++ b/docs/cce/umn/cce_bestpractice_00006.html
@@ -178,7 +178,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Proactive O&M
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          CCE provides multi-dimensional monitoring and alarm reporting functions, allowing users to locate and rectify faults as soon as possible.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Application Operations Management (AOM): The default basic resource monitoring of CCE covers detailed container-related metrics and provides alarm reporting functions.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Open source Prometheus: A monitoring tool for cloud native applications. It integrates an independent alarm system to provide more flexible monitoring and alarm reporting functions.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Application Operations Management (AOM): The default basic resource monitoring of CCE covers detailed container-related metrics and provides alarm reporting functions.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Open-source Prometheus: A monitoring tool for cloud native applications. It integrates an independent alarm system to provide more flexible monitoring and alarm reporting functions.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Monitoring
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Create a VPC before you create a cluster. A VPC provides an isolated, configurable, and manageable virtual network environment for CCE clusters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          If you have a VPC already, skip to the next task.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Log in to the management console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. In the service list, choose Networking > Virtual Private Cloud.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. On the Dashboard page, click Create VPC.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4. Follow the instructions to create a VPC. Retain default settings for parameters unless otherwise specified.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Log in to the management console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. In the service list, choose Networking > Virtual Private Cloud.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. On the Dashboard page, click Create VPC.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4. Follow the instructions to create a VPC. Retain default settings for parameters unless otherwise specified.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
@@ -32,13 +32,13 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Creating a key pair
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Create a key pair before you create a containerized application. Key pairs are used for identity authentication during remote login to a node. If you have a key pair already, skip this task. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Log in to the management console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. In the service list, choose Data Encryption Workshop under Security & Compliance.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. In the navigation pane, choose Key Pair Service. On the Private Key Pairs tab, click Create Key Pair.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4. Enter a key pair name, select I agree to host the private key of the key pair. and I have read and agree to the Key Pair Service Disclaimer, and click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          5. View and save the private key. For security purposes, a key pair can be downloaded only once. Keep it secure to ensure successful login.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Log in to the management console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. In the service list, choose Data Encryption Workshop.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. In the navigation pane, choose Key Pair Service. Go to the Private Key Pairs tab. Then, click Create Key Pair.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4. Enter a key pair name, select I agree to host the private key of the key pair. and I have read and agree to the Key Pair Service Disclaimer., and click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          5. View and save the private key. For security purposes, a key pair can be downloaded only once. Keep it secure to ensure successful login.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
                                                                                                                                                                                                                                                                                                                                                                                                                                                                           		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        10. Create a cluster and a node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Log in to the CCE console. On the Clusters page, click Create Cluster and select the type for the cluster to be created.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Configure cluster parameters and select the VPC created in 1. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. Create a cluster and a node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console. On the Clusters page, click Create Cluster and select the type for the cluster to be created.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Configure cluster parameters and select the VPC created in 1. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            2. Create a node and select the key pair created in 1 as the login option. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. Deploy a workload on CCE.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console and click the name of the cluster to access the cluster console. In the navigation pane, choose Workloads and click Create Workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            2. Configure the following parameters, and retain the default settings for other parameters:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Workload Name: Set it to apptest.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Pods: Set it to 1.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            3. In the Container Settings area, select the image uploaded in Building and Uploading an Image.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            4. In the Container Settings area, choose Environment Variables and add environment variables for interconnecting with the MySQL database. The environment variables are set in the startup script.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                               
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              In this example, interconnection with the MySQL database is implemented through configuring the environment variables. Determine whether to use environment variables based on your service requirements.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
@@ -75,8 +75,8 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            5. In the Container Settings area, choose Data Storage and configure cloud storage for persistent data storage.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                               
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              In this example, the MongoDB database is used and persistent data storage is also needed, so you need to configure cloud storage. Determine whether to use cloud storage based on your service requirements.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              The mounted path must be the same as the MongoDB storage path in the Docker startup script. For details, see the startup script. In this example, the path is /usr/local/mongodb/data.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            6. In the Service Settings area, click  to add a service, configure workload access parameters, and click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                               
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              In this example, the application will be accessible from public networks by using an elastic IP address.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              The mounted path must be the same as the MongoDB storage path in the Docker startup script. For details, see the startup script. In this example, the path is /usr/local/mongodb/data.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            7. In the Service Settings area, click  to add a service, configure workload access parameters, and click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                               
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              In this example, the application can be accessed from the Internet through an EIP.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Service Name: name of the application that can be accessed externally. In this example, this parameter is set to apptest.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Service Type: Select NodePort.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Service Affinity
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Cluster-level: The IP addresses and access ports of all nodes in a cluster can be used to access the workload associated with the Service. Service access will cause performance loss due to route redirection, and the source IP address of the client cannot be obtained.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Node-level: Only the IP address and access port of the node where the workload is located can be used to access the workload associated with the Service. Service access will not cause performance loss due to route redirection, and the source IP address of the client can be obtained.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Port
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Protocol: Set it to TCP.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Service Port: port for accessing the Service.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Container Port: port that the application will listen on the container. In this example, this parameter is set to 8080.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Node Port: Set it to Auto. The system automatically opens a real port on all nodes in the current cluster and then maps the port number to the container port.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
diff --git a/docs/cce/umn/cce_bestpractice_0013.html b/docs/cce/umn/cce_bestpractice_0013.html
index 20a37e5c3..a7a6c2cdc 100644
--- a/docs/cce/umn/cce_bestpractice_0013.html
+++ b/docs/cce/umn/cce_bestpractice_0013.html
@@ -1,6 +1,6 @@
 
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Migrating Kubernetes Clusters to CCE
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Migrating Kubernetes Clusters to CCE Using Velero
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -13,7 +13,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Parent topic: Migration
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Parent topic: Backing Up and Migrating Clusters
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
diff --git a/docs/cce/umn/cce_bestpractice_0014.html b/docs/cce/umn/cce_bestpractice_0014.html
index 74a4eea27..1b076d274 100644
--- a/docs/cce/umn/cce_bestpractice_0014.html
+++ b/docs/cce/umn/cce_bestpractice_0014.html
@@ -5,7 +5,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                After a cluster is created, the resource parameters marked with asterisks (*) in Table 1 cannot be modified.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Table 1 CCE cluster planning
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Resource
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
@@ -19,53 +19,65 @@
 
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
-
-
-
-
-
@@ -74,7 +86,7 @@
 
 
diff --git a/docs/cce/umn/cce_bestpractice_00162.html b/docs/cce/umn/cce_bestpractice_00162.html
index 2192ad979..f25651aa0 100644
--- a/docs/cce/umn/cce_bestpractice_00162.html
+++ b/docs/cce/umn/cce_bestpractice_00162.html
@@ -4,95 +4,115 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                CCE uses proprietary, high-performance container networking add-ons to support the tunnel, Cloud Native 2.0, and VPC network models.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                After a cluster is created, the network model cannot be changed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Tunnel network: The container network is an overlay tunnel network on top of a VPC network and uses the VXLAN technology. This network model is applicable when there is no high requirements on performance. VXLAN encapsulates Ethernet packets as UDP packets for tunnel transmission. Though at some cost of performance, the tunnel encapsulation enables higher interoperability and compatibility with advanced features (such as network policy-based isolation), meeting the requirements of most applications.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Figure 1 Container tunnel network
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • VPC network: The container network uses VPC routing to integrate with the underlying network. This network model is applicable to performance-intensive scenarios. The maximum number of nodes allowed in a cluster depends on the route quota in a VPC network. Each node is assigned a CIDR block of a fixed size. VPC networks are free from tunnel encapsulation overhead and outperform container tunnel networks. In addition, as VPC routing includes routes to node IP addresses and container network segment, container pods in the cluster can be directly accessed from outside the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Figure 2 VPC network
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Cloud Native Network 2.0: The container network deeply integrates the elastic network interface (ENI) capability of VPC, uses the VPC CIDR block to allocate container addresses, and supports passthrough networking to containers through a load balancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Figure 3 Cloud Native 2.0 network
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Tunnel network: The container network is an overlay tunnel network on top of a VPC network and uses the VXLAN technology. This network model is applicable when there is no high requirements on performance. VXLAN encapsulates Ethernet packets as UDP packets for tunnel transmission. Though at some cost of performance, the tunnel encapsulation enables higher interoperability and compatibility with advanced features (such as network policy-based isolation), meeting the requirements of most applications.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Figure 1 Container tunnel network
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • VPC network: The container network uses VPC routing to integrate with the underlying network. This network model is applicable to performance-intensive scenarios. The maximum number of nodes allowed in a cluster depends on the route quota in a VPC network. Each node is assigned a CIDR block of a fixed size. VPC networks are free from tunnel encapsulation overhead and outperform container tunnel networks. In addition, as VPC routing includes routes to node IP addresses and container network segment, container pods in the cluster can be directly accessed from outside the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Figure 2 VPC network
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Cloud Native Network 2.0: The container network deeply integrates the elastic network interface capability of VPC, uses the VPC CIDR block to allocate container addresses, and supports passthrough networking to pods through load balancers.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Figure 3 Cloud Native 2.0 network
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The following table lists the differences between the network models.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Table 1 Example of CCE cluster planning
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Resource
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Key Performance Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                *Cluster Type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • CCE cluster: supports VM nodes. You can run your containers in a secure and stable container runtime environment based on a high-performance network model.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • CCE Turbo cluster: runs on a cloud native infrastructure that features software-hardware synergy to support passthrough networking, high security and reliability, and intelligent scheduling, and BMS nodes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                CCE supports multiple cluster types to meet diverse needs, including highly reliable, highly secure, commercial containers.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                You can select CCE Standard Cluster or CCE Turbo Cluster as required.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                CCE cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                CCE standard cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                *Network Model
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • VPC network: The container network uses VPC routing to integrate with the underlying network. This network model is applicable to performance-intensive scenarios. The maximum number of nodes allowed in a cluster depends on the route quota in a VPC network.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Tunnel network: The container network is an overlay tunnel network on top of a VPC network and uses the VXLAN technology. This network model is applicable when there is no high requirements on performance.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Cloud Native Network 2.0: The container network deeply integrates the elastic network interface (ENI) capability of VPC, uses the VPC CIDR block to allocate container addresses, and supports passthrough networking to containers through a load balancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Select VPC network or Tunnel network for your CCE standard cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                VPC network
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                *Number of master nodes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • 3: Three master nodes will be created to deliver better DR performance. If one master node is faulty, the cluster can still be available without affecting service functions.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • 1: A single master node will be created. This mode is not recommended in commercial scenarios.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Select the number of master nodes, also known as control plane nodes. These nodes are hosted on CCE and run Kubernetes components like kube-apiserver, kube-controller-manager, and kube-scheduler.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • 3 Masters: Three master nodes will be created to ensure high availability.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Single: Only one master node will be created in your cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   NOTE: 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • If more than half of the master nodes in a CCE cluster are faulty, the cluster cannot function properly. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                3
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                3 Masters
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Node
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Node
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                OS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Node Type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • EulerOS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • CentOS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Ubuntu
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Select a node type based on service requirements. The available node flavors will then be displayed in the Specifications area for you to choose from.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                EulerOS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Elastic Cloud Server (VM)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Node Specifications (vary depending on the actual region)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • General-purpose: provides a balance of computing, memory, and network resources. It is a good choice for many applications. General purpose nodes can be used for web servers, workload development, workload testing, and small-scale databases.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Memory-optimized: provides higher memory capacity than general-purpose nodes and is suitable for relational databases, NoSQL, and other workloads that are both memory-intensive and data-intensive.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • GPU-accelerated: provides powerful floating-point computing and is suitable for real-time, highly concurrent massive computing. Graphical processing units (GPUs) of P series are suitable for deep learning, scientific computing, and CAE. GPUs of G series are suitable for 3D animation rendering and CAD. GPU-accelerated nodes can be added only to clusters of v1.11 or later.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • General computing-plus: provides stable performance and exclusive resources to enterprise-class workloads with high and stable computing performance.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Disk-intensive: supports local disk storage and provides high networking performance. It is designed for workloads requiring high throughput and data switching, such as big data workloads.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Select a node flavor that best fits your service needs. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                For optimal cluster component performance, you are advised to choose a node with at least 4 vCPUs and 8 GiB of memory.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                General-purpose (node specifications: 4 vCPUs and 8 GiB memory)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                4 vCPUs | 8 GiB
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                OS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Select an OS for the nodes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                EulerOS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                System Disk
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Common I/O: The backend storage media is SATA disks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • High I/O: The backend storage media is SAS disks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Ultra-high I/O: The backend storage media is SSD disks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                System disk used by the node OS. The value ranges from 40 GiB to 1024 GiB. The default value is 50 GiB.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                High I/O
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                50 GiB
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Storage Type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Data Disk
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • EVS volumes: Mount an EVS volume to a container path. When containers are migrated, the attached EVS volumes are migrated accordingly. This storage mode is suitable for data that needs to be permanently stored.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • SFS volumes: Create SFS volumes and mount them to a container path. The file system volumes created by the underlying SFS service can also be used. SFS volumes are applicable to persistent storage for frequent read/write in multiple workload scenarios, including media processing, content management, big data analysis, and workload analysis.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • OBS volumes: Create OBS volumes and mount them to a container path. OBS volumes are applicable to scenarios such as cloud workload, data analysis, content analysis, and hotspot objects.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • SFS Turbo volumes: Create SFS Turbo volumes and mount them to a container path. SFS Turbo volumes are fast, on-demand, and scalable, which makes them suitable for DevOps, containerized microservices, and enterprise office applications. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Add a data disk for container runtime and kubelet. The disk size ranges from 20 GiB to 32768 GiB. The default value is 100 GiB.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                EVS volumes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                100 GiB
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
@@ -155,7 +155,7 @@ type: cfe/secure-opaque
-
@@ -222,13 +222,13 @@ spec:
 
-
-
diff --git a/docs/cce/umn/cce_bestpractice_00220.html b/docs/cce/umn/cce_bestpractice_00220.html
index ca591495d..f349d92d5 100644
--- a/docs/cce/umn/cce_bestpractice_00220.html
+++ b/docs/cce/umn/cce_bestpractice_00220.html
@@ -1,8 +1,8 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Implementing High Availability for Applications in CCE
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Basic Principles
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                To achieve high availability for your CCE containers, you can do as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                1. Deploy three master nodes for the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                2. Create nodes in different AZs. When nodes are deployed across AZs, you can customize scheduling policies based on your requirements to maximize resource utilization.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                3. Create multiple node pools in different AZs and use them for node scaling.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                4. Set the number of pods to be greater than 2 when creating a workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                5. Set pod affinity rules to distribute pods to different AZs and nodes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Basic Principles
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                To achieve high availability for your CCE containers, you can:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                1. Deploy three master nodes for the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                2. Create nodes in different AZs and customize scheduling policies based on your requirements to maximize resource utilization.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                3. Create multiple node pools in different AZs and use them for node scaling.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                4. Set the number of pods to be greater than 2 when creating a workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                5. Set pod affinity rules to distribute pods to different AZs and nodes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Procedure
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Assume that there are four nodes in a cluster distributed in different AZs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                $ kubectl get node -L topology.kubernetes.io/zone,kubernetes.io/hostname
diff --git a/docs/cce/umn/cce_bestpractice_00221.html b/docs/cce/umn/cce_bestpractice_00221.html
index 07e9cccc1..311788bd8 100644
--- a/docs/cce/umn/cce_bestpractice_00221.html
+++ b/docs/cce/umn/cce_bestpractice_00221.html
@@ -10,7 +10,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Configuration Method
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                In the following example, only pods and Deployments in the test space can be viewed and added, and they cannot be deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                1. Set the service account name to my-sa and namespace to test.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  kubectl create sa my-sa -n test
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                2. Configure the role table and assign operation permissions to different resources.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  vi role-test.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The content is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  In this example, the permission rules include the read-only permission (get/list/watch) of pods in the test namespace, and the read (get/list/watch) and create permissions of deployments.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -45,7 +45,7 @@ rules:
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Create a Role.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  kubectl create -f role-test.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                3. Create a RoleBinding and bind the service account to the role so that the user can obtain the corresponding permissions.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  vi myrolebinding.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The content is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
@@ -63,7 +63,7 @@ subjects:
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Create a RoleBinding.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  kubectl create -f myrolebinding.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The user information is configured. Now perform 5 to 7 to write the user information to the configuration file.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                4. Manually create a token that is valid for a long time for ServiceAccount.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  vi my-sa-token.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The content is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  apiVersion: v1
@@ -82,7 +82,7 @@ type: kubernetes.io/service-account-token
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Set a cluster access mode. test-arm specifies the cluster to be accessed. https://192.168.0.110:5443 specifies the apiserver IP address of the cluster. /home/test.config specifies the path for storing the configuration file.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • If the internal API server address is used, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      kubectl config set-cluster test-arm --server=https://192.168.0.110:5443  --certificate-authority=/home/ca.crt  --embed-certs=true --kubeconfig=/home/test.config
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • If the public API server address is used, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      kubectl config set-cluster test-arm --server=https://192.168.0.110:5443 --kubeconfig=/home/test.config --insecure-skip-tls-verify=true
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If you perform operations on a node in the cluster or the node that uses the configuration is a cluster node, do not set the path of kubeconfig to /root/.kube/config.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -91,18 +91,18 @@ type: kubernetes.io/service-account-token
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                token=$(kubectl describe secret my-sa-token-secret -n test | awk '/token:/{print $2}')
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                1. Set the cluster user ui-admin.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                kubectl config set-credentials ui-admin --token=$token --kubeconfig=/home/test.config
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Configure the context information for cluster authentication access. ui-admin@test specifies the context name.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                kubectl config set-context ui-admin@test --cluster=test-arm --user=ui-admin --kubeconfig=/home/test.config
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Configure the context. For details about how to use the context, see Verification.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                kubectl config use-context ui-admin@test --kubeconfig=/home/test.config
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                If you want to assign other users the above permissions to perform operations on the cluster, provide the generated configuration file /home/test.config to the user after performing step 7. The user must ensure that the host can access the API server address of the cluster. When performing step 8 on the host and using kubectl, the user must set the kubeconfig parameter to the path of the configuration file.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Verification
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                1. Pods in the test namespace cannot access pods in other namespaces.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  kubectl get pod -n test --kubeconfig=/home/test.config
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                2. Pods in the test namespace cannot be deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                3. Pods in the test namespace cannot be deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Further Readings
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                For more information about users and identity authentication in Kubernetes, see Authenticating.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
diff --git a/docs/cce/umn/cce_bestpractice_00222.html b/docs/cce/umn/cce_bestpractice_00222.html
index 52d1b5a24..4e2068296 100644
--- a/docs/cce/umn/cce_bestpractice_00222.html
+++ b/docs/cce/umn/cce_bestpractice_00222.html
@@ -4,7 +4,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                This section describes how to set up a VPC with IPv6 CIDR block and create a cluster and nodes with an IPv6 address in the VPC, so that the nodes can access the Internet.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Overview
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                IPv6 addresses are used to deal with the problem of IPv4 address exhaustion. If a worker node (such as an ECS) in the current cluster uses IPv4, the node can run in dual-stack mode after IPv6 is enabled. Specifically, the node has both IPv4 and IPv6 addresses, which can be used to access the intranet or public network.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Application Scenarios
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • If your application needs to provide Services for users who use IPv6 clients, you can use IPv6 EIPs or the IPv4 and IPv6 dual-stack function.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • If your application needs to both provide Services for users who use IPv6 clients and analyze the access request data, you can use only the IPv4 and IPv6 dual-stack function.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • If internal communication is required between your application systems or between your application system and another system (such as the database system), you can use only the IPv4 and IPv6 dual-stack function.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Application Scenarios
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • If your application needs to provide services for users who use IPv6 clients, you can use IPv6 EIPs or IPv4/IPv6 dual-stack.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • If your application needs to both provide Services for users who use IPv6 clients and analyze the access request data, you can use only the IPv4 and IPv6 dual-stack function.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • If internal communication is required between your application systems or between your application system and another system (such as the database system), you can use only the IPv4 and IPv6 dual-stack function.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Clusters that support IPv4/IPv6 dual-stack:
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Table 1 Network model comparison
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Dimension
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
diff --git a/docs/cce/umn/cce_bestpractice_00199.html b/docs/cce/umn/cce_bestpractice_00199.html
index 8ff20a417..3288e9c3c 100644
--- a/docs/cce/umn/cce_bestpractice_00199.html
+++ b/docs/cce/umn/cce_bestpractice_00199.html
@@ -5,7 +5,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                By linking object storage across accounts, you can share data, lower storage and transmission expenses, and guarantee data security and consistency. This enables various teams or organizations to securely and conveniently access each other's data resources, eliminating the need for repeated storage and redundant transmission. Additionally, data is kept current and compliant, enhancing overall service efficiency and security.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Procedure
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Assume that account B needs to access and use an OBS bucket of account A. For details, see Figure 1 and Table 1.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Figure 1 Mounting an OBS bucket across accounts
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Figure 1 Mounting an OBS bucket across accounts
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Table 1 Networking model comparison
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Dimension
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Tunnel Network
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Tunnel Network
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                VPC Network
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                VPC Network
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Cloud Native Network 2.0
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Cloud Native 2.0 Network
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Application scenarios
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Application scenario
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Low requirements on performance: As the container tunnel network requires additional VXLAN tunnel encapsulation, it has about 5% to 15% of performance loss when compared with the other two container network models. Therefore, the container tunnel network applies to the scenarios that do not have high performance requirements, such as web applications, and middle-end and back-end services with a small number of access requests.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Large-scale networking: Different from the VPC network that is limited by the VPC route quota, the container tunnel network does not have any restriction on the infrastructure. In addition, the container tunnel network controls the broadcast domain to the node level. The container tunnel network supports a maximum of 2000 nodes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Low requirements on performance: As a container tunnel network requires additional VXLAN tunnel encapsulation, it has about 5% to 15% of performance loss when compared with the other two container network models. Therefore, the container tunnel networks apply to the scenarios that do not have high performance requirements, such as web applications, and middle-end and back-end services with a small number of access requests.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Large-scale networks: Different from a VPC network that is limited by the VPC route quota, a container tunnel network does not have any restriction on the infrastructure. In addition, the container tunnel network controls the broadcast domain to the node level and supports a maximum of 2000 nodes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • High performance requirements: As no tunnel encapsulation is required, the VPC network model delivers the performance close to that of a VPC network when compared with the container tunnel network model. Therefore, the VPC network model applies to scenarios that have high requirements on performance, such as AI computing and big data computing.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Small- and medium-scale networks: Due to the limitation on VPC route tables, it is recommended that the number of nodes in a cluster be less than or equal to 1000.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • High performance requirements: As no tunnel encapsulation is required, the VPC network model delivers the performance close to that of a VPC network when compared with the container tunnel network model. Therefore, the VPC network model applies to scenarios that have high requirements on performance, such as AI computing and big data computing.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Small- and medium-scale networks: Due to the limitation on VPC route tables, it is recommended that the number of nodes in a cluster be less than or equal to 1000.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • High performance requirements: Cloud Native Network 2.0 uses VPC networks to construct container networks, eliminating the need for tunnel encapsulation or NAT when containers communicate. This makes Cloud Native Network 2.0 ideal for scenarios that demand high bandwidth and low latency.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Large-scale networking: Cloud Native Network 2.0 supports up to 2,000 ECS nodes and 100,000 pods.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • High performance requirements: Cloud Native 2.0 networks use VPC networks to construct container networks, eliminating the need for tunnel encapsulation or NAT required by container communications. This makes Cloud Native 2.0 networks ideal for scenarios that demand high bandwidth and low latency.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Large-scale networks: A Cloud Native 2.0 network supports a maximum of 2000 ECS nodes and 100,000 pods.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Core technology
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Core technology
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                OVS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                OVS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                IPvlan and VPC route
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                IPvlan and VPC route
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                VPC ENI/sub-ENI
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                VPC network interfaces/supplementary network interfaces
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Applicable clusters
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Applicable cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                CCE standard cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                CCE standard cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                CCE standard cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                CCE standard cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                CCE Turbo cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                CCE Turbo cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Container network isolation
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Container network isolation
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Kubernetes native NetworkPolicy for pods
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Pods support Kubernetes-native network policies.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                No
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Not supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Pods support security group isolation.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Pods support security group isolation.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Interconnecting pods to a load balancer
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Interconnecting pods to a load balancer
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Interconnected through a NodePort
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Interconnected through a NodePort
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Interconnected through a NodePort
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Interconnected through a NodePort
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Directly interconnected using a dedicated load balancer
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Interconnected using a shared load balancer through a NodePort
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Directly interconnected using a dedicated load balancer
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Interconnected using a shared load balancer through a NodePort
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Managing container IP addresses
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Container IP address management
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Separate container CIDR blocks needed
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Container CIDR blocks divided by node and dynamically added after being allocated
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Separate container CIDR blocks are needed. Container CIDR blocks cannot overlap with VPC CIDR blocks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • After a cluster is created, the container CIDR block cannot be expanded. To avoid insufficient IP addresses, you are advised to set the subnet mask of the container CIDR block to a maximum of 19 bits.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Separate container CIDR blocks needed
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Container CIDR blocks divided by node and statically allocated (the allocated CIDR blocks cannot be changed after a node is created)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Separate container CIDR blocks are needed. Container CIDR blocks cannot overlap with VPC CIDR blocks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • You can add multiple container CIDR blocks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • After a cluster is created, you can add more container CIDR blocks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • When container IP addresses are allocated, a fixed IP address range is configured for each node from the container CIDR block. The IP addresses of all pods on a node are allocated from the IP address range.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Container CIDR blocks divided from a VPC subnet (You do not need to configure separate container CIDR blocks.)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • You can specify a VPC subnet as the container CIDR block.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • After a cluster is created, you can add more container CIDR blocks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Container IP addresses are directly allocated from the VPC, consuming many IP addresses. You are advised to plan a large VPC CIDR block in advance.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Network performance
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Maximum number of pods on a node
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Performance loss due to VXLAN encapsulation
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                It is determined by the maximum number of pods that can be created on a node (the kubelet parameter maxPods).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                No tunnel encapsulation, and cross-node traffic forwarded through VPC routers (The performance is so good that is comparable to that of the host network, but there is a loss caused by NAT.)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                The smaller value between the following two options is used:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • The maximum number of pods that can be created on a node (the kubelet parameter maxPods).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • The number of container IP addresses reserved for each node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Container network integrated with VPC network, eliminating performance loss
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                The smaller value between the following two options is used:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • The maximum number of pods that can be created on a node (the kubelet parameter maxPods).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • The number of network interfaces on a node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Networking scale
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Network performance
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                A maximum of 2000 nodes are supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Performance loss due to VXLAN encapsulation
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Suitable for small- and medium-scale networks due to the limitation on VPC route tables. It is recommended that the number of nodes be less than or equal to 1000.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Each time a node is added to the cluster, a route is added to the VPC route tables. Evaluate the cluster scale that is limited by the VPC route tables before creating the cluster. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                No tunnel encapsulation, and cross-node traffic forwarded through VPC routers (The performance is so good that is comparable to that of the host network, but there is a loss caused by NAT.)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                A maximum of 2000 nodes are supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                In a cloud-native network 2.0 cluster, containers' IP addresses are assigned from VPC CIDR blocks, and the number of containers supported is restricted by these blocks. Evaluate the cluster's scale limitations before creating it.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Container network integrated with VPC network, eliminating performance loss
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Network scale
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                A maximum of 2000 nodes is supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Suitable for small- and medium-scale networks due to the limitation on VPC route tables. It is recommended that the number of nodes be less than or equal to 1000.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Each time a node is added to the cluster, a route is added to the VPC route tables. Evaluate the cluster scale that is limited by the VPC route tables before creating the cluster. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                A maximum of 2000 nodes is supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                In a cluster that uses a Cloud Native 2.0 network, container IP addresses are assigned from the VPC CIDR block, and the number of containers is also restricted by this CIDR block. Evaluate the cluster's scale limitations before creating it.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                IPv4/IPv6 dual-stack
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Not supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
@@ -37,7 +37,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Table 1 Process description
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Procedure
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • The involved accounts are in the same region.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • You have created a cluster where the CCE Container Storage (Everest) add-on is installed. The add version must be 1.1.11 or later, and the cluster version must be 1.15 or later. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • An ECS with an EIP bound has been created in the same VPC as the cluster, and the ECS has been connected to the cluster through kubectl. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • The involved accounts are in the same region.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • You have created a cluster where the CCE Container Storage (Everest) add-on is installed. The add version must be 1.1.11 or later, and the cluster version must be 1.15 or later. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • An ECS with an EIP bound has been created in the same VPC as the cluster, and the ECS can access the cluster using kubectl. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Step 1: Create an OBS Bucket Policy and ACL
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Configure an OBS bucket policy and ACL using account A and grant account B required permissions like the read and write permissions.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                1. Configure the parameters. In this example, only some mandatory parameters are described. You can keep the default values for other parameters. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -45,7 +45,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Example
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Example Value
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Example
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Example Value
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Example
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Example Value
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                mountOptions.default_acl
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Specify access control policies for a bucket and objects in the bucket. In this example, account A owns the bucket, and both account A and account B can upload data.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Specify access control policies for a bucket and objects in the bucket. In this example, account A owns the bucket, and both account A and account B have the ability to upload data.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • private: The bucket or objects can only be fully accessed by the owner of the bucket.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • public-read: The owner of the bucket has complete control over both the bucket and its objects. While other users can read data from the bucket, they are unable to modify, delete, or upload any data within it.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • public-read-write: The owner of the bucket has complete control over the bucket and its objects. Other users can read and write data from and to the bucket.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • bucket-owner-read: Users who have uploaded objects to the bucket has complete control over the objects, while the bucket owner is only granted read permissions for said objects. This mode is usually used in cross-account sharing scenarios.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • bucket-owner-full-control: Users who have uploaded objects to the bucket are granted write permissions for those specific objects, but not read permissions by default. The bucket owner has complete control over all objects within the bucket. This mode is usually used in cross-account sharing scenarios.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                bucket-owner-full-control
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
@@ -416,7 +416,7 @@ obs-deployment-example-6b4dfd7b57-frfxv   1/1     Running             0
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                1. Check whether the ConfigMap is present.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  kubectl get configmap -n kube-system
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If it is present, the ConfigMap may be incorrectly configured. If it is not present, you can create one by referring to 1.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                2. Check the ConfigMap parameter configurations. The following shows the common issues:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • The name parameter is not set to paas-obs-endpoint.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • The namespace parameter is not set to kube-system.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • The region name is not set to the region where the OBS bucket is located.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                3. Check the ConfigMap parameter configurations. The following shows the common issues:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • The name parameter is not set to paas-obs-endpoint.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • The namespace parameter is not set to kube-system.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • The region name is not set to the region where the OBS bucket is located.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Cluster Type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
@@ -41,7 +41,7 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Worker nodes and master nodes in Kubernetes clusters use IPv4 addresses to communicate with each other.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Only one IPv6 address can be bound to each NIC.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • When IPv4/IPv6 dual-stack is enabled for the cluster, DHCP unlimited lease cannot be enabled for the selected node subnet.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • If a dual-stack cluster is used, do not change the load balancer protocol version on the ELB console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • ELB dual-stack can be used in only CCE Turbo clusters with the following restrictions.
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Worker nodes and master nodes in Kubernetes clusters use IPv4 addresses to communicate with each other.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Only one IPv6 address can be bound to each network interface.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • When IPv4/IPv6 dual-stack is enabled for the cluster, DHCP unlimited lease cannot be enabled for the selected node subnet.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • If a dual-stack cluster is used, do not change the load balancer protocol version on the ELB console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • ELB dual-stack can be used in only CCE Turbo clusters with the following restrictions.
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Application Scenario
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Dedicated Load Balancer
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
@@ -50,7 +50,7 @@
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                ELB ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                LoadBalancer ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Dual stack is supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Layer-7 dedicated load balancers can only communicate with their backend servers using IPv4. If an ingress uses IPv6/IPv4 dual-stack, related alarms will be generated. (Backends with IPv6 addresses cannot be added to the associated load balancer.) You can view related alarms by referring to the events of the corresponding ingress.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
@@ -79,11 +79,11 @@
 
 
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Step 1: Create a VPC
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Before creating your VPCs, determine how many VPCs, the number of subnets, and what IP address ranges you will need. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Step 1: Create a VPC and Subnet
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Before creating your VPCs, determine how many VPCs, the number of subnets, and what IP address ranges you will need. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • The basic operations for IPv4 and IPv6 dual-stack networks are the same as those for IPv4 networks. Only some parameters are different.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Perform the following operations to create a VPC named vpc-ipv6 and its default subnet named subnet-ipv6.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                1. Log in to the management console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                2. Click  in the upper left corner of the management console and select a region and a project.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                3. Choose Network > Virtual Private Cloud.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                4. Click Create VPC.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                5. Configure the VPC and subnet following instructions. For details about the mandatory parameters, see Table 1 and Table 2. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  When configuring a subnet, select Enable for IPv6 CIDR Block to automatically allocate an IPv6 CIDR block to the subnet. IPv6 cannot be disabled after the subnet is created. Currently, you are not allowed to specify a custom IPv6 CIDR block.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the management console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. Click  in the upper left corner of the management console and select a region and a project.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  3. Choose Network > Virtual Private Cloud.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  4. Click Create VPC.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  5. Configure the VPC and subnet following instructions. For details about the mandatory parameters, see Table 1 and Table 2. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    When configuring a subnet, select Enable for IPv6 CIDR Block to automatically allocate an IPv6 CIDR block to the subnet. IPv6 cannot be disabled after the subnet is created. Currently, you are not allowed to specify a custom IPv6 CIDR block.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
@@ -97,7 +97,7 @@
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Table 1 VPC configuration parameters
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Specifies the desired region. Regions are geographic areas that are physically isolated from each other. The networks inside different regions are not connected to each other, so resources cannot be shared across different regions. For lower network latency and faster access to your resources, select the region nearest you.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    -
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    N/A
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Name
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
@@ -181,13 +181,14 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  6. Click Create Now.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    7. 
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Step 2: Create a CCE Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Creating a CCE cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Log in to the CCE console and create a cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Complete the network settings as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • VPC: Select the created VPC vpc-ipv6.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Default Node Subnet: Select a subnet with IPv6 enabled.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • IPv6: Enable this function. After this function is enabled, cluster resources, including nodes and workloads, can be accessed through IPv6 CIDR blocks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Network Model: Select Tunnel network.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Network Policies: This function is enabled by default. It restricts the objects that can be accessed by pods.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Container CIDR Block: A proper mask must be set for the container CIDR block. The mask determines the number of available nodes in the cluster. If the mask of the container CIDR block in the cluster is set improperly, there will be only a small number of available nodes in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Step 2: Create a CCE Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Creating a CCE standard cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Log in to the CCE console and create a cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Complete the network settings as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • VPC: Select the created VPC vpc-ipv6.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Default Node Subnet: Select a subnet with IPv6 enabled.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • IPv6: Enable this function. After this function is enabled, cluster resources, including nodes and workloads, can be accessed through IPv6 CIDR blocks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Network Model: Select Tunnel network.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Network Policies: This function is enabled by default to restrict the objects that can be accessed by pods.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Container CIDR Block: A proper mask must be set for the container CIDR block. The mask determines the number of available nodes in the cluster. If the mask of the container CIDR block in the cluster is set improperly, there will be only a small number of available nodes in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2. Create a node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        The CCE console displays the nodes that support IPv6. You can directly select a node. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        After the creation is complete, access the cluster details page. Then, click the node name to go to the ECS details page and view the automatically allocated IPv6 address.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Creating a CCE Turbo cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Log in to the CCE console and create a CCE Turbo cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Complete the network settings as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Network Model: Select Cloud Native Network 2.0.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • IPv6: Enable this function. After this function is enabled, cluster resources, including nodes and workloads, can be accessed through IPv6 CIDR blocks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • VPC: Select the created VPC vpc-ipv6.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Default Node Subnet: Only subnets with IPv6 enabled can be selected.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Pod Subnet: Only subnets with IPv6 enabled can be selected.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Service CIDR Block: A proper mask must be set for the container CIDR block. The mask determines the number of available nodes in the cluster. If the mask of the container CIDR block in the cluster is set improperly, there will be only a small number of available nodes in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • IPv6 Service CIDR Block: determines the maximum number of Services that can be created. The value cannot be changed after being specified. The default value is fc00::/112. To customize the CIDR block, ensure that the CIDR block meets the following requirements:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • The IPv6 Service CIDR block must belong to the fc00::/8 CIDR block.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • The prefix length of an IPv6 address ranges from 112 to 120. You can adjust the number of IPv6 addresses by adjusting the prefix value. A maximum of 65536 IPv6 addresses are allowed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Creating a CCE Turbo cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Log in to the CCE console and create a CCE Turbo cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Complete the network settings as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Network Model: Select Cloud Native Network 2.0.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • IPv6: Enable this function. After this function is enabled, cluster resources, including nodes and workloads, can be accessed through IPv6 CIDR blocks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • VPC: Select the created VPC vpc-ipv6.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Default Node Subnet: Only subnets with IPv6 enabled can be selected.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Pod Subnet: Only subnets with IPv6 enabled can be selected.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Service CIDR Block: A proper mask must be set for the container CIDR block. The mask determines the number of available nodes in the cluster. If the mask of the container CIDR block in the cluster is set improperly, there will be only a small number of available nodes in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • IPv6 Service CIDR Block: determines the maximum number of Services that can be created. The value cannot be changed after being specified. The default value is fc00::/112. To customize the CIDR block, ensure that the CIDR block meets the requirements below.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • The IPv6 Service CIDR block must belong to the fc00::/8 CIDR block.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • The prefix length of an IPv6 address ranges from 112 to 120. You can adjust the number of IPv6 addresses by adjusting the prefix value. A maximum of 65536 IPv6 addresses are allowed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. Create a node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            The CCE console displays the nodes that support IPv6. You can directly select a node. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
@@ -197,8 +198,8 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Step 3: Apply for a Shared Bandwidth and Adding an IPv6 Address to It
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          By default, the IPv6 address can only be used for private network communication. If you want to use this IPv6 address to access the Internet or be accessed by IPv6 clients on the Internet, apply for a shared bandwidth and add the IPv6 address to it.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          If you already have a shared bandwidth, you can add the IPv6 address to the shared bandwidth without applying for one.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Applying for a Shared Bandwidth
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Log in to the management console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. Click  in the upper left corner of the management console and select a region and a project.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. Choose Service List > Network > Virtual Private Cloud.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4. In the navigation pane, choose Elastic IP and Bandwidth > Shared Bandwidths.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          5. In the upper right corner, click Assign Shared Bandwidth. On the displayed page, configure parameters following instructions.
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Applying for a Shared Bandwidth
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the management console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            2. Click  in the upper left corner of the management console and select a region and a project.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            3. Choose Service List > Network > Virtual Private Cloud.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            4. In the navigation pane, choose Elastic IP and Bandwidth > Shared Bandwidths.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            5. In the upper right corner, click Assign Shared Bandwidth. On the displayed page, configure parameters following instructions.
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Table 3 Parameters
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
@@ -211,7 +212,7 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Specifies the desired region. Regions are geographic areas that are physically isolated from each other. The networks inside different regions are not connected to each other, so resources cannot be shared across different regions. For lower network latency and faster access to your resources, select the region nearest you.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              -
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              N/A
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Bandwidth
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
@@ -231,14 +232,14 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            6. Click Assign Now.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          6. Click Assign Now.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Adding an IPv6 Address to a Shared Bandwidth
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. On the shared bandwidth list page, locate the row containing the target shared bandwidth and choose More > Add Public IP Address in the Operation column.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. Add the IPv6 address to the shared bandwidth.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. Click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. On the shared bandwidth list page, locate the row containing the target shared bandwidth and choose More > Add Public IP Address in the Operation column.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. Add the IPv6 address to the shared bandwidth.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. Click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Verifying the Result
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Log in to an ECS and ping an IPv6 address on the Internet to verify the connectivity. ping6 ipv6.baidu.com is used as an example here. The execution result is displayed in Figure 1.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Figure 1 Result verification
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Figure 1 Result verification
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_bestpractice_00226.html b/docs/cce/umn/cce_bestpractice_00226.html
index e2049dc53..7aea51d75 100644
--- a/docs/cce/umn/cce_bestpractice_00226.html
+++ b/docs/cce/umn/cce_bestpractice_00226.html
@@ -145,7 +145,7 @@ spec:
 hostaliases-pod       1/1            Running      0             16m
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2. Check whether the hostAliases functions properly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        docker ps |grep hostaliases-pod
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        docker exec -ti Container ID /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_bestpractice_00227.html b/docs/cce/umn/cce_bestpractice_00227.html
index 58e138418..2d7084cc3 100644
--- a/docs/cce/umn/cce_bestpractice_00227.html
+++ b/docs/cce/umn/cce_bestpractice_00227.html
@@ -1,13 +1,13 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Modifying Kernel Parameters Using a Privileged Container
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      To access a Kubernetes cluster from a client, you can use the Kubernetes command line tool kubectl. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      To access a Kubernetes cluster from a client, you can use the Kubernetes command line tool kubectl. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Procedure
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Create a DaemonSet on the backend, select the Nginx image, enable the privileged container, configure the lifecycle, and specify hostNetwork: true.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        1. Create a DaemonSet file.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          vi daemonset.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          An example YAML file is provided as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          The spec.spec.containers.lifecycle field indicates the command that will be run after the container is started.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Procedure
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Create a DaemonSet on the backend, select the Nginx image, enable the privileged container, configure the lifecycle, and specify hostNetwork: true.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Create a DaemonSet file.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              vi daemonset.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              An example YAML file is provided as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              The spec.spec.containers.lifecycle field indicates the command that will be run after the container is started.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              kind: DaemonSet
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              kind: DaemonSet
 apiVersion: apps/v1
 metadata:
   name: daemonset-test
@@ -43,26 +43,26 @@ spec:
           privileged: true
       imagePullSecrets:
       - name: default-secret
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            2. Create the DaemonSet.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              kubectl create –f daemonSet.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            3. Create the DaemonSet.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              kubectl create –f daemonSet.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. Check whether the DaemonSet has been created.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            kubectl get daemonset {daemonset_name}
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            In this example, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            kubectl get daemonset daemonset-test
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Information similar to the following is displayed:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            NAME               DESIRED    CURRENT   READY    UP-T0-DATE    AVAILABLE     NODE SELECTOR   AGE
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. Check whether the DaemonSet has been created.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            kubectl get daemonset {daemonset_name}
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            In this example, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            kubectl get daemonset daemonset-test
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Information similar to the following is displayed:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            NAME               DESIRED    CURRENT   READY    UP-T0-DATE    AVAILABLE     NODE SELECTOR   AGE
 daemonset-test     2          2         2        2             2             <node>          2h
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4. Obtain the IDs of the DaemonSet pods on the nodes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            kubectl get pod | grep {daemonset_name}
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            In this example, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            kubectl get pod | grep daemonset-test
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Information similar to the following is displayed:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            daemonset-test-mqdpv               1/1     Running             0          2h
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          5. Obtain the IDs of the DaemonSet pods on the nodes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            kubectl get pod | grep {daemonset_name}
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            In this example, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            kubectl get pod | grep daemonset-test
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Information similar to the following is displayed:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            daemonset-test-mqdpv               1/1     Running             0          2h
 daemonset-test-n56vm               1/1     Running             0          2h
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          6. Access the container.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            kubectl exec -it {pod_name} -- /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            In this example, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            kubectl exec -it daemonset-test-mqdpv -- /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          7. Check whether the configured command is executed after the container is started.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            sysctl -a |grep net.ipv4.tcp_tw_reuse
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            If the following information is displayed, the system parameters are modified successfully:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            net.ipv4.tcp_tw_reuse=1
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          8. Access the container.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            kubectl exec -it {pod_name} -- /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            In this example, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            kubectl exec -it daemonset-test-mqdpv -- /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          9. Check whether the configured command is executed after the container is started.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            sysctl -a |grep net.ipv4.tcp_tw_reuse
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            If the following information is displayed, the system parameters are modified successfully:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            net.ipv4.tcp_tw_reuse=1
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_bestpractice_00228.html b/docs/cce/umn/cce_bestpractice_00228.html
index fe3c91fb9..a0e21140c 100644
--- a/docs/cce/umn/cce_bestpractice_00228.html
+++ b/docs/cce/umn/cce_bestpractice_00228.html
@@ -1,16 +1,16 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Using Init Containers to Initialize an Application
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Concepts
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          An init container is a type of container that starts and exits before the application containers start. If there are multiple init containers, they will be started in the defined sequence. The data generated in the init containers can be used by the application containers because storage volumes in a pod are shared.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Init containers can be used in multiple Kubernetes resources, such as Deployments, DaemonSets, and jobs. They perform initialization before application containers are started.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Concepts
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          An init container is a type of container that starts and exits before the application containers start. If there are multiple init containers, they will be started in the defined sequence. The data generated in the init containers can be used by the application containers because storage volumes in a pod are shared.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Init containers can be used in multiple Kubernetes resources, such as Deployments, DaemonSets, and jobs. They perform initialization before application containers are started.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Application Scenarios
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Before deploying a service, you can use an init container to make preparations before the service pod is deployed. After the preparations are complete, the init container runs to completion and exits, and the container to be deployed will be started.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Scenario 1: Wait for other modules to be ready. For example, an application contains two containerized services: web server and database. The web server service needs to access the database service. However, when the application is started, the database service may have not been started. Therefore, web server may fail to access database. To solve this problem, you can use an init container in the pod where web server is running to check whether database is ready. The init container runs to completion only when database is accessible. Then, web server is started and initiates a formal access request to database. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Scenario 2: Initialize the configuration. For example, the init container can check all existing member nodes in the cluster and prepare the cluster configuration information for the application container. After the application container is started, it can be added to the cluster using the configuration information.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Other scenarios: For example, a pod is registered with a central database and application dependencies are downloaded.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          For details, see Init Containers.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Application Scenarios
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Before deploying a service, you can use an init container to make preparations before the service pod is deployed. After the preparations are complete, the init container runs to completion and exits, and the container to be deployed will be started.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Scenario 1: Wait for other modules to be ready. For example, an application contains two containerized services: web server and database. The web server service needs to access the database service. However, when the application is started, the database service may have not been started. Therefore, web server may fail to access database. To solve this problem, you can use an init container in the pod where web server is running to check whether database is ready. The init container runs to completion only when database is accessible. Then, web server is started and initiates a formal access request to database. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Scenario 2: Initialize the configuration. For example, the init container can check all existing member nodes in the cluster and prepare the cluster configuration information for the application container. After the application container is started, it can be added to the cluster using the configuration information.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Other scenarios: For example, a pod is registered with a central database and application dependencies are downloaded.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          For details, see Init Containers.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Procedure
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Edit the YAML file of the init container workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            vi deployment.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            An example YAML file is provided as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            apiVersion: apps/v1
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Procedure
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Edit the YAML file of the init container workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              vi deployment.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              An example YAML file is provided as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: mysql
@@ -44,12 +44,12 @@ spec:
         env:
         - name: MYSQL_ROOT_PASSWORD
           value: "mysql"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            2. Create an init container workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              kubectl create -f deployment.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Information similar to the following is displayed:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              deployment.apps/mysql created
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            3. Query the created Docker container on the node where the workload is running.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              docker ps -a|grep mysql
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              The init container will exit after it runs to completion. The query result Exited (0) shows the exit status of the init container.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            4. Create an init container workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              kubectl create -f deployment.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Information similar to the following is displayed:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              deployment.apps/mysql created
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            5. Query the created Docker container on the node where the workload is running.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              docker ps -a|grep mysql
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              The init container will exit after it runs to completion. The query result Exited (0) shows the exit status of the init container.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_bestpractice_00231.html b/docs/cce/umn/cce_bestpractice_00231.html
index fdc8b090e..67930098f 100644
--- a/docs/cce/umn/cce_bestpractice_00231.html
+++ b/docs/cce/umn/cce_bestpractice_00231.html
@@ -220,7 +220,7 @@ spec:
       nodePort: 32633            # Custom node port
   type: NodePort
   externalTrafficPolicy: Local   # Node level Service affinity
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2. Create an ingress and associate it with the Service. The following uses an existing load balancer as an example. For details about how to automatically create a load balancer, see Using kubectl to Create a LoadBalancer Ingress.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          apiVersion: networking.k8s.io/v1
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        3. Create an ingress and associate it with the Service. The following uses an existing load balancer as an example. For details about how to automatically create a load balancer, see Creating a LoadBalancer Ingress Using kubectl.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          apiVersion: networking.k8s.io/v1
 kind: Ingress 
 metadata: 
   name: ingress-test
@@ -271,7 +271,7 @@ spec:
       nodePort: 0
   type: ClusterIP
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2. Create an ingress and associate it with the Service. The following uses an existing load balancer as an example. For details about how to automatically create a load balancer, see Using kubectl to Create a LoadBalancer Ingress.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      apiVersion: networking.k8s.io/v1
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3. Create an ingress and associate it with the Service. The following uses an existing load balancer as an example. For details about how to automatically create a load balancer, see Creating a LoadBalancer Ingress Using kubectl.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      apiVersion: networking.k8s.io/v1
 kind: Ingress 
 metadata: 
   name: ingress-test
diff --git a/docs/cce/umn/cce_bestpractice_00237.html b/docs/cce/umn/cce_bestpractice_00237.html
index 0f3213c91..d8e0e722a 100644
--- a/docs/cce/umn/cce_bestpractice_00237.html
+++ b/docs/cce/umn/cce_bestpractice_00237.html
@@ -1,10 +1,10 @@
 
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Migration
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Backup and Migration
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
 
diff --git a/docs/cce/umn/cce_bestpractice_0024.html b/docs/cce/umn/cce_bestpractice_0024.html
index c3f37773f..0a80537c2 100644
--- a/docs/cce/umn/cce_bestpractice_0024.html
+++ b/docs/cce/umn/cce_bestpractice_0024.html
@@ -26,35 +26,28 @@ Run `velero backup describe wordpress-backup` or `velero backup logs wordpress-b
 wordpress-backup   Completed   0        0          2021-10-14 15:32:07 +0800 CST   29d       default            <none>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    In addition, you can go to the object bucket to view the backup files. The backups path is for the application resource backup, and the other is for the PV data backup.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Restoring the Application in the Target Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The storage infrastructure of an on-premises cluster is different from that of a cloud cluster. After the cluster is migrated, PVs cannot be mounted to pods. Therefore, during the migration, update the storage class of the target cluster to shield the differences of underlying storage interfaces between the two clusters when creating a workload and request storage resources of the corresponding type. For details, see Updating the Storage Class. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Use kubectl to access the CCE cluster and create a storage class with the same name as that of the source cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      In this example, the storage class name of the source cluster is local and the storage type is local disk. Local disks completely depend on the node availability. The data DR performance is poor. When the node is unavailable, the existing storage data is affected. Therefore, the storage resources in the CCE cluster should be EVS volumes, and the backend storage media should be SAS disks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • When an application containing PV data is restored in a CCE cluster, the defined storage class dynamically creates storage resources (such as EVS volumes) based on the PVC and mounts the resources to the application.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • You can modify the storage resources of the cluster as needed, without being restricted to EVS volumes. To mount other types of storage, such as file storage and object storage, see Updating the Storage Class.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      An example of the YAML file of the source cluster is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      apiVersion: storage.k8s.io/v1
-kind: StorageClass
-metadata:
-  name: local
-provisioner: kubernetes.io/no-provisioner
-volumeBindingMode: WaitForFirstConsumer
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      An example of the YAML file of the target cluster is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      allowVolumeExpansion: true
-apiVersion: storage.k8s.io/v1
-kind: StorageClass
-metadata:
-  name: local
-  selfLink: /apis/storage.k8s.io/v1/storageclasses/csi-disk
-parameters:
-  csi.storage.k8s.io/csi-driver-name: disk.csi.everest.io
-  csi.storage.k8s.io/fstype: ext4
-  everest.io/disk-volume-type: SAS
-  everest.io/passthrough: "true"
-provisioner: everest-csi-provisioner
-reclaimPolicy: Delete
-volumeBindingMode: Immediate  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Restoring the Application in the Target Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      When you migrate a pod with mounted storage volumes to CCE, differences in CSI and storage infrastructure between the source cluster and CCE may prevent the original storage volumes from being reused. As a result, the PV cannot be mounted to the pod after migration. To ensure successful storage adaptation, follow these guidelines:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • For dynamically provisioned volumes using storage classes: Adapt the storage classes in the destination CCE cluster to match the original configuration. During workload creation, CCE can automatically apply supported storage resources, abstracting differences in underlying storage interfaces. This adaptation must be completed before restoring applications in the target cluster. Otherwise, PV data may fail to recover. For details, see Updating the Storage Class.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • For volumes created not using storage classes in the source cluster: Manually create PVs with the same names in the target cluster before migration and then use Velero to migrate the applications.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      In this example, the storage class name in the source cluster is local and the storage type is local disk. Local disk storage is tightly coupled with node availability, resulting in poor DR performance. When a node becomes unavailable, the associated storage data may be compromised or inaccessible. To address this limitation, EVS volumes are adopted as the storage resource. These volumes are backed by SAS disks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Access the CCE cluster using kubectl.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2. Create a ConfigMap mapping to map the storage class used by the source cluster to the default storage class of the CCE cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: change-storageclass-plugin-config
+  namespace: velero
+  labels:
+    app.kubernetes.io/name: velero
+    velero.io/plugin-config: "true"
+    velero.io/change-storage-class: RestoreItemAction
+data:
+  local: csi-disk
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Replace local in the source cluster with csi-disk of EVS disk used in the CCE cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • When you restore an application with PV data in a CCE cluster, the associated storage class dynamically provisions and mounts storage resources, such as EVS disks, based on the PVC. This will incur certain storage charges.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • The cluster's storage resource mapping is flexible and can be adjusted as needed, allowing for alternatives beyond EVS volumes. To mount other types of storage, such as file storage and object storage, add or change the storage class name. For details, see Updating the Storage Class.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      3. Apply the ConfigMap settings.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        kubectl create -f change-storage-class.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Information similar to the following is displayed:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        configmap/change-storageclass-plugin-config created
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      4. Create a Restore object using Velero, specify a backup named wordpress-backup, and restore the WordPress application in the CCE cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        velero restore create --from-backup wordpress-backup
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        You can run the velero restore get statement to check the application restoration.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      5. After the restoration is complete, check whether the application is running properly. If other adaptation problems may occur, rectify the fault by following the procedure described in Updating Resources Accordingly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_bestpractice_00253.html b/docs/cce/umn/cce_bestpractice_00253.html
index 64a8a6401..fbd8bfaa5 100644
--- a/docs/cce/umn/cce_bestpractice_00253.html
+++ b/docs/cce/umn/cce_bestpractice_00253.html
@@ -1,19 +1,19 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Dynamically Creating an SFS Turbo Subdirectory Using StorageClass
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Background
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The minimum capacity of an SFS Turbo file system is 500 GiB. By default, the root directory of an SFS Turbo file system is mounted to a container which, in most case, does not require such a large capacity.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The everest add-on allows you to dynamically create subdirectories in an SFS Turbo file system and mount these subdirectories to containers. In this way, an SFS Turbo file system can be shared by multiple containers to increase storage efficiency.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Background
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The minimum capacity of an SFS Turbo file system is 1000 GiB. By default, the root directory of an SFS Turbo file system is mounted to a container which, in most case, does not require such a large capacity.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The Everest add-on allows you to dynamically create subdirectories in an SFS Turbo file system and mount these subdirectories to containers. In this way, an SFS Turbo file system can be shared by multiple containers to increase storage efficiency.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Only clusters of v1.15 or later are supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The cluster must use the everest add-on of version 1.1.13 or later.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Kata containers are not supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • When the everest add-on earlier than 1.2.69 or 2.1.11 is used, a maximum of 10 PVCs can be created concurrently at a time by using the subdirectory function. everest of 1.2.69 or later or of 2.1.11 or later is recommended.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • A subPath volume is a subdirectory of an SFS Turbo file system. Increasing the capacity of a PVC of this type only changes the resource range specified by the PVC, but does not change the total capacity of the SFS Turbo file system. If the SFS Turbo file system's total resource capacity is not enough, the available capacity of the subPath volume will be restricted. To fix this, you must increase the resource capacity of the SFS Turbo file system on the SFS Turbo console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Deleting the subPath volume does not result in the deletion of the resources of the SFS Turbo file system.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Only clusters of v1.15 or later are supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • The cluster must use the Everest add-on of version 1.1.13 or later.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Kata containers are not supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • When the Everest add-on earlier than 1.2.69 or 2.1.11 is used, a maximum of 10 PVCs can be created concurrently at a time by using the subdirectory function. everest of 1.2.69 or later or of 2.1.11 or later is recommended.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • A subPath volume is a subdirectory of an SFS Turbo file system. Increasing the capacity of a PVC of this type only changes the resource range specified by the PVC, but does not change the total capacity of the SFS Turbo file system. If the SFS Turbo file system's total resource capacity is not enough, the available capacity of the subPath volume will be restricted. To fix this, you must increase the resource capacity of the SFS Turbo file system on the SFS Turbo console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Deleting the subPath volume does not result in the deletion of the resources of the SFS Turbo file system.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Creating an SFS Turbo Volume of the subPath Type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        1. Create an SFS Turbo file system in the same VPC and subnet as the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2. Create a YAML file of StorageClass, for example, sfsturbo-subpath-sc.yaml.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          The following is an example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          apiVersion: storage.k8s.io/v1
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Creating an SFS Turbo Volume of the subPath Type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Create an SFS Turbo file system in the same VPC and subnet as the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. Create a YAML file of StorageClass, for example, sfsturbo-subpath-sc.yaml.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            The following is an example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            apiVersion: storage.k8s.io/v1
 allowVolumeExpansion: true
 kind: StorageClass
 metadata:
-  name: sfsturbo-subpath-sc # Storage class name
-mountOptions:  #Mount options
+  name: sfsturbo-subpath-sc # Storage class name
+mountOptions:  #Mount options
 - lock
 parameters:
   csi.storage.k8s.io/csi-driver-name: sfsturbo.csi.everest.io
@@ -21,27 +21,27 @@ parameters:
   everest.io/archive-on-delete: "true"
   everest.io/share-access-to: 7ca2dba2-1234-1234-1234-626371a8fb3a
   everest.io/share-expand-type: bandwidth
-  everest.io/share-export-location: 192.168.1.1:/sfsturbo/  # Mount directory configuration
+  everest.io/share-export-location: 192.168.1.1:/sfsturbo/  # Mount directory configuration
   everest.io/share-source: sfs-turbo
   everest.io/share-volume-type: STANDARD
   everest.io/volume-as: subpath
-  everest.io/volume-id: 0d773f2e-1234-1234-1234-de6a35074696  # ID of an SFS Turbo volume
+  everest.io/volume-id: 0d773f2e-1234-1234-1234-de6a35074696  # ID of an SFS Turbo volume
 provisioner: everest-csi-provisioner
 reclaimPolicy: Delete
 volumeBindingMode: Immediate
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            In this example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • name: indicates the name of the StorageClass.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • mountOptions: indicates the mount options. This field is optional.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • In versions later than everest 1.1.13 and earlier than everest 1.2.8, only the nolock parameter can be configured. By default, the nolock parameter is used for the mount operation and does not need to be configured. If nolock is set to false, the lock field is used.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Starting from everest 1.2.8, more mount options are supported. For details, see Configuring SFS Volume Mount Options. Do not set nolock to true. Otherwise, the mount operation will fail.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                mountOptions:
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                In this example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • name: indicates the name of the StorageClass.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • mountOptions: (Optional) indicates the mount options.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • In versions later than Everest 1.1.13 and earlier than Everest 1.2.8, only the nolock parameter can be configured. By default, the nolock parameter is used for the mount operation and does not need to be configured. If nolock is set to false, the lock field is used.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Starting from Everest 1.2.8, more mount options are supported. For details, see Configuring SFS Volume Mount Options. Do not set nolock to true. Otherwise, the mount operation will fail.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    mountOptions:
 - vers=3
 - timeo=600
 - nolock
 - hard
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • everest.io/volume-as: This parameter is set to subpath to use the subPath volume.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • everest.io/share-access-to: This parameter is optional. In a subPath volume, set this parameter to the ID of the VPC where the SFS Turbo file system is located.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • everest.io/share-expand-type: This parameter is optional. If the type of the SFS Turbo file system is SFS Turbo Standard – Enhanced or SFS Turbo Performance – Enhanced, set this parameter to bandwidth.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • everest.io/share-export-location: This parameter indicates the mount directory. It consists of the SFS Turbo shared path and sub-directory. The shared path can be obtained on the SFS Turbo console. The sub-directory is user-defined. The PVCs created using the StorageClass are located in this sub-directory.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • everest.io/share-volume-type: This parameter is optional. It specifies the SFS Turbo file system type. The value can be STANDARD or PERFORMANCE. For enhanced types, this parameter must be used together with everest.io/share-expand-type (whose value should be bandwidth).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • everest.io/zone: This parameter is optional. Set it to the AZ where the SFS Turbo file system is located.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • everest.io/volume-id: This parameter indicates the ID of the SFS Turbo volume. You can obtain the volume ID on the SFS Turbo page.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • everest.io/archive-on-delete: If this parameter is set to true and Delete is selected for Reclaim Policy, the original documents of the PV will be archived to the directory named archived-{$PV name.timestamp} before the PVC is deleted. If this parameter is set to false, the SFS Turbo subdirectory of the corresponding PV will be deleted. The default value is true, indicating that the original documents of the PV will be archived to the directory named archived-{$PV name.timestamp} before the PVC is deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Run kubectl create -f sfsturbo-subpath-sc.yaml.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. Create a PVC YAML file named sfs-turbo-test.yaml.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            The following is an example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            apiVersion: v1
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. everest.io/volume-as: This parameter is set to subpath to use the subPath volume.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4. everest.io/share-access-to: This parameter is optional. In a subPath volume, set this parameter to the ID of the VPC where the SFS Turbo file system is located.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          5. everest.io/share-expand-type: This parameter is optional. If the type of the SFS Turbo file system is SFS Turbo Standard – Enhanced or SFS Turbo Performance – Enhanced, set this parameter to bandwidth.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          6. everest.io/share-export-location: This parameter indicates the mount directory. It consists of the SFS Turbo shared path and sub-directory. The shared path can be obtained on the SFS Turbo console. The sub-directory is user-defined. The PVCs created using the StorageClass are located in this sub-directory.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          7. everest.io/share-volume-type: This parameter is optional. It specifies the SFS Turbo file system type. The value can be STANDARD or PERFORMANCE. For enhanced types, this parameter must be used together with everest.io/share-expand-type (whose value should be bandwidth).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          8. everest.io/zone: This parameter is optional. Set it to the AZ where the SFS Turbo file system is located.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          9. everest.io/volume-id: This parameter indicates the ID of the SFS Turbo volume. You can obtain the volume ID on the SFS Turbo page.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          10. everest.io/archive-on-delete: If this parameter is set to true and Delete is selected for Reclaim Policy, the original documents of the PV will be archived to the directory named archived-{$PV name.timestamp} before the PVC is deleted. If this parameter is set to false, the SFS Turbo subdirectory of the corresponding PV will be deleted. The default value is true, indicating that the original documents of the PV will be archived to the directory named archived-{$PV name.timestamp} before the PVC is deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Run kubectl create -f sfsturbo-subpath-sc.yaml.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2. Create a PVC YAML file named sfs-turbo-test.yaml.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The following is an example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
-  name: sfs-turbo-test  # PVC name
+  name: sfs-turbo-test  # PVC name
   namespace: default
 spec:
   accessModes:
@@ -49,18 +49,18 @@ spec:
   resources:
     requests:
       storage: 50Gi
-  storageClassName: sfsturbo-subpath-sc  # Storage class name
+  storageClassName: sfsturbo-subpath-sc  # Storage class name
   volumeMode: Filesystem
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      In this example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • name: indicates the name of the PVC.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • storageClassName: specifies the name of the StorageClass.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • storage: In a subPath volume, modifying the value of this parameter does not impact the resource capacity of the SFS Turbo file system. A subPath volume is essentially a file path within an SFS Turbo file system. As a result, increasing the capacity of the subPath volume in a PVC does not lead to an increase in the resources of the SFS Turbo file system.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        The capacity of a subPath volume is restricted by the overall resource capacity of the corresponding SFS Turbo file system. If the resources of the SFS Turbo file system are inadequate, you can adjust the resource capacity via the SFS Turbo console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        In this example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • name: indicates the name of the PVC.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • storageClassName: specifies the name of the StorageClass.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • storage: In a subPath volume, modifying the value of this parameter does not impact the resource capacity of the SFS Turbo file system. A subPath volume is essentially a file path within an SFS Turbo file system. As a result, increasing the capacity of the subPath volume in a PVC does not lead to an increase in the resources of the SFS Turbo file system.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          The capacity of a subPath volume is restricted by the overall resource capacity of the corresponding SFS Turbo file system. If the resources of the SFS Turbo file system are inadequate, you can adjust the resource capacity via the SFS Turbo console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Run kubectl create -f sfs-turbo-test.yaml.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Run kubectl create -f sfs-turbo-test.yaml.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Creating a Deployment and Mounting an Existing Volume
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Create a YAML file for the Deployment, for example, deployment-test.yaml.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The following is an example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      apiVersion: apps/v1
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Creating a Deployment and Mounting an Existing Volume
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Create a YAML file for the Deployment, for example, deployment-test.yaml.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        The following is an example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: test-turbo-subpath-example   # Name of the created workload
+  name: test-turbo-subpath-example   # Name of the created workload
   namespace: default
   generation: 1
   labels:
@@ -76,10 +76,10 @@ spec:
         app: test-turbo-subpath-example 
     spec: 
       containers: 
-      - image: nginx:latest  # Image of the workload
+      - image: nginx:latest  # Image of the workload
         name: container-0 
         volumeMounts: 
-        - mountPath: /tmp   #Mount path in a container
+        - mountPath: /tmp   #Mount path in a container
           name: pvc-sfs-turbo-example 
       restartPolicy: Always 
       imagePullSecrets:
@@ -87,18 +87,18 @@ spec:
       volumes: 
       - name: pvc-sfs-turbo-example 
         persistentVolumeClaim: 
-          claimName: sfs-turbo-test   # Name of an existing PVC
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+          claimName: sfs-turbo-test   # Name of an existing PVC
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      In this example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • name: indicates the name of the created workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • image: specifies the image used by the workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • mountPath: indicates the mount path of the container. In this example, the volume is mounted to the /tmp directory.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • claimName: indicates the name of an existing PVC.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Create the Deployment.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      kubectl create -f deployment-test.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      In this example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • name: indicates the name of the created workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • image: specifies the image used by the workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • mountPath: indicates the mount path of the container. In this example, the volume is mounted to the /tmp directory.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • claimName: indicates the name of an existing PVC.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Create the Deployment.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      kubectl create -f deployment-test.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Dynamically Creating a subPath Volume for a StatefulSet
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Create a YAML file for a StatefulSet, for example, statefulset-test.yaml.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The following is an example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      apiVersion: apps/v1
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Dynamically Creating a subPath Volume for a StatefulSet
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Create a YAML file for a StatefulSet, for example, statefulset-test.yaml.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        The following is an example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        apiVersion: apps/v1
 kind: StatefulSet
 metadata:
-  name: test-turbo-subpath # Name of the created workload
+  name: test-turbo-subpath # Name of the created workload
   namespace: default
   generation: 1
   labels:
@@ -118,11 +118,11 @@ spec:
     spec:
       containers:
         - name: container-0  
-          image: 'nginx:latest'  # Image of the workload
+          image: 'nginx:latest'  # Image of the workload
           resources: {}
           volumeMounts:
             - name: sfs-turbo-160024548582479676
-              mountPath: /tmp  # Mount path in a container
+              mountPath: /tmp  # Mount path in a container
           terminationMessagePath: /dev/termination-log
           terminationMessagePolicy: File
           imagePullPolicy: IfNotPresent
@@ -145,21 +145,21 @@ spec:
         resources:
           requests:
             storage: 10Gi
-        storageClassName: sfsturbo-subpath-sc # Enter the name of a self-managed storage class.
+        storageClassName: sfsturbo-subpath-sc # Enter the name of a self-managed storage class.
   serviceName: wwww
   podManagementPolicy: OrderedReady
   updateStrategy:
     type: RollingUpdate
   revisionHistoryLimit: 10
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        In this example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • name: indicates the name of the created workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • image: specifies the image used by the workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • mountPath: indicates the mount path of the container. In this example, the volume is mounted to the /tmp directory.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • spec.template.spec.containers.volumeMounts.name and spec.volumeClaimTemplates.metadata.name: must be consistent because they have a mapping relationship.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • storageClassName: specifies the name of an on-premises StorageClass.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Create the StatefulSet.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        kubectl create -f statefulset-test.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        In this example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • name: indicates the name of the created workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • image: specifies the image used by the workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • mountPath: indicates the mount path of the container. In this example, the volume is mounted to the /tmp directory.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • spec.template.spec.containers.volumeMounts.name and spec.volumeClaimTemplates.metadata.name: must be consistent because they have a mapping relationship.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • storageClassName: specifies the name of an on-premises StorageClass.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Create the StatefulSet.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        kubectl create -f statefulset-test.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Parent topic: SFS Turbo
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Parent topic: Storage
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
diff --git a/docs/cce/umn/cce_bestpractice_00253_0.html b/docs/cce/umn/cce_bestpractice_00253_0.html
index 74682c31a..10d26e4b7 100644
--- a/docs/cce/umn/cce_bestpractice_00253_0.html
+++ b/docs/cce/umn/cce_bestpractice_00253_0.html
@@ -1,19 +1,19 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Dynamically Creating an SFS Turbo Subdirectory Using StorageClass
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Background
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The minimum capacity of an SFS Turbo file system is 500 GiB. By default, the root directory of an SFS Turbo file system is mounted to a container which, in most case, does not require such a large capacity.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The everest add-on allows you to dynamically create subdirectories in an SFS Turbo file system and mount these subdirectories to containers. In this way, an SFS Turbo file system can be shared by multiple containers to increase storage efficiency.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Background
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The minimum capacity of an SFS Turbo file system is 1000 GiB. By default, the root directory of an SFS Turbo file system is mounted to a container which, in most case, does not require such a large capacity.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The Everest add-on allows you to dynamically create subdirectories in an SFS Turbo file system and mount these subdirectories to containers. In this way, an SFS Turbo file system can be shared by multiple containers to increase storage efficiency.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Only clusters of v1.15 or later are supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • The cluster must use the everest add-on of version 1.1.13 or later.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Kata containers are not supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • When the everest add-on earlier than 1.2.69 or 2.1.11 is used, a maximum of 10 PVCs can be created concurrently at a time by using the subdirectory function. everest of 1.2.69 or later or of 2.1.11 or later is recommended.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • A subPath volume is a subdirectory of an SFS Turbo file system. Increasing the capacity of a PVC of this type only changes the resource range specified by the PVC, but does not change the total capacity of the SFS Turbo file system. If the SFS Turbo file system's total resource capacity is not enough, the available capacity of the subPath volume will be restricted. To fix this, you must increase the resource capacity of the SFS Turbo file system on the SFS Turbo console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Deleting the subPath volume does not result in the deletion of the resources of the SFS Turbo file system.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Only clusters of v1.15 or later are supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The cluster must use the Everest add-on of version 1.1.13 or later.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Kata containers are not supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • When the Everest add-on earlier than 1.2.69 or 2.1.11 is used, a maximum of 10 PVCs can be created concurrently at a time by using the subdirectory function. everest of 1.2.69 or later or of 2.1.11 or later is recommended.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • A subPath volume is a subdirectory of an SFS Turbo file system. Increasing the capacity of a PVC of this type only changes the resource range specified by the PVC, but does not change the total capacity of the SFS Turbo file system. If the SFS Turbo file system's total resource capacity is not enough, the available capacity of the subPath volume will be restricted. To fix this, you must increase the resource capacity of the SFS Turbo file system on the SFS Turbo console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Deleting the subPath volume does not result in the deletion of the resources of the SFS Turbo file system.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Creating an SFS Turbo Volume of the subPath Type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Create an SFS Turbo file system in the same VPC and subnet as the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2. Create a YAML file of StorageClass, for example, sfsturbo-subpath-sc.yaml.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        The following is an example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        apiVersion: storage.k8s.io/v1
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Creating an SFS Turbo Volume of the subPath Type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        1. Create an SFS Turbo file system in the same VPC and subnet as the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2. Create a YAML file of StorageClass, for example, sfsturbo-subpath-sc.yaml.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          The following is an example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          apiVersion: storage.k8s.io/v1
 allowVolumeExpansion: true
 kind: StorageClass
 metadata:
-  name: sfsturbo-subpath-sc # Storage class name
-mountOptions:  #Mount options
+  name: sfsturbo-subpath-sc # Storage class name
+mountOptions:  #Mount options
 - lock
 parameters:
   csi.storage.k8s.io/csi-driver-name: sfsturbo.csi.everest.io
@@ -21,27 +21,27 @@ parameters:
   everest.io/archive-on-delete: "true"
   everest.io/share-access-to: 7ca2dba2-1234-1234-1234-626371a8fb3a
   everest.io/share-expand-type: bandwidth
-  everest.io/share-export-location: 192.168.1.1:/sfsturbo/  # Mount directory configuration
+  everest.io/share-export-location: 192.168.1.1:/sfsturbo/  # Mount directory configuration
   everest.io/share-source: sfs-turbo
   everest.io/share-volume-type: STANDARD
   everest.io/volume-as: subpath
-  everest.io/volume-id: 0d773f2e-1234-1234-1234-de6a35074696  # ID of an SFS Turbo volume
+  everest.io/volume-id: 0d773f2e-1234-1234-1234-de6a35074696  # ID of an SFS Turbo volume
 provisioner: everest-csi-provisioner
 reclaimPolicy: Delete
 volumeBindingMode: Immediate
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          In this example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • name: indicates the name of the StorageClass.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • mountOptions: indicates the mount options. This field is optional.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • In versions later than everest 1.1.13 and earlier than everest 1.2.8, only the nolock parameter can be configured. By default, the nolock parameter is used for the mount operation and does not need to be configured. If nolock is set to false, the lock field is used.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Starting from everest 1.2.8, more mount options are supported. For details, see Configuring SFS Volume Mount Options. Do not set nolock to true. Otherwise, the mount operation will fail.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              mountOptions:
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              In this example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • name: indicates the name of the StorageClass.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • mountOptions: (Optional) indicates the mount options.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • In versions later than Everest 1.1.13 and earlier than Everest 1.2.8, only the nolock parameter can be configured. By default, the nolock parameter is used for the mount operation and does not need to be configured. If nolock is set to false, the lock field is used.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Starting from Everest 1.2.8, more mount options are supported. For details, see Configuring SFS Volume Mount Options. Do not set nolock to true. Otherwise, the mount operation will fail.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  mountOptions:
 - vers=3
 - timeo=600
 - nolock
 - hard
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • everest.io/volume-as: This parameter is set to subpath to use the subPath volume.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • everest.io/share-access-to: This parameter is optional. In a subPath volume, set this parameter to the ID of the VPC where the SFS Turbo file system is located.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • everest.io/share-expand-type: This parameter is optional. If the type of the SFS Turbo file system is SFS Turbo Standard – Enhanced or SFS Turbo Performance – Enhanced, set this parameter to bandwidth.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • everest.io/share-export-location: This parameter indicates the mount directory. It consists of the SFS Turbo shared path and sub-directory. The shared path can be obtained on the SFS Turbo console. The sub-directory is user-defined. The PVCs created using the StorageClass are located in this sub-directory.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • everest.io/share-volume-type: This parameter is optional. It specifies the SFS Turbo file system type. The value can be STANDARD or PERFORMANCE. For enhanced types, this parameter must be used together with everest.io/share-expand-type (whose value should be bandwidth).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • everest.io/zone: This parameter is optional. Set it to the AZ where the SFS Turbo file system is located.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • everest.io/volume-id: This parameter indicates the ID of the SFS Turbo volume. You can obtain the volume ID on the SFS Turbo page.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • everest.io/archive-on-delete: If this parameter is set to true and Delete is selected for Reclaim Policy, the original documents of the PV will be archived to the directory named archived-{$PV name.timestamp} before the PVC is deleted. If this parameter is set to false, the SFS Turbo subdirectory of the corresponding PV will be deleted. The default value is true, indicating that the original documents of the PV will be archived to the directory named archived-{$PV name.timestamp} before the PVC is deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        1. Run kubectl create -f sfsturbo-subpath-sc.yaml.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2. Create a PVC YAML file named sfs-turbo-test.yaml.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          The following is an example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          apiVersion: v1
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        3. everest.io/volume-as: This parameter is set to subpath to use the subPath volume.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        4. everest.io/share-access-to: This parameter is optional. In a subPath volume, set this parameter to the ID of the VPC where the SFS Turbo file system is located.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        5. everest.io/share-expand-type: This parameter is optional. If the type of the SFS Turbo file system is SFS Turbo Standard – Enhanced or SFS Turbo Performance – Enhanced, set this parameter to bandwidth.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        6. everest.io/share-export-location: This parameter indicates the mount directory. It consists of the SFS Turbo shared path and sub-directory. The shared path can be obtained on the SFS Turbo console. The sub-directory is user-defined. The PVCs created using the StorageClass are located in this sub-directory.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        7. everest.io/share-volume-type: This parameter is optional. It specifies the SFS Turbo file system type. The value can be STANDARD or PERFORMANCE. For enhanced types, this parameter must be used together with everest.io/share-expand-type (whose value should be bandwidth).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        8. everest.io/zone: This parameter is optional. Set it to the AZ where the SFS Turbo file system is located.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        9. everest.io/volume-id: This parameter indicates the ID of the SFS Turbo volume. You can obtain the volume ID on the SFS Turbo page.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        10. everest.io/archive-on-delete: If this parameter is set to true and Delete is selected for Reclaim Policy, the original documents of the PV will be archived to the directory named archived-{$PV name.timestamp} before the PVC is deleted. If this parameter is set to false, the SFS Turbo subdirectory of the corresponding PV will be deleted. The default value is true, indicating that the original documents of the PV will be archived to the directory named archived-{$PV name.timestamp} before the PVC is deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Run kubectl create -f sfsturbo-subpath-sc.yaml.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2. Create a PVC YAML file named sfs-turbo-test.yaml.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The following is an example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
-  name: sfs-turbo-test  # PVC name
+  name: sfs-turbo-test  # PVC name
   namespace: default
 spec:
   accessModes:
@@ -49,18 +49,18 @@ spec:
   resources:
     requests:
       storage: 50Gi
-  storageClassName: sfsturbo-subpath-sc  # Storage class name
+  storageClassName: sfsturbo-subpath-sc  # Storage class name
   volumeMode: Filesystem
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      In this example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • name: indicates the name of the PVC.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • storageClassName: specifies the name of the StorageClass.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • storage: In a subPath volume, modifying the value of this parameter does not impact the resource capacity of the SFS Turbo file system. A subPath volume is essentially a file path within an SFS Turbo file system. As a result, increasing the capacity of the subPath volume in a PVC does not lead to an increase in the resources of the SFS Turbo file system.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        The capacity of a subPath volume is restricted by the overall resource capacity of the corresponding SFS Turbo file system. If the resources of the SFS Turbo file system are inadequate, you can adjust the resource capacity via the SFS Turbo console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        In this example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • name: indicates the name of the PVC.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • storageClassName: specifies the name of the StorageClass.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • storage: In a subPath volume, modifying the value of this parameter does not impact the resource capacity of the SFS Turbo file system. A subPath volume is essentially a file path within an SFS Turbo file system. As a result, increasing the capacity of the subPath volume in a PVC does not lead to an increase in the resources of the SFS Turbo file system.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          The capacity of a subPath volume is restricted by the overall resource capacity of the corresponding SFS Turbo file system. If the resources of the SFS Turbo file system are inadequate, you can adjust the resource capacity via the SFS Turbo console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Run kubectl create -f sfs-turbo-test.yaml.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Run kubectl create -f sfs-turbo-test.yaml.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Creating a Deployment and Mounting an Existing Volume
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Create a YAML file for the Deployment, for example, deployment-test.yaml.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The following is an example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      apiVersion: apps/v1
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Creating a Deployment and Mounting an Existing Volume
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Create a YAML file for the Deployment, for example, deployment-test.yaml.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        The following is an example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: test-turbo-subpath-example   # Name of the created workload
+  name: test-turbo-subpath-example   # Name of the created workload
   namespace: default
   generation: 1
   labels:
@@ -76,10 +76,10 @@ spec:
         app: test-turbo-subpath-example 
     spec: 
       containers: 
-      - image: nginx:latest  # Image of the workload
+      - image: nginx:latest  # Image of the workload
         name: container-0 
         volumeMounts: 
-        - mountPath: /tmp   #Mount path in a container
+        - mountPath: /tmp   #Mount path in a container
           name: pvc-sfs-turbo-example 
       restartPolicy: Always 
       imagePullSecrets:
@@ -87,18 +87,18 @@ spec:
       volumes: 
       - name: pvc-sfs-turbo-example 
         persistentVolumeClaim: 
-          claimName: sfs-turbo-test   # Name of an existing PVC
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+          claimName: sfs-turbo-test   # Name of an existing PVC
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      In this example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • name: indicates the name of the created workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • image: specifies the image used by the workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • mountPath: indicates the mount path of the container. In this example, the volume is mounted to the /tmp directory.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • claimName: indicates the name of an existing PVC.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Create the Deployment.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      kubectl create -f deployment-test.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      In this example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • name: indicates the name of the created workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • image: specifies the image used by the workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • mountPath: indicates the mount path of the container. In this example, the volume is mounted to the /tmp directory.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • claimName: indicates the name of an existing PVC.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Create the Deployment.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      kubectl create -f deployment-test.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Dynamically Creating a subPath Volume for a StatefulSet
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Create a YAML file for a StatefulSet, for example, statefulset-test.yaml.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The following is an example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      apiVersion: apps/v1
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Dynamically Creating a subPath Volume for a StatefulSet
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Create a YAML file for a StatefulSet, for example, statefulset-test.yaml.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        The following is an example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        apiVersion: apps/v1
 kind: StatefulSet
 metadata:
-  name: test-turbo-subpath # Name of the created workload
+  name: test-turbo-subpath # Name of the created workload
   namespace: default
   generation: 1
   labels:
@@ -118,11 +118,11 @@ spec:
     spec:
       containers:
         - name: container-0  
-          image: 'nginx:latest'  # Image of the workload
+          image: 'nginx:latest'  # Image of the workload
           resources: {}
           volumeMounts:
             - name: sfs-turbo-160024548582479676
-              mountPath: /tmp  # Mount path in a container
+              mountPath: /tmp  # Mount path in a container
           terminationMessagePath: /dev/termination-log
           terminationMessagePolicy: File
           imagePullPolicy: IfNotPresent
@@ -145,21 +145,21 @@ spec:
         resources:
           requests:
             storage: 10Gi
-        storageClassName: sfsturbo-subpath-sc # Enter the name of a self-managed storage class.
+        storageClassName: sfsturbo-subpath-sc # Enter the name of a self-managed storage class.
   serviceName: wwww
   podManagementPolicy: OrderedReady
   updateStrategy:
     type: RollingUpdate
   revisionHistoryLimit: 10
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        In this example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • name: indicates the name of the created workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • image: specifies the image used by the workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • mountPath: indicates the mount path of the container. In this example, the volume is mounted to the /tmp directory.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • spec.template.spec.containers.volumeMounts.name and spec.volumeClaimTemplates.metadata.name: must be consistent because they have a mapping relationship.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • storageClassName: specifies the name of an on-premises StorageClass.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Create the StatefulSet.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        kubectl create -f statefulset-test.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        In this example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • name: indicates the name of the created workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • image: specifies the image used by the workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • mountPath: indicates the mount path of the container. In this example, the volume is mounted to the /tmp directory.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • spec.template.spec.containers.volumeMounts.name and spec.volumeClaimTemplates.metadata.name: must be consistent because they have a mapping relationship.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • storageClassName: specifies the name of an on-premises StorageClass.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Create the StatefulSet.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        kubectl create -f statefulset-test.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Parent topic: Storage
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Parent topic: SFS Turbo
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
diff --git a/docs/cce/umn/cce_bestpractice_00254.html b/docs/cce/umn/cce_bestpractice_00254.html
index 89caadc2c..3b8f02881 100644
--- a/docs/cce/umn/cce_bestpractice_00254.html
+++ b/docs/cce/umn/cce_bestpractice_00254.html
@@ -9,13 +9,13 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    When performing O&M on Kubernetes clusters, it is often necessary to switch between multiple clusters. The following shows some typical solutions for cluster switchover:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Solution 1: Specify --kubeconfig of kubectl to select the kubeconfig file used by each cluster and use aliases to simplify commands.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Solution 2: Combine clusters, users, and credentials in multiple kubeconfig files into one configuration file and run kubectl config use-context to switch clusters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Compared with solution 1, this solution requires manual configuration of the kubeconfig file, which is relatively complex.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Figure 1 Using kubectl to connect to multiple clusters
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Figure 1 Using kubectl to connect to multiple clusters
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • You have a Linux VM with the kubectl command line tool installed. The kubectl version must match the cluster version. For details, see Install Tools.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • The VM where kubectl is installed must be able to access the network of each cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    kubeconfig File Structure
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    kubeconfig is the configuration file of kubectl. You can download it on the cluster details page.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The content of the kubeconfig file is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    {
     "kind": "Config",
diff --git a/docs/cce/umn/cce_bestpractice_00281.html b/docs/cce/umn/cce_bestpractice_00281.html
index 936c0812a..6be1f77d8 100644
--- a/docs/cce/umn/cce_bestpractice_00281.html
+++ b/docs/cce/umn/cce_bestpractice_00281.html
@@ -21,7 +21,7 @@ spec:
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Set storageClassName only, which is simpler than specifying the EVS disk type by using everest.io/disk-volume-type.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Avoid modifying YAML files or Helm charts. Some users switch from self-built or other Kubernetes services to CCE and have written YAML files of many applications. In these YAML files, different types of storage resources are specified by different StorageClassNames. When using CCE, they need to modify a large number of YAML files or Helm charts to use storage resources, which is labor-consuming and error-prone.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Set the default storageClassName for all applications to use the default storage class. In this way, you can create storage resources of the default type without needing to specify storageClassName in the YAML file.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    This section describes how to set a custom storage class in CCE and how to set the default storage class. You can specify different types of storage resources by setting storageClassName.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • For the first scenario, you can define custom storageClassNames for SAS and SSD EVS disks. For example, define a storage class named csi-disk-sas for creating SAS disks. The following figure shows the differences before and after you use a custom storage class.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • For the first scenario, you can define custom storageClassNames for SAS and SSD EVS disks. For example, define a storage class named csi-disk-sas for creating SAS disks. The following figure shows the differences before and after you use a custom storage class.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • For the second scenario, you can define a storage class with the same name as that in the existing YAML file without needing to modify storageClassName in the YAML file.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • For the third scenario, you can set the default storage class as described below to create storage resources without specifying storageClassName in YAML files.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
@@ -35,296 +35,297 @@ spec:
       storage: 10Gi
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Creating a StorageClass Using a YAML File
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    As of now, CCE provides StorageClasses such as csi-disk, csi-nas, and csi-obs by default. When defining a PVC, you can use a StorageClassName to automatically create a PV of the corresponding type and automatically create underlying storage resources.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Run the following kubectl command to obtain the StorageClasses that CCE supports. Use the CSI add-on provided by CCE to create a StorageClass.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    # kubectl get sc
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Creating a StorageClass Using a YAML File
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    As of now, CCE provides StorageClasses such as csi-disk, csi-nas, and csi-obs by default. When defining a PVC, you can use a StorageClassName to automatically create a PV of the corresponding type and automatically create underlying storage resources.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Run the following kubectl command to obtain the StorageClasses that CCE supports. Use the CSI add-on provided by CCE to create a StorageClass.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    # kubectl get sc
 NAME                PROVISIONER                     AGE
 csi-disk            everest-csi-provisioner         17d          # EVS disk
-csi-disk-topology   everest-csi-provisioner         17d          # EVS disks created with delay
+csi-disk-topology   everest-csi-provisioner         17d          # EVS disks created with a delay
 csi-nas             everest-csi-provisioner         17d          # SFS 1.0
+csi-sfs             everest-csi-provisioner         17d          # A general purpose file system (SFS 3.0 Capacity-Oriented)
 csi-obs             everest-csi-provisioner         17d          # OBS
 csi-sfsturbo        everest-csi-provisioner         17d          # SFS Turbo
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Each StorageClass contains the default parameters used for dynamically creating a PV. The following is an example of StorageClass for EVS disks:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    kind: StorageClass
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Each StorageClass contains the default parameters used for dynamically creating a PV. The following is an example of StorageClass for EVS disks:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    kind: StorageClass
 apiVersion: storage.k8s.io/v1
 metadata:
   name: csi-disk
-provisioner: everest-csi-provisioner
-parameters:
+provisioner: everest-csi-provisioner
+parameters:
   csi.storage.k8s.io/csi-driver-name: disk.csi.everest.io
-  csi.storage.k8s.io/fstype: ext4    # (Optional) Set the file system type to xfs or ext4. If it is left blank, ext4 will be used by default.
+  csi.storage.k8s.io/fstype: ext4    # (Optional) The file system is of the xfs or ext4 type. If it is left blank, ext4 will be used by default.
   everest.io/disk-volume-type: SAS
   everest.io/passthrough: 'true'
-reclaimPolicy: Delete
-allowVolumeExpansion: true
-volumeBindingMode: Immediate
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+reclaimPolicy: Delete
+allowVolumeExpansion: true
+volumeBindingMode: Immediate
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Table 1 Key parameters
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Table 1 Key parameters
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    provisioner
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    provisioner
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Specifies the storage resource provider, which is the Everest add-on for CCE. Set this parameter to everest-csi-provisioner.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Specifies the storage resource provider, which is the Everest add-on for CCE. Set this parameter to everest-csi-provisioner.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    parameters
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    parameters
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Specifies the storage parameters, which vary with storage types. For details, see Table 2.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Specifies the storage parameters, which vary with StorageClasses. For details, see Table 2.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    reclaimPolicy
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    reclaimPolicy
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Specifies the value of persistentVolumeReclaimPolicy for creating a PV. The value can be Delete or Retain. If reclaimPolicy is not specified when a StorageClass object is created, the value defaults to Delete.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Delete: When a PVC is deleted, its associated underlying storage resources will be deleted and the PV resources will be removed. Exercise caution if you select this option.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Retain: When a PVC is deleted, both of the PV and its associated underlying storage resources will be retained and the PV is marked as released. If you manually delete the PV afterwards, the underlying storage resources will not be deleted. To bind the PV to a new PVC, you need to remove the original binding information from the PV.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Specifies the value of persistentVolumeReclaimPolicy for creating a PV. The value can be Delete or Retain. If reclaimPolicy is not specified when a StorageClass object is created, the value defaults to Delete.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Delete: When a PVC is deleted, its associated underlying storage resources will be deleted and the PV resources will be removed. Exercise caution if you select this option.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Retain: When a PVC is deleted, both of the PV and its associated underlying storage resources will be retained and the PV is marked as released. If you manually delete the PV afterwards, the underlying storage resources will not be deleted. To bind the PV to a new PVC, you need to remove the original binding information from the PV.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    allowVolumeExpansion
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    allowVolumeExpansion
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Specifies whether the PV of this StorageClass supports dynamic capacity expansion. The default value is false. Dynamic capacity expansion is implemented by the underlying storage add-on. This is only a switch.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Specifies whether the PV of this StorageClass supports dynamic capacity expansion. The default value is false. Dynamic capacity expansion is implemented by the underlying storage add-on. This is only a switch.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    volumeBindingMode
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    volumeBindingMode
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Specifies the volume binding mode, which is the time when a PV is dynamically created. The value can be Immediate or WaitForFirstConsumer.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Immediate: After a PVC is created, the storage resources and PV will be created and associated with the PVC without delay.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • WaitForFirstConsumer: After a PVC is created, it will not be immediately bound to a PV. Instead, the storage resources and PV will be generated and bound to the PVC only after the pod that requires the PVC is scheduled.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Specifies the volume binding mode, which is the time when a PV is dynamically created. The value can be Immediate or WaitForFirstConsumer.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Immediate: After a PVC is created, the storage resources and PV will be created and associated with the PVC without delay.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • WaitForFirstConsumer: After a PVC is created, it will not be immediately bound to a PV. Instead, the storage resources and PV will be generated and bound to the PVC only after the pod that requires the PVC is scheduled.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    mountOptions
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    mountOptions
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    This field must be supported by the underlying storage. If this field is not supported but is specified, the PV creation will fail.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    This field must be supported by the underlying storage. If this field is not supported but is specified, the PV creation will fail.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Table 2 Parameters
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Volume Type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@@ -332,7 +333,7 @@ metadata:
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Custom Storage Classes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    You can customize a high I/O storage class in a YAML file. For example, the name csi-disk-sas indicates that the disk type is SAS (high I/O).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Custom Storage Classes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    You can customize a high I/O storage class in a YAML file. For example, the name csi-disk-sas indicates that the disk type is SAS (high I/O).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    apiVersion: storage.k8s.io/v1
 kind: StorageClass
 metadata:
@@ -446,7 +447,7 @@ csi-sfsturbo             everest-csi-provisioner         17d
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Verification
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    When creating a PVC, you have the following configuration methods:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Specify a storage class explicitly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Use the default storage class set up in the cluster if you do not specify a storage class.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Below are the steps to check the results of both configuration methods.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The following steps are used to verify whether the storage class csi-disk-sas defined in Custom Storage Classes can be used to create a PVC.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The following steps are used to verify whether the storage class csi-disk-sas defined in "Custom Storage Classes" can be used to create a PVC.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Create a YAML file named sas-disk.yaml. You can change the file name as needed. This file uses csi-disk-sas to create a PVC.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      vim sas-disk.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The file content is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      apiVersion: v1
 kind: PersistentVolumeClaim
diff --git a/docs/cce/umn/cce_bestpractice_00282.html b/docs/cce/umn/cce_bestpractice_00282.html
index a7d1b5df4..edd1ee1cb 100644
--- a/docs/cce/umn/cce_bestpractice_00282.html
+++ b/docs/cce/umn/cce_bestpractice_00282.html
@@ -6,12 +6,13 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Two major auto scaling policies are HPA (Horizontal Pod Autoscaling) and CA (Cluster AutoScaling). HPA is for workload auto scaling and CA is for node auto scaling.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      HPA and CA work with each other. HPA requires sufficient cluster resources for successful scaling. When the cluster resources are insufficient, CA is needed to add nodes. If HPA reduces workloads, the cluster will have a large number of idle resources. In this case, CA needs to release nodes to avoid resource waste.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      As shown in Figure 1, HPA performs scale-out based on the monitoring metrics. When cluster resources are insufficient, newly created pods are in Pending state. CA then checks these pending pods and selects the most appropriate node pool based on the configured scaling policy to scale out the node pool. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Figure 1 HPA and CA working flows
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      As shown in Figure 1, HPA performs scale-out based on the monitoring metrics. When cluster resources are insufficient, newly created pods are in Pending state. CA then checks these pending pods and selects the most appropriate node pool based on the configured scaling policy to scale out the node pool. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Figure 1 HPA and CA working flows
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Using HPA and CA enables automatic scaling for most scenarios while also providing monitoring capabilities.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      This section uses an example to describe the auto scaling process using HPA and CA policies together.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Preparations
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Create a cluster with one node. The node should have 2 cores of vCPUs and 4 GiB of memory, or a higher specification, as well as an EIP to allow external access. If no EIP is bound to the node during node creation, you can manually bind one on the ECS console after creating the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Preparations
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        1. Create a cluster with one node. The node should have 2 vCPUs and 4 GiB of memory, or a higher flavor, as well as an EIP to allow external access. If no EIP is bound to the node during node creation, you can manually bind one on the ECS console after creating the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2. Install add-ons for the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • autoscaler: node scaling add-on
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • metrics-server: an aggregator of resource usage data in a Kubernetes cluster. It can collect measurement data of major Kubernetes resources, such as pods, nodes, containers, and Services.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        3. Log in to the cluster node and run a computing-intensive application. When a user sends a request, the result needs to be calculated before being returned to the user.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Create a PHP file named index.php to calculate the square root of the request for 1,000,000 times before returning OK!.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            vi index.php
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            The file content is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <?php
@@ -28,8 +29,8 @@ COPY index.php /var/www/html/index.php
 RUN chmod a+rx index.php
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. Run the following command to build an image named hpa-example with the tag latest.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            docker build -t hpa-example:latest .
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. (Optional) Log in to the SWR console, choose Organizations in the navigation pane, and click Create Organization in the upper right corner.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Skip this step if you already have an organization.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4. In the navigation pane, choose My Images and then click Upload Through Client. On the page displayed, click Generate a temporary login command and click  to copy the command.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          5. Run the login command copied in the previous step on the cluster node. If the login is successful, the message "Login Succeeded" is displayed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          6. Tag the hpa-example image.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            docker tag {Image name 1:Tag 1}/{Image repository address}/{Organization name}/{Image name 2:Tag 2}
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          7. (Optional) Log in to the SWR console, choose Organizations in the navigation pane, and click Create Organization in the upper right corner.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Skip this step if you already have an organization.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          8. In the navigation pane, choose My Images and then click Upload Through Client. On the page displayed, click Generate a temporary login command and click  to copy the command.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          9. Run the login command copied in the previous step on the cluster node. If the login is successful, the message "Login Succeeded" is displayed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          10. Tag the hpa-example image.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            docker tag {Image name 1:Tag 1}/{Image repository address}/{Organization name}/{Image name 2:Tag 2}
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • {Image name 1:Tag 1}: name and tag of the local image to be uploaded.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • {Image repository address}: the domain name at the end of the login command in login command. It can be obtained on the SWR console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • {Organization name}: name of the created organization.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • {Image name 2:Tag 2}: desired image name and tag to be displayed on the SWR console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            The following is an example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            docker tag hpa-example:latest swr.eu-de.otc.t-systems.com/group/hpa-example:latest
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
@@ -45,9 +46,9 @@ latest: digest: sha256:eb7e3bbd*** size: **
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Creating a Node Pool and a Node Scaling Policy
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        1. Log in to the CCE console, access the created cluster, click Nodes on the left, click the Node Pools tab, and click Create Node Pool in the upper right corner.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2. Configure the node pool.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Node Type: Select a node type.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Specifications: 2 vCPUs | 4 GiB
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Creating a Node Pool and a Node Scaling Policy
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster. In the navigation pane, choose Nodes. In the right pane, click the Node Pools tab and click Create Node Pool in the upper right corner.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. Configure the node pool.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Node Type: Select a node type.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Specifications: 2 vCPUs | 4 GiB
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Retain the default values for other parameters. For details, see Creating a Node Pool.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. Locate the row containing the newly created node pool and click Auto Scaling in the upper right corner. For details, see Creating a Node Scaling Policy.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            If the CCE Cluster Autoscaler add-on is not installed in the cluster, install it first. For details, see autoscaler.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Customize scale-out rules.: Click Add Rule. In the dialog box displayed, configure parameters. If the CPU allocation rate is greater than 70%, a node is added to each associated node pool. A node scaling policy needs to be associated with a node pool. Multiple node pools can be associated. When you need to scale nodes, node with proper specifications will be added or reduced from the node pool based on the minimum waste principle.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Nodes: Modify the node quantity range. The number of nodes in a node pool will always be within the range during auto scaling.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Cooldown Period: a period during which the nodes added in the current node pool cannot be scaled in
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Specifications: Configure whether to enable auto scaling for node flavors in a node pool.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4. Locate the row containing the newly created node pool and click Auto Scaling in the upper right corner. For details, see Creating a Node Scaling Policy.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            If the CCE Cluster Autoscaler add-on is not installed in the cluster, install it first. For details, see CCE Cluster Autoscaler.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Customize scale-out rules.: Click Add Rule. In the dialog box displayed, configure parameters. If the CPU allocation rate is greater than 70%, a node is added to each associated node pool. A node scaling policy needs to be associated with a node pool. Multiple node pools can be associated. When you need to scale nodes, node with proper specifications will be added or reduced from the node pool based on the minimum waste principle.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Nodes: Modify the node quantity range. The number of nodes in a node pool will always be within the range during auto scaling.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Cooldown Period: a period during which the nodes added in the current node pool cannot be scaled in
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Specifications: Configure whether to enable auto scaling for node flavors in a node pool.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          5. Click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
@@ -68,7 +69,7 @@ spec:
     spec:
       containers:
       - name: container-1
-        image: 'hpa-example:latest' # Replace it with the address of the image you uploaded to SWR.
+        image: ''hpa-example:latest'' # Replace it with the address of the image you uploaded to SWR.
         resources:
           limits:                  # The value of limits must be the same as that of requests to prevent flapping during scaling.
             cpu: 500m
@@ -119,7 +120,7 @@ spec:
           averageUtilization: 50
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Configure the parameters as follows if you are using the console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Observing the Auto Scaling Process
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        1. Check the cluster node status. In the following example, there are two nodes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          # kubectl get node
 NAME            STATUS   ROLES    AGE     VERSION
@@ -130,7 +131,7 @@ NAME            STATUS   ROLES    AGE     VERSION
 NAME         REFERENCE                TARGETS   MINPODS   MAXPODS   REPLICAS   AGE
 hpa-policy   Deployment/hpa-example   0%/50%    1         100       1          4m
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2. Run the following command to access the workload. In the following command, {ip:port} indicates the access address of the workload, which can be queried on the workload details page.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          while true;do wget -q -O- http://{ip:port}; done
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          If no EIP is displayed, the cluster node has not been assigned any EIP. Allocate one, bind it to the node, and synchronize node data. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          If no EIP is displayed, the cluster node has not been assigned any EIP. Allocate one, bind it to the node, and synchronize node data.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Observe the scaling process of the workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          # kubectl get hpa hpa-policy --watch
@@ -210,7 +211,7 @@ Events:
   Normal  SuccessfulRescale  6m45s  horizontal-pod-autoscaler  New size: 3; reason: All metrics below target
   Normal  SuccessfulRescale  90s    horizontal-pod-autoscaler  New size: 1; reason: All metrics below target
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          You can also view the HPA policy execution history on the console. Wait until the one node is reduced.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          The reason why the other two nodes in the node pool are not reduced is that they both have pods in the kube-system namespace, and these pods are not created by DaemonSets. For details about the conditions in which nodes will not be removed, see Node Scaling Mechanisms.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          The reason why the other two nodes in the node pool are not reduced is that they both have pods in the kube-system namespace, and these pods are not created by DaemonSets. For details about the conditions in which nodes will not be removed, see Node Scaling Mechanisms.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Summary
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        By using HPA and CA, auto scaling can be effortlessly implemented in various scenarios. Additionally, the scaling process of nodes and pods can be conveniently tracked.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_bestpractice_00284.html b/docs/cce/umn/cce_bestpractice_00284.html
index b396a29cd..3f4a6d687 100644
--- a/docs/cce/umn/cce_bestpractice_00284.html
+++ b/docs/cce/umn/cce_bestpractice_00284.html
@@ -2,10 +2,10 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Scheduling EVS Disks Across AZs Using csi-disk-topology
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Background
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        EVS disks cannot be attached to a node deployed in another AZ. For example, the EVS disks in AZ 1 cannot be attached to a node in AZ 2. If the storage class csi-disk is used for StatefulSets, when a StatefulSet is scheduled, a PVC and a PV are created immediately (an EVS disk is created along with the PV), and then the PVC is bound to the PV. However, when the cluster nodes are located in multiple AZs, the EVS disk created by the PVC and the node to which the pods are scheduled may be in different AZs. As a result, the pods fail to be scheduled.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        CCE provides a storage class named csi-disk-topology, which is a late-binding EVS disk type. When you use this storage class to create a PVC, no PV will be created in pace with the PVC. Instead, the PV is created in the AZ of the node where the pod will be scheduled. An EVS disk is then created in the same AZ to ensure that the EVS disk can be attached and the pod can be successfully scheduled.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Failed Pod Scheduling Due to csi-disk Used in Cross-AZ Node Deployment
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Create a cluster with three nodes in different AZs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Use the csi-disk storage class to create a StatefulSet and check whether the workload is successfully created.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_bestpractice_0050.html b/docs/cce/umn/cce_bestpractice_0050.html
index 7dec0cdbc..f57946ad9 100644
--- a/docs/cce/umn/cce_bestpractice_0050.html
+++ b/docs/cce/umn/cce_bestpractice_0050.html
@@ -9,7 +9,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2. 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2. Creating an IPv4/IPv6 Dual-Stack Cluster in CCE
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        3. 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      3. Executing the Pre- or Post-installation Commands During Node Creation
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      4. Executing the Pre- or Post-installation Commands During Node Creation
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        5. 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      5. Connecting to Multiple Clusters Using kubectl
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        6. 
diff --git a/docs/cce/umn/cce_bestpractice_0052.html b/docs/cce/umn/cce_bestpractice_0052.html
index a10a9e211..3b7b6f108 100644
--- a/docs/cce/umn/cce_bestpractice_0052.html
+++ b/docs/cce/umn/cce_bestpractice_0052.html
@@ -15,9 +15,9 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      6. CoreDNS Configuration Optimization
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        7. 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      7. Pre-Binding Container ENI for CCE Turbo Clusters
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      8. Pre-Binding Container Elastic Network Interfaces for CCE Turbo Clusters
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        9. 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      9. Accessing an IP Address Outside of a Cluster That Uses a VPC Network by Using Source Pod IP Addresses Within the Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      10. Accessing an IP Address Outside a Cluster That Uses a VPC Network by Using Source Pod IP Addresses Within the Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        11. 
 
 
diff --git a/docs/cce/umn/cce_bestpractice_0053.html b/docs/cce/umn/cce_bestpractice_0053.html
index 3575cb33e..3a2f673c4 100644
--- a/docs/cce/umn/cce_bestpractice_0053.html
+++ b/docs/cce/umn/cce_bestpractice_0053.html
@@ -8,7 +8,7 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      11. Mounting Object Storage Across Accounts
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        12. 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      12. Dynamically Creating an SFS Turbo Subdirectory Using StorageClass
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      13. Dynamically Creating an SFS Turbo Subdirectory Using StorageClass
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        14. 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      14. Changing the Storage Class Used by a Cluster of v1.15 from FlexVolume to CSI Everest
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        15. 
diff --git a/docs/cce/umn/cce_bestpractice_0059.html b/docs/cce/umn/cce_bestpractice_0059.html
index 82258e920..6a4e9b69c 100644
--- a/docs/cce/umn/cce_bestpractice_0059.html
+++ b/docs/cce/umn/cce_bestpractice_0059.html
@@ -2,7 +2,7 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Migrating Resources Outside a Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        If your migration does not involve resources outside a cluster listed in Table 1 or you do not need to use other services to update resources after the migration, skip this section.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Migrating Container Images
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        To ensure that container images can be properly pulled after cluster migration and improve container deployment efficiency, you are advised to migrate private images to SoftWare Repository for Container (SWR). CCE works with SWR to provide a pipeline for automated container delivery. Images are pulled in parallel, which greatly improves container delivery efficiency.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Migrating Container Images
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        To ensure that container images can be properly pulled after cluster migration and improve container deployment efficiency, you are advised to migrate private images to SWR. CCE works with SWR to provide a pipeline for automated container delivery. Images are pulled in parallel, which greatly improves container delivery efficiency.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Manually migrate container images.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        1. Remotely log in to any node in the source cluster and run the docker pull command to pull all images to the local host.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2. Log in to the SWR console, click Login Command in the upper right corner of the page, and copy the command.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        3. Run the copied login command on the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          The message "Login Succeeded" will be displayed upon a successful login.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        4. Add tags to all local images.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          docker tag [Image name 1:tag 1] [Image repository address]/[Organization name]/[Image name 2:tag 2]
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_bestpractice_0107.html b/docs/cce/umn/cce_bestpractice_0107.html
index 499790f1b..67d77642a 100644
--- a/docs/cce/umn/cce_bestpractice_0107.html
+++ b/docs/cce/umn/cce_bestpractice_0107.html
@@ -549,7 +549,7 @@ spec:
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Replace the example file name pvc-example.yaml in the preceding commands with the names of the YAML files configured in 2 and 3.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        5. Run the kubectl edit command to edit the StatefulSet and use the newly created PVC.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          kubectl edit sts sts-example -n xxx
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Replace sts-example in the preceding command with the actual name of the StatefulSet to upgrade. xxx indicates the namespace to which the StatefulSet belongs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        6. Wait until the pods are running.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_bestpractice_0300.html b/docs/cce/umn/cce_bestpractice_0300.html
index 0e8a2977b..5c99fe582 100644
--- a/docs/cce/umn/cce_bestpractice_0300.html
+++ b/docs/cce/umn/cce_bestpractice_0300.html
@@ -74,7 +74,7 @@ nginx-658dff48ff-njdhj                 1/1     Running   0          4d9h
 NAME                     READY   STATUS    RESTARTS   AGE
 nginx-658dff48ff-7rkph   1/1     Running   0          4d9h
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Try querying Deployments and Services in the namespace. The output shows user-example does not have the corresponding permissions. Try querying the pods in namespace kube-system. The output shows user-example does not have the corresponding permission, either. This indicates that the IAM user user-example has only the GET and LIST Pod permissions in the default namespace, which is the same as expected.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Try querying Deployments and Services in the namespace. The output shows user-example does not have the corresponding permissions. Try querying the pods in namespace kube-system. The output shows user-example does not have the corresponding permission, either. This indicates that the IAM user user-example has only the GET and LIST Pod permissions in the default namespace, which is the same as expected.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        # kubectl get deploy
 Error from server (Forbidden): deployments.apps is forbidden: User "0c97ac3cb280f4d91fa7c0096739e1f8" cannot list resource "deployments" in API group "apps" in the namespace "default"
 # kubectl get svc
diff --git a/docs/cce/umn/cce_bestpractice_0307.html b/docs/cce/umn/cce_bestpractice_0307.html
index a90003e50..32822c812 100644
--- a/docs/cce/umn/cce_bestpractice_0307.html
+++ b/docs/cce/umn/cce_bestpractice_0307.html
@@ -53,9 +53,9 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Figure 1 shows the migration process. You can migrate resources outside a cluster as required.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Figure 1 Migration solution diagram
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Figure 1 Migration solution diagram
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Migration Process
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Migration Process
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The cluster migration process is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Plan resources for the target cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        For details about the differences between CCE clusters and on-premises clusters, see Key Performance Parameter in Resource Planning for the Target Cluster. Plan resources as required and ensure that the performance configuration of the target cluster is the same as that of the source cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2. Migrate resources outside a cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        To migrate resources outside the cluster, see Migrating Resources Outside a Cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
@@ -72,7 +72,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
 
diff --git a/docs/cce/umn/cce_bestpractice_0310.html b/docs/cce/umn/cce_bestpractice_0310.html
index 7c478ccdc..a63d54eb8 100644
--- a/docs/cce/umn/cce_bestpractice_0310.html
+++ b/docs/cce/umn/cce_bestpractice_0310.html
@@ -1,127 +1,88 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Installing the Migration Tool
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Velero is an open source backup and migration tool for Kubernetes clusters. With restic's PV data backup capabilities, Velero can back up Kubernetes resource objects (such as Deployments, jobs, Services, and ConfigMaps) in the source cluster and data in PVs mounted to pods and uploaded them to object storage. If a disaster occurs or migration is required, the target cluster can obtain the corresponding backup data from the object storage using Velero and restore cluster resources as required.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      According to Migration Solution, prepare temporary object storage to store backup files before the migration. Velero supports OBS and MinIO as the object storage. The object storage requires sufficient storage space for storing backup files. You can estimate the storage space based on your cluster scale and data volume. OBS buckets are recommended for data backup. For details about how to deploy Velero, see Installing Velero.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The Kubernetes version of the source on-premises cluster must be 1.10 or later, and the cluster can use DNS and Internet services properly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • If you are using OBS to store backup files, you must obtain the AK/SK of a user who has the right to operate OBS. For details, see Access Keys.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • If you are using MinIO to store backup files, you must bind an EIP to the server where MinIO is installed and enable the API and console port of MinIO in the security group.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The target CCE cluster has been created.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The source cluster and target cluster must each have at least one idle node. It is recommended that the node specifications be 4 vCPUs and 8 GiB memory or higher.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Velero is an open-source backup and migration tool for Kubernetes clusters. With restic's PV data backup capabilities, Velero can back up Kubernetes resource objects (such as Deployments, jobs, Services, and ConfigMaps) in the source cluster and data in PVs mounted to pods and uploaded them to object storage. If a disaster occurs or migration is required, the target cluster can obtain the corresponding backup data from the object storage using Velero and restore cluster resources as required.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      According to Migration Solution, you will need to prepare temporary object storage to store backup files before the migration. Velero supports OBS as the object storage. For details about how to deploy Velero, see Installing Velero.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The Kubernetes version of the source on-premises cluster must be 1.10 or later, and the cluster can use DNS and Internet services properly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • If you are using OBS to store backup files, you must obtain the AK/SK of a user who can operate OBS. For details, see Obtaining Access Keys (AK/SK).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The target CCE cluster has been created.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The source cluster and target cluster must each have at least one idle node. It is recommended that the node specifications be 4 vCPUs and 8 GiB memory or higher.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      (Optional) Installing MinIO
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      MinIO is an open source, high-performance object storage tool compatible with the S3 API protocol. If MinIO is used to store backup files for cluster migration, you need a temporary server to deploy MinIO and provide services for external systems. If you are using OBS to store backup files, you can skip this section and go to Installing Velero.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      MinIO can be installed in any of the following locations:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • A temporary ECS outside a cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        If the MinIO server is installed outside the cluster, backup files will not be affected when a catastrophic fault occurs in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • An idle node in a cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        You can remotely log in to a node and install MinIO or the containerized MinIO. For details, see Velero official document.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        To containerize MinIO, do as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Change the storage type (emptyDir) in the YAML file provided by Velero to hostPath or local. Otherwise, backup files will be permanently lost after the containerized MinIO is restarted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Change the Service type to NodePort or use other types of Services that support public network access to ensure that MinIO can be accessed by external networks. Otherwise, backup files cannot be downloaded outside the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Regardless of which deployment method is used, the server where MinIO is installed must have sufficient storage space, an EIP must be bound to the server, and the MinIO service port must be enabled in the security group. Otherwise, backup files cannot be uploaded or downloaded.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      In this example, MinIO is installed on a temporary ECS outside the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Download MinIO.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        mkdir /opt/minio
-mkdir /opt/miniodata
-cd /opt/minio
-wget https://dl.minio.io/server/minio/release/linux-amd64/minio
-chmod +x minio
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2. Configure the username and password of MinIO.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        The username and password configured using this method are temporary environment variables and must be reset after the service is restarted. Otherwise, the default root credential minioadmin:minioadmin will be used to create the service.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        export MINIO_ROOT_USER=minio
-export MINIO_ROOT_PASSWORD=minio123
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      3. Create a service. In the command, /opt/miniodata/ indicates the local disk path for MinIO to store data.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        The default API port of MinIO is 9000, and the console port is randomly generated. You can use the --console-address parameter to specify a console port.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        ./minio server /opt/miniodata/ --console-address ":30840" &
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        To access the object storage buckets, make sure to enable the API and console ports in the firewall and security group on the server with MinIO installed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      4. Use a browser to access http://{EIP of the node where MinIO resides}:30840. The MinIO console is displayed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Installing Velero
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      You need to first go to the OBS console or MinIO console and create a bucket named velero for storing backup files. The bucket name can be a custom one, which must be specified when installing Velero. Otherwise, the bucket cannot be accessed and the backup will fail. For details, see 5.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Installing Velero
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      You need to first go to the OBS console and create a bucket named velero for storing backup files. The bucket name can be a custom one, which must be specified when you install Velero. Otherwise, the bucket cannot be accessed and the backup will fail. For details, see 5.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Velero instances need to be installed and deployed in both the source and target clusters and are used for backup and restoration, respectively. The installation procedures are the same.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The master node of a CCE cluster does not support remote login ports. You can use kubectl to install Velero.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • If there are a large number of resources to back up, you are advised to adjust the CPU and memory resources of Velero and node-agent to 1 vCPU and 1 GiB of memory or higher. For details, see Backup Tool Resources Are Insufficient.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The object storage bucket for storing backup files must be empty.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Then, you can download the latest, stable binary file from https://github.com/vmware-tanzu/velero/releases. The following uses Velero 1.13.1 as an example. The process of installing Velero in the source cluster is identical to the target cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Log in to a VM that can access the public network and use kubectl to access the cluster where Velero is to be installed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2. Download the binary file of Velero 1.13.1.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        wget https://github.com/vmware-tanzu/velero/releases/download/v1.13.1/velero-v1.13.1-linux-amd64.tar.gz
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      3. Install the Velero client.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        tar -xvf velero-v1.13.1-linux-amd64.tar.gz
-cp ./velero-v1.13.1-linux-amd64/velero /usr/local/bin
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Then, you can download the latest, stable binary file from https://github.com/vmware-tanzu/velero/releases. The following uses Velero 1.15.1 as an example. The process of installing Velero in the source cluster is identical to the target cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        1. Log in to a VM that can access the public network and use kubectl to access the cluster where Velero is to be installed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2. Download the binary file of Velero 1.15.1.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          wget https://github.com/vmware-tanzu/velero/releases/download/v1.15.1/velero-v1.15.1-linux-amd64.tar.gz
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        3. Install the Velero client.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          tar -xvf velero-v1.15.1-linux-amd64.tar.gz
+cp ./velero-v1.15.1-linux-amd64/velero /usr/local/bin
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        4. Create the access key file credentials-velero for the backup object storage.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          vim credentials-velero
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Replace the AK/SK in the file as required. If MinIO is used, the AK/SK are the username and password created in 2.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          [default]
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Replace the AK/SK in the file as required. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          [default]
 aws_access_key_id = {AK}
 aws_secret_access_key = {SK}
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        5. Deploy the Velero server. Change the value of --bucket to the name of the created object storage bucket. In this example, the bucket name is velero. For more information about custom installation parameters, see Customize Velero Install.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          velero install \
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        6. Deploy the Velero server. Change the value of --bucket to the name of the created object storage bucket. In this example, the bucket name is velero. For more details about custom installation parameters, see Customize Velero Install.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          velero install \
   --provider aws \
   --plugins velero/velero-plugin-for-aws:v1.9.1 \
   --bucket velero \
   --secret-file ./credentials-velero \
   --use-node-agent \
   --use-volume-snapshots=false \
-  --backup-location-config region=eu-de,s3ForcePathStyle="true",s3Url=http://obs.eu-de.otc.t-systems.com
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+  --backup-location-config region=eu-de,s3ForcePathStyle="true",s3Url=https://obs.eu-de.otc.t-systems.com
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Table 2 Parameters
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Volume Type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Mandatory
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Mandatory
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    EVS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    EVS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    csi.storage.k8s.io/csi-driver-name
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    csi.storage.k8s.io/csi-driver-name
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Driver type. If an EVS disk is used, the parameter value is fixed at disk.csi.everest.io.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Driver type. If an EVS disk is used, the parameter value is fixed at disk.csi.everest.io.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    EVS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    EVS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    csi.storage.k8s.io/fstype
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    csi.storage.k8s.io/fstype
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If an EVS disk is used, the parameter value can be ext4 or xfs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The restrictions on using xfs are as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • The nodes must run CentOS 7, HCE OS 2.0, or Ubuntu 22.04, and the Everest version in the cluster must be 2.3.2 or later.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Only common containers are supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If an EVS disk is used, the parameter value can be ext4 or xfs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The restrictions on using xfs are as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • The nodes must run CentOS 7, HCE OS 2.0, or Ubuntu 22.04, and the Everest version in the cluster must be 2.3.2 or later.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Only common containers are supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    EVS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    EVS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    everest.io/disk-volume-type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    everest.io/disk-volume-type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    EVS disk type. All letters are in uppercase.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • SATA: common I/O
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • SAS: high I/O
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • SSD: ultra-high I/O
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • GPSSD: general-purpose SSD
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • ESSD: extreme SSD
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    EVS disk type. All letters are in uppercase.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • SATA: common I/O
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • SAS: high I/O
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • SSD: ultra-high I/O
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • GPSSD: general-purpose SSD
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • ESSD: extreme SSD
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • GPSSD2: general-purpose SSD v2, which is supported when the Everest version is 2.4.4 or later and the everest.io/disk-iops and everest.io/disk-throughput annotations are configured
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    EVS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    EVS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    everest.io/passthrough
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    everest.io/passthrough
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The parameter value is fixed at true, which indicates that the EVS device type is SCSI. No other parameter values are allowed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The parameter value is fixed at true, which indicates that the EVS device type is SCSI. No other parameter values are allowed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SFS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SFS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    csi.storage.k8s.io/csi-driver-name
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    csi.storage.k8s.io/csi-driver-name
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Driver type. If SFS is used, the parameter value is fixed at nas.csi.everest.io.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Driver type. If SFS is used, the parameter value is fixed at nas.csi.everest.io.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SFS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SFS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    csi.storage.k8s.io/fstype
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    csi.storage.k8s.io/fstype
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If SFS is used, the value can be nfs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If SFS is used, the value can be nfs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SFS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SFS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    everest.io/share-access-level
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    everest.io/share-access-level
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The parameter value is fixed at rw, indicating that the SFS data is readable and writable.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The parameter value is fixed at rw, indicating that the SFS data is readable and writable.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SFS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SFS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    everest.io/share-access-to
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    everest.io/share-access-to
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    VPC ID of the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    VPC ID of the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SFS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SFS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    everest.io/share-is-public
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    everest.io/share-is-public
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The parameter value is fixed at false, indicating that the file is shared to private.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    When you use SFS 3.0, there is no need to configure this parameter.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The parameter value is fixed at false, indicating that the file is shared to private.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    When you use a general purpose file system (SFS 3.0 Capacity-Oriented), there is no need to configure this parameter.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SFS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SFS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    everest.io/sfs-version
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    everest.io/sfs-version
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    This parameter is only required for SFS 3.0 and its value is fixed at sfs3.0.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    This parameter is only required for general purpose file systems (SFS 3.0 Capacity-Oriented) and its value is fixed at sfs3.0.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SFS Turbo
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SFS Turbo
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    csi.storage.k8s.io/csi-driver-name
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    csi.storage.k8s.io/csi-driver-name
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Driver type. If SFS Turbo is used, the parameter value is fixed at sfsturbo.csi.everest.io.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Driver type. If SFS Turbo is used, the parameter value is fixed at sfsturbo.csi.everest.io.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SFS Turbo
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SFS Turbo
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    csi.storage.k8s.io/fstype
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    csi.storage.k8s.io/fstype
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If SFS Turbo is used, the value can be nfs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If SFS Turbo is used, the value can be nfs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SFS Turbo
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SFS Turbo
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    everest.io/share-access-to
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    everest.io/share-access-to
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    VPC ID of the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    VPC ID of the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SFS Turbo
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SFS Turbo
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    everest.io/share-expand-type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    everest.io/share-expand-type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Extension type. The default value is bandwidth, indicating an enhanced file system. This parameter does not take effect.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Extension type. The default value is bandwidth, indicating an enhanced file system. This parameter does not take effect.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SFS Turbo
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SFS Turbo
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    everest.io/share-source
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    everest.io/share-source
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The parameter value is fixed at sfs-turbo.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The parameter value is fixed at sfs-turbo.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SFS Turbo
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SFS Turbo
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    everest.io/share-volume-type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    everest.io/share-volume-type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SFS Turbo StorageClass. The default value is STANDARD, indicating standard and standard enhanced editions. This parameter does not take effect.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SFS Turbo StorageClass. The default value is STANDARD, indicating standard and standard enhanced editions. This parameter does not take effect.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SFS Turbo
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SFS Turbo
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    everest.io/reclaim-policy
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    everest.io/reclaim-policy
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    No
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Whether to retain subdirectories when deleting a PVC. This parameter must be used with reclaim policies. This parameter is available only when the PV reclaim policy is Delete. Options:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • retain-volume-only: If a PVC is deleted, the PV will be deleted, but its associated subdirectories will be retained.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • delete: When a PVC is deleted, the associated PV and its subdirectories will also be deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       NOTE: 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      When a subdirectory is deleted, only the absolute path of the subdirectory configured in the PVC will be deleted. The upper-layer directory will not be deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Whether to retain subdirectories when deleting a PVC. This parameter must be used with reclaimPolicy. This parameter is available only when the PV reclaim policy is Delete. Options:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • retain-volume-only: When a PVC is deleted, the PV is deleted, but its associated subdirectories are retained.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • delete: When a PVC is deleted, the PV and its associated subdirectories are also deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       NOTE: 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      When a subdirectory is deleted, only the absolute path of the subdirectory specified in the PVC is deleted. The parent directory remains unchanged.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    OBS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    OBS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    csi.storage.k8s.io/csi-driver-name
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    csi.storage.k8s.io/csi-driver-name
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Driver type. If OBS is used, the parameter value is fixed at obs.csi.everest.io.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Driver type. If OBS is used, the parameter value is fixed at obs.csi.everest.io.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    OBS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    OBS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    csi.storage.k8s.io/fstype
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    csi.storage.k8s.io/fstype
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Instance type, which can be obsfs or s3fs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • obsfs: a parallel file system
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • s3fs: object bucket
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Instance type, which can be obsfs or s3fs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • obsfs: a parallel file system
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • s3fs: object bucket
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    OBS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    OBS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    everest.io/obs-volume-type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    everest.io/obs-volume-type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    OBS StorageClass.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • If fsType is set to s3fs, standard buckets (STANDARD) and infrequent access buckets (WARM) are supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • This parameter is invalid when fsType is set to obsfs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    OBS StorageClass.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • If fsType is set to s3fs, standard buckets (STANDARD) and infrequent access buckets (WARM) are supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • This parameter is invalid when fsType is set to obsfs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Local PV
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Local PV
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    csi.storage.k8s.io/csi-driver-name
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    csi.storage.k8s.io/csi-driver-name
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Driver type. If a local PV is used, the parameter value is fixed at local.csi.everest.io.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Driver type. If a local PV is used, the parameter value is fixed at local.csi.everest.io.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Local PV
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Local PV
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    csi.storage.k8s.io/fstype
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    csi.storage.k8s.io/fstype
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    File system type. The value can only be ext4.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    File system type. The value can only be ext4.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Local PV
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Local PV
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    volume-type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    volume-type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Volume type. The value can only be persistent.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Volume type. The value can only be persistent.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Table 1 Installation parameters of Velero
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Table 1 Installation parameters of Velero
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    --provider
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    --provider
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    AWS S3 component to be used
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Component provider. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    --plugins
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    --plugins
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    API component compatible with AWS S3. Both OBS and MinIO support the S3 protocol.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Container image address of the component.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    --bucket
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    --bucket
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Name of the object storage bucket for storing backup files. The bucket must be created in advance.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Name of the object storage bucket for storing backup files. The bucket must be created in advance.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    --secret-file
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    --secret-file
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Secret file for accessing the object storage, which is, the credentials-velero file created in 4.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Secret file for accessing the object storage, which is, the credentials-velero file created in 4.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    --use-node-agent
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    --use-node-agent
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Whether to enable PV data backup. You are advised to enable this function. Otherwise, storage volume resources cannot be backed up.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Whether to enable PV data backup. You are advised to enable this function. Otherwise, storage volume resources cannot be backed up.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    --use-volume-snapshots
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    --use-volume-snapshots
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Whether to create a VolumeSnapshotLocation object for PV snapshot, which requires support from the snapshot program. Set this parameter to false.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Whether to create a VolumeSnapshotLocation object for PV snapshot, which requires support from the snapshot program. Set this parameter to false.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    --backup-location-config
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    --backup-location-config
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    OBS bucket configurations, including region, s3ForcePathStyle, and s3Url.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    region
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Region to which object storage bucket belongs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • If OBS is used, configure this parameter based on the actual situation, for example, eu-de.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • If MinIO is used, set this parameter to minio.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    s3ForcePathStyle
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The value true indicates that the S3 file path format is used.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    s3Url
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    API access address of the object storage bucket.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • If OBS is used, set this parameter to http://obs.{region}.otc.t-systems.com. The value of this parameter is determined based on the region where the object storage bucket is located. For example, if the region is eu-de, the parameter value is http://obs.eu-de.otc.t-systems.com.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • If MinIO is used, set this parameter to http://{EIP of the node where minio is located}:9000. The value of this parameter is determined based on the IP address and port of the node where MinIO is installed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       NOTE: 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The access port in s3Url must be set to the API port of MinIO instead of the console port. The default API port of MinIO is 9000.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • To access MinIO installed outside the cluster, enter the public IP address of MinIO.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    OBS bucket configuration.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • region: the region where the OBS bucket is located. Set this parameter based on the actual region, for example, eu-de.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • s3ForcePathStyle: If the value is true, the S3 file path format will be used.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • s3Url: API access address of the OBS bucket. The value of this parameter depends on the region where the OBS bucket is located.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      For example, if the region is eu-de, the parameter value is https://obs.eu-de.otc.t-systems.com.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  7. View the pod status: (By default, a namespace named velero is created for the Velero instance.)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    $ kubectl get pod -n velero
-NAME                   READY   STATUS    RESTARTS   AGE
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  8. View the pod status. By default, a namespace named velero is created for the Velero instance.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    kubectl get pod -n velero
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Information similar to the following is displayed:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    NAME                   READY   STATUS    RESTARTS   AGE
 node-agent-rn29c       1/1     Running   0          16s
 velero-c9ddd56-tkzpk   1/1     Running   0          16s
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    To prevent memory insufficiency during backup in the actual production environment, you are advised to change the CPU and memory allocated to node-agent and Velero by referring to Backup Tool Resources Are Insufficient.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  9. Check the interconnection between Velero and the object storage and ensure that the status is Available.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    $ velero backup-location get
-NAME      PROVIDER   BUCKET/PREFIX   PHASE       LAST VALIDATED                  ACCESS MODE   DEFAULT
-default   aws        velero          Available   2021-10-22 15:21:12 +0800 CST   ReadWrite     true
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  10. Check the interconnection between Velero and OBS and ensure that the status is Available.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    velero backup-location get
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Information similar to the following is displayed:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    NAME      PROVIDER   BUCKET/PREFIX   PHASE       LAST VALIDATED                  ACCESS MODE   DEFAULT
+default   ***        velero          Available   2025-06-04 17:40:55 +0800 CST   ReadWrite     true
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    11. 
 
 
diff --git a/docs/cce/umn/cce_bestpractice_0312.html b/docs/cce/umn/cce_bestpractice_0312.html
index 5e65387fe..e03097194 100644
--- a/docs/cce/umn/cce_bestpractice_0312.html
+++ b/docs/cce/umn/cce_bestpractice_0312.html
@@ -1,18 +1,17 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Updating Resources Accordingly
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Updating Images
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The WordPress and MySQL images used in this example can be pulled from SWR. Therefore, the image pull failure (ErrImagePull) will not occur. If the application to be migrated is created from a private image, perform the following steps to update the image:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Updating Images
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The WordPress and MySQL images used in this example can be pulled from SWR. Therefore, the image pull failure (ErrImagePull) will not occur. If the application to be migrated is created from a private image, perform the following operations to update the image:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Migrate the image resources to SWR. For details, see Uploading an Image Through the Client.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2. Log in to the SWR console and obtain the image path used after the migration.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The image path is in the following format:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      'swr.{Region}.otc.t-systems.com/{Organization name}/{Image name}:{Tag}'
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3. Run the following command to modify the workload and replace the image field in the YAML file with the image path:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      kubectl edit deploy wordpress
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4. Check the running status of the workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Updating Services
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    After the cluster is migrated, the Service of the source cluster may fail to take effect. You can perform the following steps to update the Service. If ingresses are configured in the source cluster, connect the new cluster to ELB again after the migration. For details, see Using kubectl to Create a LoadBalancer Ingress.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Updating Services
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    After the cluster is migrated, the Service of the source cluster may fail to take effect. You can perform the following operations to update the Service. If ingresses are configured in the source cluster, connect the new cluster to ELB again after the migration. For details, see Using kubectl to Create a LoadBalancer Ingress.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Connect to the cluster using kubectl.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2. Edit the YAML file of the corresponding Service to change the Service type and port number.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      kubectl edit svc wordpress
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      To update load balancer resources, connect to ELB again. Add the annotations by following the procedure described in Creating a LoadBalancer Service.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      annotations: 
   kubernetes.io/elb.class: union # Shared load balancer
   kubernetes.io/elb.id: 9d06a39d-xxxx-xxxx-xxxx-c204397498a3    # Load balancer ID, which can be queried on the ELB console.
-  kubernetes.io/elb.subnet-id: f86ba71c-xxxx-xxxx-xxxx-39c8a7d4bb36    # ID of the subnet where the load balancer resides
   kubernetes.io/elb.session-affinity-mode: SOURCE_IP    # Enable the sticky session based on the source IP address.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3. Use a browser to check whether the Service is available.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
@@ -33,18 +32,17 @@ metadata:
 data:
   {Storage class name01 in the source cluster}: {Storage class name01 in the target cluster}
   {Storage class name02 in the source cluster}: {Storage class name02 in the target cluster}
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  11. Run the following command to apply the ConfigMap configuration:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    $ kubectl create -f change-storage-class.yaml
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  12. Run the following command to apply the ConfigMap configuration:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    kubectl create -f change-storage-class.yaml
 configmap/change-storageclass-plugin-config created
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    13. 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Method 2: Creating a storage class with the same name
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Run the following command to query the default storage class supported by CCE:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      kubectl get sc
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Information similar to the following is displayed:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      NAME                PROVISIONER                     RECLAIMPOLICY   VOLUMEBINDINGMODE      ALLOWVOLUMEEXPANSION   AGE
-csi-disk            everest-csi-provisioner         Delete          Immediate              true                   3d23h
-csi-disk-topology   everest-csi-provisioner         Delete          WaitForFirstConsumer   true                   3d23h
-csi-sfs             everest-csi-provisioner         Delete          Immediate              false                   3d23h
-csi-obs             everest-csi-provisioner         Delete          Immediate              false                  3d23h
-csi-sfsturbo        everest-csi-provisioner         Delete          Immediate              true                   3d23h
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Information similar to the following is displayed:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      csi-disk             everest-csi-provisioner         Delete          Immediate              true                   77d
+csi-disk-topology    everest-csi-provisioner         Delete          WaitForFirstConsumer   true                   77d
+csi-nas              everest-csi-provisioner         Delete          Immediate              true                   77d
+csi-obs              everest-csi-provisioner         Delete          Immediate              false                  77d
+csi-sfsturbo         everest-csi-provisioner         Delete          Immediate              true                   77d
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
-
-
-
-
-
@@ -93,7 +91,7 @@ metadata:
   uid: 4dbbe557-ddd1-4ce8-bb7b-7fa15459aac7
 parameters:
   csi.storage.k8s.io/csi-driver-name: obs.csi.everest.io
-  csi.storage.k8s.io/fstype: obsfs
+  csi.storage.k8s.io/fstype: s3fs
   everest.io/obs-volume-type: STANDARD
 provisioner: everest-csi-provisioner
 reclaimPolicy: Delete
diff --git a/docs/cce/umn/cce_bestpractice_0313.html b/docs/cce/umn/cce_bestpractice_0313.html
index 862f82063..385640154 100644
--- a/docs/cce/umn/cce_bestpractice_0313.html
+++ b/docs/cce/umn/cce_bestpractice_0313.html
@@ -3,7 +3,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Performing Additional Tasks
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Verifying Application Functions
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Cluster migration involves full migration of application data, which may cause intra-application adaptation problems. In this example, after the cluster is migrated, the redirection link of the article published in WordPress is still the original domain name. If you click the article title, you will be redirected to the application in the source cluster. Therefore, search for the original domain name in WordPress and replace it with the new domain name, change the values of site_url and primary URL in the database. For details, see Changing The Site URL.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Access the new address of the WordPress application. If the article published before the migration is displayed, the data of the persistent volume is successfully restored.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Switching Live Traffic to the Target Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      O&M personnel switch DNS to direct live traffic to the target cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • DNS traffic switching: Adjust the DNS configuration to switch traffic.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Client traffic switching: Upgrade the client code or update the configuration to switch traffic.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_bestpractice_0324.html b/docs/cce/umn/cce_bestpractice_0324.html
index e3cef0970..bcc6dc14c 100644
--- a/docs/cce/umn/cce_bestpractice_0324.html
+++ b/docs/cce/umn/cce_bestpractice_0324.html
@@ -2,16 +2,16 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Interconnecting GitLab with SWR and CCE for CI/CD
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Background
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      GitLab is an open source version management system developed with Ruby on Rails for Git project repository management. It supports web-based access to public and private projects. Similar to GitHub, GitLab allows you to browse source code, manage bugs and comments, and control team member access to repositories. You will find it very easy to view committed versions and file history database. Team members can communicate with each other using the built-in chat program (Wall).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Background
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      GitLab is an open-source version management system developed with Ruby on Rails for Git project repository management. It supports web-based access to public and private projects. Similar to GitHub, GitLab allows you to browse source code, manage bugs and comments, and control team member access to repositories. You will find it very easy to view committed versions and file history database. Team members can communicate with each other using the built-in chat program (Wall).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      GitLab provides powerful CI/CD functions and is widely used in software development.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Figure 1 GitLab CI/CD process
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Figure 1 GitLab CI/CD process
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      This section describes how to interconnect GitLab with SWR and CCE for CI/CD.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Preparations
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Create a CCE cluster and a node and bind an EIP to the node for downloading an image during GitLab Runner installation.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2. Download and configure kubectl to connect to the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      3. Install Helm 3.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Installing GitLab Runner
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Log in to GitLab, choose Settings > CI/CD in the project view, click Expand next to Runners, and search for the GitLab Runner registration URL and token.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Create the values.yaml file and fill in the following information:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      # Registration URL
 gitlabUrl: https://gitlab.com/
@@ -27,7 +27,7 @@ runners:
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      helm repo add gitlab https://charts.gitlab.io 
 helm install --namespace gitlab gitlab-runner -f values.yaml gitlab/gitlab-runner --version=0.43.1
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      After the installation, you can obtain the gitlab-runner workload on the CCE console and view the connection information in GitLab later.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Creating an Application
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Place the application to be created in the GitLab project repository. This section takes Nginx modification as an example. For details, visit https://gitlab.com/c8147/cidemo/-/tree/main.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The following files are included:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
@@ -36,7 +36,7 @@ helm install --namespace gitlab gitlab-runner -f values.yaml gitlab/gitlab-runne
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Configuring Global Variables
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      When using pipelines, build an image, upload it to SWR, and run kubectl commands to deploy the image in the cluster. Before performing these operations, you must log in to SWR and obtain the credential for connecting to the cluster. You can define the information as variables in GitLab.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Log in to GitLab, choose Settings > CI/CD in the project view, and click Expand next to Variables to add variables.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • kube_config
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        kubeconfig.json file used for kubectl command authentication. Run the following command on the host where kubectl is configured to convert the file to the Base64 format:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        echo $(cat ~/.kube/config | base64) | tr -d " "
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        The command output is the content of kubeconfig.json.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
@@ -48,14 +48,14 @@ helm install --namespace gitlab gitlab-runner -f values.yaml gitlab/gitlab-runne
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Creating a Pipeline
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Log in to GitLab and add the .gitlab-ci.yml file to Repository.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The content is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      # Define pipeline stages, including package, build, and deploy.
 stages:
   - package  
   - build
   - deploy
-# If no image is specified in each stage, the default image docker:latest is used.
+# If no image is specified in each stage, the default image docker:latest is used.
 image: docker:latest
 # In the package stage, only printing is performed.
 package:
@@ -96,16 +96,16 @@ deploy:
     # Deploy an application.
     - kubectl apply -f k8s.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      After the .gitlab-ci.yml file is saved, the pipeline is started immediately. You can view the pipeline execution status in GitLab.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Verifying Deployment
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      After the pipeline is deployed, locate the nginx-test Service on the CCE console, query its access address, and run the curl command to access the Service.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      # curl xxx.xxx.xxx.xxx:31111
 Hello Gitlab!
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If the preceding information is displayed, the deployment is correct.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Common Issues
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • If the following problem occurs during the deployment:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Common Issues
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • If the following problem occurs during the deployment:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Or
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Check whether the following commands are missing in the .gitlab-ci.yml file. If yes, add them to the .gitlab-ci.yml file.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          ...
   script:
@@ -115,7 +115,7 @@ Hello Gitlab!
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
     - echo $kube_config |base64 -d > $KUBECONFIG
     # Replace the image in the k8s.yaml file.
 ...
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • If Docker cannot be executed, information similar to the following will display.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • If Docker cannot be executed, information similar to the following will display.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          The privileged: true parameter fails to be transferred during GitLab Runner installation. As a result, you do not have the permissions to run the Docker command. To resolve this issue, find GitLab Runner in the workload list on the CCE console, add the environment variable KUBERNETES_PRIVILEGED, and set its value to true.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_bestpractice_0325.html b/docs/cce/umn/cce_bestpractice_0325.html
index 278fb1cb9..972cf7e33 100644
--- a/docs/cce/umn/cce_bestpractice_0325.html
+++ b/docs/cce/umn/cce_bestpractice_0325.html
@@ -9,7 +9,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Enabling Core Dump on a Node
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Log in to the node, run the following command to enable core dump, and set the path and format for storing core files:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          echo "/tmp/cores/core.%h.%e.%p.%t" > /proc/sys/kernel/core_pattern
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          %h, %e, %p, and %t are placeholders, which are described as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • %h: hostname (or pod name). You are advised to configure this parameter.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • %e: program file name. You are advised to configure this parameter.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • %p: (optional) process ID.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • %t: (optional) time of the core dump.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • %h: hostname (or pod name). You are advised to configure this parameter.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • %e: program file name. You are advised to configure this parameter.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • %p: (Optional) process ID
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • %t: (Optional) time of the core dump
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          After the core dump function is enabled by running the preceding command, the generated core file is named in the format of core.{Host name}.{Program file name}.{Process ID}.{Time}.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          You can also configure a pre-installation or post-installation script to automatically run this command when creating a node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
@@ -30,21 +30,21 @@ spec:
     - mountPath: /tmp/cores
       name: coredump-path
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Create the pod:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        kubectl create -f  pod.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Create a pod:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        kubectl create -f pod.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Verification
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Obtain the pod name:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        kubectl get pod
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Information similar to the following is displayed:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        NAME        READY   STATUS    RESTARTS   AGE
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Verification
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        1. Obtain the pod name:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          kubectl get pod
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Information similar to the following is displayed:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          NAME        READY   STATUS    RESTARTS   AGE
 coredump    1/1     Running   0          56s
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2. Access the container:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          kubectl exec -it coredump -- /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          After accessing the container, run the following command to trigger a segmentation fault of the current shell terminal:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          kill -s SIGSEGV $$
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Information similar to the following is displayed:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          command terminated with exit code 139
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        3. Log in to the node and check whether the core file has been generated in /home/coredump.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          ls /home/coredump
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          If information similar to the following is displayed, the core file has been generated.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          core.coredump.bash.18.1650438992
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        4. Access the container:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          kubectl exec -it coredump -- /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          After accessing the container, run the following command to trigger a segmentation fault of the current shell terminal:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          kill -s SIGSEGV $$
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Information similar to the following is displayed:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          command terminated with exit code 139
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        5. Log in to the node and check whether the core file has been generated in /home/coredump.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          ls /home/coredump
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          If information similar to the following is displayed, the core file has been generated.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          core.coredump.bash.18.1650438992
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_bestpractice_0326.html b/docs/cce/umn/cce_bestpractice_0326.html
index 7770d9c84..1c18e821f 100644
--- a/docs/cce/umn/cce_bestpractice_0326.html
+++ b/docs/cce/umn/cce_bestpractice_0326.html
@@ -23,7 +23,7 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Parent topic: Migrating Kubernetes Clusters to CCE
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Parent topic: Migrating Kubernetes Clusters to CCE Using Velero
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
diff --git a/docs/cce/umn/cce_bestpractice_0333.html b/docs/cce/umn/cce_bestpractice_0333.html
index e74350bad..75d526064 100644
--- a/docs/cce/umn/cce_bestpractice_0333.html
+++ b/docs/cce/umn/cce_bestpractice_0333.html
@@ -5,12 +5,12 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      This section describes how to use workload identities in CCE.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The cluster version must be v1.19.16 or later.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Procedure
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Obtain the public key of the cluster service account token from CCE. For details, see Step 1: Obtain the Public Key for Signature of the CCE Cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2. Create an identity provider on IAM. For details, see Step 2: Configure an Identity Provider.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      3. Obtain an IAM token from the workload and simulate an IAM user to access a cloud service. For details, see Step 3: Use a Workload Identity.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        The procedure is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        1. Deploy the application pod and obtain the OpenID Connect ID token file by mounting the identity provider.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2. Use the mounted OpenID Connect ID token file in programs in the pod to access IAM and obtain a temporary IAM token.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        3. Access the cloud service using the IAM token in programs in the pod.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Figure 1 Workflow
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Procedure
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        1. Obtain the signature public key of the cluster service account token from CCE. For details, see Step 1: Obtain the Signature Public Key of the CCE Cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2. Create an identity provider on IAM. For details, see Step 2: Configure an Identity Provider.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        3. Obtain an IAM token from the workload and simulate an IAM user to access a cloud service. For details, see Step 3: Use a Workload Identity.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          The figure below shows the workflow.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Figure 1 Workflow
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Obtain the public key issued by the cluster and register the cluster token controller as an IAM identity provider.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. Request the service account to generate an OIDC token.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. Deploy the application pod and mount the OIDC token to it.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4. Use the OIDC token to access IAM from the pod and obtain a temporary IAM token.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          5. Use the IAM token to access other cloud service resources from the pod.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Step 1: Obtain the Public Key for Signature of the CCE Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        1. Use kubectl to access the target cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2. Obtain the public key:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          kubectl get --raw /openid/v1/jwks
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Step 1: Obtain the Signature Public Key of the CCE Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Use kubectl to access the target cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. Obtain the public key:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            kubectl get --raw /openid/v1/jwks
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            The returned result is the public key of the cluster. The following is an example of the command output:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            # kubectl get --raw /openid/v1/jwks
 {"keys":[{"use":"sig","kty":"RSA","kid":"*****","alg":"RS256","n":"*****","e":"AQAB"}]}
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
@@ -20,10 +20,10 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Configuration Information
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Identity Provider URL: Enter https://kubernetes.default.svc.cluster.local.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Client ID: Enter a client ID, which will be used when you create a container.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              A client ID cannot contain only digits. If the client ID consists only of digits, enclose it in double quotation marks ("") when editing the YAML file for the workload. For example, if the client ID is 123456789, it should be entered as "123456789" in the YAML file.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Signing Key: Enter the JWKS of the CCE cluster obtained in Step 1: Obtain the Public Key for Signature of the CCE Cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. Signing Key: Enter the JWKS of the CCE cluster obtained in Step 1: Obtain the Signature Public Key of the CCE Cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            4. 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Identity Conversion Rules
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            An identity conversion rule maps the ServiceAccount of a workload to an IAM user.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            For example, create a ServiceAccount named oidc-token in namespace default of the cluster and map it to user group demo. If you use the identity provider ID to access cloud services, you have the permissions of the demo user group. The attribute must be sub. The value is in the format of system:serviceaccount:Namespace:ServiceAccountName.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            An identity conversion rule maps the service account of a workload to an IAM user.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            For example, create a service account named oidc-token in namespace default of the cluster and map it to user group demo. If you use the identity provider ID to access cloud services, you have the permissions of the demo user group. The attribute must be sub. The value is in the format of system:serviceaccount:Namespace:ServiceAccountName.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Rules are in the JSON format as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
@@ -53,11 +53,11 @@
 ]
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4. Click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Step 3: Use a Workload Identity
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Create a ServiceAccount, whose name must be the value of ServiceAccountName set in Step 2: Configure an Identity Provider.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            apiVersion: v1
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Step 3: Use a Workload Identity
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Create a service account, whose name must be the value of ServiceAccountName set in Step 2: Configure an Identity Provider.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              apiVersion: v1
 kind: ServiceAccount
 metadata:
   name: oidc-token
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            2. Mount the identity provider to the workload and obtain the OpenID Connect ID token file.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              An example is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              apiVersion: apps/v1
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            3. Mount the identity provider to the workload and obtain the OIDC token file.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              An example is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: nginx
@@ -81,7 +81,7 @@ spec:
           name: oidc-token
       imagePullSecrets:
       - name: default-secret
-      serviceAccountName: oidc-token      # Name of the created ServiceAccount
+      serviceAccountName: oidc-token      # Name of the created service account
       volumes:
       - name: oidc-token
         projected:
@@ -94,7 +94,7 @@ spec:
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            4. After the creation is complete, log in to the container. The content of the /var/run/secrets/tokens/oidc-token file is the service account token generated by Kubernetes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              If the service account token is used for more than 24 hours or 80% of its expiry period, kubelet will automatically rotate the service account token.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            5. Use the OpenID Connect ID token to call the API for Obtaining a Token with an OpenID Connect ID Token. The X-Subject-Token field in the response header is the IAM token. Then, you can use this token to access cloud services.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              The following shows an example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            6. Use the OIDC token to call the API for Obtaining a Token with an OpenID Connect ID Token. The X-Subject-Token field in the response header is the IAM token. Then, you can use this token to access cloud services.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              The following shows an example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              curl -i --location --request POST 'https://{{iam endpoint}}/v3.0/OS-AUTH/id-token/tokens' \
  --header 'X-Idp-Id: workload_identity' \
  --header 'Content-Type: application/json' \
diff --git a/docs/cce/umn/cce_bestpractice_0346.html b/docs/cce/umn/cce_bestpractice_0346.html
index 9bb63961a..4cfd238c3 100644
--- a/docs/cce/umn/cce_bestpractice_0346.html
+++ b/docs/cce/umn/cce_bestpractice_0346.html
@@ -5,12 +5,12 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            CoreDNS configuration optimization includes clients and servers.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            On the client, you can optimize domain name resolution requests to reduce resolution latency, and use proper container images and NodeLocal DNSCache to reduce resolution exceptions.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
+
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            On the server, you can adjust the CoreDNS deployment status or CoreDNS configuration to improve the availability and throughput of CoreDNS in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            For more information about CoreDNS configurations, see https://coredns.io/.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            CoreDNS open source community: https://github.com/coredns/coredns
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            CoreDNS open-source community: https://github.com/coredns/coredns
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • You have created a CCE cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • You can access the cluster using kubectl.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • The CoreDNS add-on is installed in the cluster. The latest version of CoreDNS is recommended.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
diff --git a/docs/cce/umn/cce_bestpractice_0347.html b/docs/cce/umn/cce_bestpractice_0347.html
index 5d1ce831d..c845e25cd 100644
--- a/docs/cce/umn/cce_bestpractice_0347.html
+++ b/docs/cce/umn/cce_bestpractice_0347.html
@@ -10,6 +10,8 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            2. 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. Avoiding Occasional DNS Resolution Timeout Caused by IPVS Defects
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            3. 
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. Using NodeLocal DNSCache
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            4. 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4. Upgrading the CoreDNS in the Cluster Timely
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            5. 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          5. Adjusting the DNS Configuration of the VPC and VM
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
diff --git a/docs/cce/umn/cce_bestpractice_0348.html b/docs/cce/umn/cce_bestpractice_0348.html
index 4e7d6d5a4..27d5a4be5 100644
--- a/docs/cce/umn/cce_bestpractice_0348.html
+++ b/docs/cce/umn/cce_bestpractice_0348.html
@@ -6,9 +6,11 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Optimizing the resolve.conf File in the Container
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          The ndots and search parameters in the resolve.conf file determine the domain name resolution efficiency. For details about the two parameters, see DNS Configuration.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Optimizing the Domain Name Configuration
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          When a container needs to access a domain name, configure the domain name based on the following rules to improve the domain name resolution efficiency.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. When a pod accesses a Service in the same namespace, use <service-name>, which indicates the Service name.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. When a pod accesses a Service across namespaces, use <service-name>.<namespace-name>. namespace-name indicates the namespace where the Service is located.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. When a pod accesses an external domain name of a cluster, it uses the FQDN domain name. This type of domain name is specified by adding a period (.) at the end of a common domain name to avoid multiple invalid search attempts caused by search domain combination.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Optimizing the Domain Name Configuration
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          When a container needs to access a domain name, configure the domain name based on the following rules to improve the domain name resolution efficiency.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. When a pod accesses a Service in the same namespace, use <service-name>, which indicates the Service name.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. When a pod accesses a Service across namespaces, use <service-name>.<namespace-name>. <namespace-name> indicates the namespace where the Service is located.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. When a pod accesses a domain name outside the cluster, it uses the FQDN domain name. This type of domain name is specified by adding a period (.) at the end of a typical domain name to avoid multiple invalid search attempts caused by search domain combination.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Using Local Cache
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          If the cluster specifications are large and the number of DNS resolution requests is large, you can cache the DNS resolution result on the node. You are advised to use NodeLocal DNSCache. For details, see Using NodeLocal DNSCache to Improve DNS Performance.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_bestpractice_0350.html b/docs/cce/umn/cce_bestpractice_0350.html
index d8bb92929..6eddcae5a 100644
--- a/docs/cce/umn/cce_bestpractice_0350.html
+++ b/docs/cce/umn/cce_bestpractice_0350.html
@@ -4,7 +4,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          When kube-proxy uses IPVS load balancing, you may encounter DNS resolution timeout occasionally during CoreDNS scale-in or restart.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          This problem is caused by a Linux kernel defect. For details, see https://github.com/torvalds/linux/commit/35dfb013149f74c2be1ff9c78f14e6a3cd1539d1.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          You can use NodeLocal DNSCache to minimize the impact of IPVS defects.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          You can use NodeLocal DNSCache to minimize the impact of IPVS defects. For details, see Using NodeLocal DNSCache to Improve DNS Performance.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_bestpractice_0351.html b/docs/cce/umn/cce_bestpractice_0351.html
new file mode 100644
index 000000000..2e07518ef
--- /dev/null
+++ b/docs/cce/umn/cce_bestpractice_0351.html
@@ -0,0 +1,16 @@
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Using NodeLocal DNSCache
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Challenges
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          When the number of DNS requests in a cluster increases, the load of CoreDNS increases and the following issues may occur:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Increased delay: CoreDNS needs to process more requests, which may slow down the DNS query and affect service performance.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Increased resource usage: To ensure DNS performance, CoreDNS requires higher specifications.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          NodeLocal DNSCache can improve the stability and performance of service discovery.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          For details about NodeLocal DNSCache and how to deploy it in a cluster, see Using NodeLocal DNSCache to Improve DNS Performance.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Parent topic: Client
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
diff --git a/docs/cce/umn/cce_bestpractice_0356.html b/docs/cce/umn/cce_bestpractice_0356.html
index ca37a977a..cae79cbee 100644
--- a/docs/cce/umn/cce_bestpractice_0356.html
+++ b/docs/cce/umn/cce_bestpractice_0356.html
@@ -19,7 +19,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        3. Click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Automatically Expanding the CoreDNS Capacity Based on the HPA
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        HPA frequently scales down the number of the coredns add-on replicas. Therefore, you are advised not to use HPA. If HPA is required, you can configure HPA auto scaling policies using the CCE Advanced HPA add-on. The process is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        1. Log in to the CCE console and click the name of the target cluster to access the cluster console. In the navigation pane, choose Add-ons, locate the CCE Advanced HPA add-on on the right, and click Install.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2. Configure the add-on parameters and click Install.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        3. In the navigation pane, choose Workloads, select the kube-system namespace, locate the row containing the CoreDNS pod, and click Auto Scaling in the Operation column.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          In the HPA Policies area, you can customize HPA policies based on metrics such as CPU usage and memory usage to automatically scale out the CoreDNS pods.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Log in to the CCE console and click the name of the target cluster to access the cluster console. In the navigation pane, choose Add-ons, locate the CCE Advanced HPA add-on on the right, and click Install.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. Configure the add-on parameters and click Install.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. In the navigation pane, choose Workloads, select the kube-system namespace, locate the row containing the CoreDNS pod, and click Auto Scaling in the Operation column.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            In the HPA Policies area, you can customize HPA policies based on metrics such as CPU usage and memory usage to automatically scale out the CoreDNS pods.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4. Click Create. If the latest status is Started, the policy has taken effect.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_bestpractice_0357.html b/docs/cce/umn/cce_bestpractice_0357.html
index 183647aaa..053ee32a3 100644
--- a/docs/cce/umn/cce_bestpractice_0357.html
+++ b/docs/cce/umn/cce_bestpractice_0357.html
@@ -6,7 +6,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Configuring CoreDNS Specifications
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2. In the navigation pane, choose Add-ons. Then, click Edit under CoreDNS.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        3. In the Specifications area, configure coredns specifications.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        4. Change the number of replicas, CPU quotas, and memory quotas as needed to adjust the domain name resolution QPS provided by CoreDNS.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        5. Click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Properly Configuring the Stub Domain for DNS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2. In the navigation pane, choose Add-ons. Then, click Edit under CoreDNS.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        3. Add a stub domain in the Parameters area. The format is a key-value pair. The key is a DNS suffix domain name, and the value is a DNS IP address or a group of DNS IP addresses, for example, consul.local -- 10.150.0.1.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Corefile:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          .:5353 {
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Properly Configuring the Stub Domain for DNS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. In the navigation pane, choose Add-ons. Then, click Edit under CoreDNS.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. Add a stub domain in the Parameters area. The format is a key-value pair. The key is a DNS suffix domain name, and the value is a DNS IP address or a group of DNS IP addresses, for example, consul.local -- 10.150.0.1.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Corefile:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            .:5353 {
     bind {$POD_IP}
     cache 30 {
         servfail 5s
@@ -35,7 +35,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4. Click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          5. Choose ConfigMaps and Secrets in the navigation pane, select the kube-system namespace, and view the ConfigMap data of coredns to check whether the update is successful.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Properly Configuring the Host
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          To specify hosts for a specific domain name, you can use the hosts add-on. An example is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. In the navigation pane, choose Add-ons. Then, click Edit under CoreDNS.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. Edit extended parameters in Parameters and add the following content to the plugins field:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            {
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            2. In the navigation pane, choose Add-ons. Then, click Edit under CoreDNS.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            3. Edit extended parameters in Parameters and add the following content to the plugins field:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              {
   "configBlock": "192.168.1.1 www.example.com\nfallthrough",
   "name": "hosts"
 }
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
@@ -66,6 +66,38 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        4. Click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        5. Choose ConfigMaps and Secrets in the navigation pane, select the kube-system namespace, and view the ConfigMap data of coredns to check whether the update is successful.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Configuring the Default Protocol Between the forward Plug-in and the Upstream DNS Service
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        1. The NodeLocal DNSCache uses TCP to communicate with the CoreDNS. The CoreDNS communicates with the upstream DNS server based on the protocol used by the request source. By default, external domain name resolution requests from service containers pass through NodeLocal DNSCache and CoreDNS in sequence, and finally request the DNS server in the VPC using TCP.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2. However, the cloud server does not support TCP. To use NodeLocal DNSCache, modify the CoreDNS configuration so that UDP is preferentially used to communicate with the upstream DNS server, preventing resolution exceptions. You are advised to use the following method to modify the CoreDNS configuration file:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          The forward plug-in is used to set the upstream Nameservers DNS server. The following parameters are included:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          prefer_udp: Even if a request is received through TCP, UDP must be used first.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          If you want CoreDNS to preferentially use UDP to communicate with upstream systems, set the protocol in the forward plug-in to prefer_udp. For details about the forward plug-in, see https://coredns.io/plugins/forward/.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. In the navigation pane, choose Add-ons. Then, click Edit under CoreDNS.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. Edit the advanced configuration under Parameters and modify the following content in the plugins field:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            {
+    "configBlock": "prefer_udp",
+    "name": "forward",
+    "parameters": ". /etc/resolv.conf"
+}
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Corefile:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Corefile: |-
+  .:5353 {
+      bind {$POD_IP}
+      cache 30 {
+          servfail 5s
+      }
+      errors
+      health {$POD_IP}:8080
+      kubernetes cluster.local in-addr.arpa ip6.arpa {
+          pods insecure
+          fallthrough in-addr.arpa ip6.arpa
+      }
+      loadbalance round_robin
+      prometheus {$POD_IP}:9153
+      forward . /etc/resolv.conf {
+          prefer_udp
+      }
+      reload
+      ready {$POD_IP}:8081
+  }
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Configuring IPv6 Resolution Properly
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        If the IPv6 kernel module is not disabled on the Kubernetes cluster host machine, the container initiates IPv4 and IPv6 resolution at the same time by default when requesting the coredns add-on. Generally, only IPv4 addresses are used. Therefore, if you only configure DOMAIN in IPv4 address, the coredns add-on forwards the request to the upstream DNS server for resolution because the local configuration cannot be found. As a result, the DNS resolution request of the container slows down.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        CoreDNS provides the template plug-in. After being configured, CoreDNS can immediately return an empty response to all IPv6 requests to prevent the requests from being forwarded to the upstream DNS.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2. In the navigation pane, choose Add-ons. Then, click Edit under CoreDNS.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        3. Edit extended parameters in Parameters and add the following content to the plugins field.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • AAAA indicates an IPv6 resolution request. If NXDOMAIN is returned in the rcode control response, meaning that no resolution result is returned.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
@@ -104,7 +136,7 @@
     "name": "cache",
     "parameters": 30
 }
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        4. Click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        5. In the navigation pane, choose ConfigMaps and Secrets. Select the kube-system namespace, view the data of the ConfigMap named coredns to check whether the update is successful.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Corresponding Corefile content:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          .:5353 {
     bind {$POD_IP}
diff --git a/docs/cce/umn/cce_bestpractice_10001.html b/docs/cce/umn/cce_bestpractice_10001.html
index 2943557a3..1745f8c6f 100644
--- a/docs/cce/umn/cce_bestpractice_10001.html
+++ b/docs/cce/umn/cce_bestpractice_10001.html
@@ -6,18 +6,18 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Several release policies are developed for service upgrade: grayscale release, blue-green deployment, A/B testing, rolling upgrade, and batch suspension of release. Traffic loss or service unavailability caused by releases can be avoided as much as possible.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          This document describes the principles and practices of grayscale release and blue-green deployment.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Grayscale release, also called canary release, is a smooth iteration mode for version upgrade. During the upgrade, some users use the new version, while other users continue to use the old version. After the new version is stable and ready, it gradually takes over all the live traffic. In this way, service risks brought by the release of the new version can be minimized, the impact of faults can be reduced, and quick rollback is supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            The following figure shows the general process of grayscale release. First, divide 20% of all service traffic to the new version. If the service version runs normally, gradually increase the traffic proportion and continue to test the performance of the new version. If the new version is stable, switch all traffic to it and bring the old version offline.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            If an exception occurs in the new version when 20% of the traffic goes to the new version, you can quickly switch back to the old version.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Blue-green deployment provides a zero-downtime, predictable manner for releasing applications to reduce service interruption during the release. A new version is deployed while the old version is retained. The two versions are online at the same time. The new and old versions work in hot backup mode. The route weight is switched (0 or 100) to enable different versions to go online or offline. If a problem occurs, the version can be quickly rolled back.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Blue-green deployment provides a zero-downtime, predictable manner for releasing applications to reduce service interruption during the release. A new version is deployed while the old version is retained. The two versions are online at the same time. The new and old versions work in hot backup mode. The route weight is switched (0 or 100) to enable different versions to go online or offline. If a problem occurs, the version can be quickly rolled back.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_bestpractice_10002.html b/docs/cce/umn/cce_bestpractice_10002.html
index 03ff92c86..59c122140 100644
--- a/docs/cce/umn/cce_bestpractice_10002.html
+++ b/docs/cce/umn/cce_bestpractice_10002.html
@@ -1,14 +1,14 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Using Services to Implement Simple Grayscale Release and Blue-Green Deployment
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        To implement grayscale release for a CCE cluster, deploy other open source tools, such as Nginx Ingress, to the cluster or deploy services to a service mesh. These solutions are difficult to implement. If your grayscale release requirements are simple and you do not want to introduce too many plug-ins or complex configurations, you can refer to this section to implement simple grayscale release and blue-green deployment based on native Kubernetes features.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        To implement grayscale release for a CCE cluster, deploy other open-source tools, such as Nginx Ingress, to the cluster or deploy services to a service mesh. These solutions are difficult to implement. If your grayscale release requirements are simple and you do not want to introduce too many plug-ins or complex configurations, you can refer to this section to implement simple grayscale release and blue-green deployment based on native Kubernetes features.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Principles
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Users usually use Kubernetes objects such as Deployments and StatefulSets to deploy services. Each workload manages a group of pods. The following figure uses Deployment as an example.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Generally, a Service is created for each workload. The Service uses the selector to match the backend pod. Other Services or objects outside the cluster can access the pods backing the Service. If a pod needs to be exposed, set the Service type to LoadBalancer. The ELB load balancer functions as the traffic entrance.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Grayscale release principles
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Take a Deployment as an example. A Service, in most cases, will be created for each Deployment. However, Kubernetes does not require that Services and Deployments correspond to each other. A Service uses a selector to match backend pods. If pods of different Deployments are selected by the same selector, a Service corresponds to multiple versions of Deployments. You can adjust the number of replicas of Deployments of different versions to adjust the weights of services of different versions to achieve grayscale release. The following figure shows the process:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Blue-green deployment principles
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Take a Deployment as an example. Two Deployments of different versions have been deployed in the cluster, and their pods are labeled with the same key but different values to distinguish versions. A Service uses the selector to select the pod of a Deployment of a version. In this case, you can change the value of the label that determines the version in the Service selector to change the pod backing the Service. In this way, you can directly switch the service traffic from one version to another. The following figure shows the process:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        The Nginx image has been uploaded to SWR. The Nginx images have two versions: v1 and v2. The welcome pages are Nginx-v1 and Nginx-v2.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_bestpractice_10009.html b/docs/cce/umn/cce_bestpractice_10009.html
index ad86aebf2..218f96aa8 100644
--- a/docs/cce/umn/cce_bestpractice_10009.html
+++ b/docs/cce/umn/cce_bestpractice_10009.html
@@ -4,7 +4,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Application Scenarios
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Generally, a user has different clusters for different purposes, such as production, testing, and development. To monitor, collect, and view metrics of these clusters, you can deploy a set of Prometheus.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Solution Architecture
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Multiple clusters are connected to the same Prometheus monitoring system, as shown in the following figure. This reduces maintenance and resource costs and facilitates monitoring information aggregation.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • The target cluster has been created.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Prometheus has been properly connected to the target cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Prometheus has been installed on a Linux host using a binary file. For details, see Installation.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
@@ -72,13 +72,13 @@ subjects:
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Obtain the serviceaccount information.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        kubectl describe sa prometheus-test -n kube-system
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        kubectl describe secret prometheus-test-token-hdhkg -n kube-system
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Record the token value, which is the bearer_token information to be collected.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2. Configure bearer_token information.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Log in to the host where Prometheus is located, go to the Prometheus installation directory, and save the token information of the target cluster in a file.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3. Configure a Prometheus monitoring job.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The example job monitors container metrics. To monitor other metrics, you can add jobs and compile capture rules.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        - job_name: k8s_cAdvisor
     scheme: https
@@ -130,8 +130,8 @@ subjects:
       replacement: xxxx    ## (Optional) Enter the cluster information.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4. Enable Prometheus.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      After the configuration, enable Prometheus.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      ./prometheus --config.file=prometheus.yml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    5. Log in to Prometheus and view the monitoring information.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    6. Log in to Prometheus and view the monitoring information.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      7. 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_bestpractice_10010.html b/docs/cce/umn/cce_bestpractice_10010.html
index dbdbddaab..948986718 100644
--- a/docs/cce/umn/cce_bestpractice_10010.html
+++ b/docs/cce/umn/cce_bestpractice_10010.html
@@ -1,12 +1,12 @@
 
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Pre-Binding Container ENI for CCE Turbo Clusters
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      In the Cloud Native 2.0 network model, each pod is allocated an ENI or a sub-ENI (called container ENI). The speed of ENI creation and binding is slower than that of pod scaling, severely affecting the container startup speed in large-scale batch creation. Therefore, the Cloud Native Network 2.0 model provides the dynamic pre-binding of container ENIs to accelerate pod startup while improving IP resource utilization.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • CCE Turbo clusters of 1.19.16-r4, 1.21.7-r0, 1.23.5-r0, 1.25.1-r0 or later support ENI pre-binding, global configuration at the cluster level, and custom settings at the node pool level. Custom settings of nodes out of a node pool is not supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • CCE Turbo clusters of 1.19.16-r2, 1.21.5-r0, 1.23.3-r0 to 1.19.16-r4, 1.21.7-r0, 1.23.5-r0 only support two parameters, nic-minimum-target and nic-warm-target, and do not support custom settings at the node pool level.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Modify the dynamic pre-binding parameters using the console or API instead of the node annotations in the background. Otherwise, the modified annotations will be overwritten by the original values after the cluster is upgraded.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Pre-Binding Container Elastic Network Interfaces for CCE Turbo Clusters
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      In the Cloud Native 2.0 network model, each pod is allocated an elastic network interface or a supplementary network interface. The speed of elastic network interface creation and binding is slower than that of pod scaling, severely affecting the container startup speed in large-scale batch creation. Therefore, the Cloud Native Network 2.0 model provides the dynamic pre-binding of container elastic network interfaces to accelerate pod startup while improving IP resource utilization.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • CCE Turbo clusters of 1.19.16-r4, 1.21.7-r0, 1.23.5-r0, 1.25.1-r0 or later support pre-binding of elastic network interfaces, global configuration at the cluster level, and custom settings at the node pool level. Custom settings of nodes out of a node pool is not supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • CCE Turbo clusters of 1.19.16-r2, 1.21.5-r0, 1.23.3-r0 to 1.19.16-r4, 1.21.7-r0, 1.23.5-r0 only support two parameters, nic-minimum-target and nic-warm-target, and do not support custom settings at the node pool level.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Modify the dynamic pre-binding parameters using the console or API instead of the node annotations in the background. Otherwise, the modified annotations will be overwritten by the original values after the cluster is upgraded.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      How It Works
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      CCE Turbo provides four dynamic pre-binding parameters for container ENIs. You can properly configure the parameters based on your service requirements. (The node pool-level dynamic ENI pre-binding parameters take priority over the cluster-level dynamic ENI pre-binding parameters.)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      How It Works
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      CCE Turbo provides four dynamic pre-binding parameters for container elastic network interfaces. You can properly configure the parameters based on your service requirements. (The node pool-level dynamic elastic network interface pre-binding parameters take priority over the cluster-level dynamic elastic network interface pre-binding parameters.)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Table 1 Storage classes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Storage Class
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
@@ -55,27 +53,27 @@ csi-sfsturbo        everest-csi-provisioner         Delete          Immediate
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      csi-disk
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      EVS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      EVS disk
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      csi-disk-topology
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      EVS with delayed binding
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      EVS disk with delayed binding
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      csi-sfs
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      csi-nas
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      SFS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      File system (SFS 1.0)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      csi-obs
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      OBS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      OBS bucket
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      csi-sfsturbo
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      SFS Turbo
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      SFS Turbo file system
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Table 1 Parameters of the dynamic ENI pre-binding policy
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
@@ -20,8 +20,8 @@
 
-
@@ -30,9 +30,9 @@
 
-
@@ -41,8 +41,8 @@
 
-
@@ -51,8 +51,8 @@
 
-
@@ -72,7 +72,7 @@
 
-
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Table 1 Parameters of the dynamic elastic network interface pre-binding policy
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Default Value
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      10
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Minimum number of container ENIs bound to a node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The parameter value must be a positive integer. The value 10 indicates that there are at least 10 container ENIs bound to a node. If the number you entered exceeds the container ENI quota of the node, the ENI quota will be used.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Minimum number of container elastic network interfaces bound to a node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The parameter value must be a positive integer. The value 10 indicates that there are at least 10 container elastic network interfaces bound to a node. If the number you entered exceeds the container elastic network interface quota of the node, the elastic network interface quota of the node will be used.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Configure these parameters based on the number of pods.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      0
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If the number of ENIs bound to a node exceeds the value of nic-maximum-target, the system does not proactively pre-bind ENIs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If the value of this parameter is greater than or equal to the value of nic-minimum-target, the check on the maximum number of the pre-bound ENIs is enabled. Otherwise, the check is disabled.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The parameter value must be a positive integer. The value 0 indicates that the check on the upper limit of pre-bound container ENIs is disabled. If the number you entered exceeds the container ENI quota of the node, the ENI quota will be used.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If the number of elastic network interfaces bound to a node exceeds the value of nic-maximum-target, the system does not proactively pre-bind elastic network interfaces.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If the value of this parameter is greater than or equal to the value of nic-minimum-target, the check on the maximum number of the pre-bound elastic network interfaces is enabled. Otherwise, the check is disabled.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The parameter value must be a positive integer. The value 0 indicates that the check on the upper limit of pre-bound container elastic network interfaces is disabled. If the number you entered exceeds the container elastic network interface quota of the node, the elastic network interface quota of the node will be used.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Configure these parameters based on the number of pods.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Minimum number of pre-bound ENIs on a node. The value must be a number.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      When the value of nic-warm-target + the number of bound ENIs is greater than the value of nic-maximum-target, the system will pre-bind ENIs based on the difference between the value of nic-maximum-target and the number of bound ENIs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Minimum number of pre-bound elastic network interfaces on a node. The value must be a number.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      When the value of nic-warm-target + the number of bound elastic network interfaces is greater than the value of nic-maximum-target, the system will pre-bind elastic network interfaces based on the difference between the value of nic-maximum-target and the number of bound elastic network interfaces.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Set this parameter to the number of pods that can be scaled out instantaneously within 10 seconds.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Only when the number of idle ENIs on a node minus the value of nic-warm-target is greater than the threshold, the pre-bound ENIs will be unbound and reclaimed. The value can only be a number.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Setting a larger value of this parameter slows down the recycling of idle ENIs and accelerates pod startup. However, the IP address usage decreases, especially when IP addresses are insufficient. Therefore, exercise caution when increasing the value of this parameter.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Setting a smaller value of this parameter accelerates the recycling of idle ENIs and improves the IP address usage. However, when a large number of pods increase instantaneously, the startup of some pods slows down.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Only when the number of idle elastic network interfaces on a node minus the value of nic-warm-target is greater than the threshold, the pre-bound elastic network interfaces will be unbound and reclaimed. The value can only be a number.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Setting a larger value of this parameter slows down the recycling of idle elastic network interfaces and accelerates pod startup. However, the IP address usage decreases, especially when IP addresses are insufficient. Therefore, exercise caution when increasing the value of this parameter.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Setting a smaller value of this parameter accelerates the recycling of idle elastic network interfaces and improves the IP address usage. However, when a large number of pods increase instantaneously, the startup of some pods slows down.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Set this parameter based on the difference between the number of pods that are frequently scaled on most nodes within minutes and the number of pods that are instantly scaled out on most nodes within 10 seconds.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      All nodes use the c7.4xlarge.2 model (sub-ENI quota: 128).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      All nodes use the c7.4xlarge.2 model (supplementary network interface quota: 128).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Most nodes run about 20 pods.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Most nodes can run a maximum of 60 pods.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Most nodes can scale out 10 pods within 10 seconds.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
@@ -84,7 +84,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Node pool
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      A node pool that uses the c7.8xlarge.2 high-specification model is created in the cluster. (sub-ENI quota: 256)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      A node pool that uses the c7.8xlarge.2 high-specification model is created in the cluster. (supplementary network interface quota: 256)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Most nodes run about 100 pods.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Most nodes can run a maximum of 128 pods.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Most nodes can scale out 10 pods within 10 seconds.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
@@ -100,9 +100,9 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Pods using HostNetwork are excluded.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Cluster-level Global Configuration
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Log in to the CCE console. In the navigation pane, choose Clusters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2. Click  next to the target cluster and choose Manage.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      3. In the window that slides out from the right, click Networking Components. For details about the parameter configurations, see Configuration Example.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      4. After the configuration is complete, click OK. Wait for about 10 seconds for the configuration to take effect.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Cluster-level Global Configuration
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Log in to the CCE console. In the navigation pane, choose Clusters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2. Click  next to the target cluster and choose Manage.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      3. In the window that slides out from the right, click Networking Components. For details about the parameter configurations, see Configuration Example.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      4. After the configuration is complete, click OK. Wait for about 10 seconds for the configuration to take effect.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Custom Settings at the Node Pool Level
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2. Click the cluster name to access the cluster console, choose Nodes in the navigation pane, and click the Node Pools tab.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      3. Locate the row containing the target node pool and click Manage.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      4. In the window that slides out from the right, click Networking Components and enable node pool container ENI pre-binding. For details about the parameter configurations, see Configuration Example.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Custom Settings at the Node Pool Level
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2. Click the cluster name to access the cluster console, choose Nodes in the navigation pane, and click the Node Pools tab.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        3. Locate the row containing the target node pool and click Manage.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        4. In the window that slides out from the right, click Networking Components and enable node pool container elastic network interface pre-binding. For details about the parameter configurations, see Configuration Example.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        5. After the configuration is complete, click OK. Wait for about 10 seconds for the configuration to take effect.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_bestpractice_10012.html b/docs/cce/umn/cce_bestpractice_10012.html
index 6b8c7d7f9..f08e1dfcd 100644
--- a/docs/cce/umn/cce_bestpractice_10012.html
+++ b/docs/cce/umn/cce_bestpractice_10012.html
@@ -18,7 +18,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      On a node using the OverlayFS, when an image is pulled, the .tar package is decompressed after being downloaded. During this process, the .tar package and the decompressed image file are stored in the dockersys volume, occupying about twice the actual image storage capacity. After the decompression is complete, the .tar package is deleted. Therefore, during image pull, after deducting the storage capacity occupied by the system add-on images, ensure that the remaining capacity of the dockersys volume is greater than twice the actual image storage capacity. To ensure that the containers can run stably, reserve certain capacity in the dockersys volume for container logs and other related files.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      When selecting a data disk, consider the following formula:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Capacity of dockersys volume > Actual total image storage capacity x 2 + Total system add-on image storage capacity (about 2 GiB) + Number of containers x Available storage capacity for a single container (about 1 GiB log storage capacity for each container)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If container logs are output in the json.log format, they will occupy some capacity in the dockersys volume. If container logs are stored on persistent storage, they will not occupy capacity in the dockersys volume. Estimate the capacity of every container as required.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If container logs are output in the json.log format, they will occupy some capacity in the dockersys volume. If container logs are stored on persistent storage, they will not occupy capacity in the dockersys volume. Estimate the capacity of every container as required.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Assume that the node uses the OverlayFS and the data disk attached to this node is 20 GiB. According to the preceding methods, the capacity for storing container engines and images occupies 90% of the data disk capacity, and the capacity for the dockersys volume is 18 GiB (20 GiB x 90%). Additionally, mandatory add-ons may occupy about 2 GiB storage capacity during cluster creation. If you deploy a .tar package of 10 GiB, the package decompression takes 20 GiB of the dockersys volume's storage capacity. This, coupled with the storage capacity occupied by mandatory add-ons, exceeds the remaining capacity of the dockersys volume. As a result, the image pull may fail.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
@@ -29,7 +29,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      On a node using the Device Mapper storage driver, when an image is pulled, the .tar package is temporarily stored in the dockersys volume. After the .tar package is decompressed, the image file is stored in the thinpool volume, and the package in the dockersys volume will be deleted. Therefore, during image pull, ensure that the dockersys partition space and thinpool space are sufficient, and note that the former is smaller than the latter. To ensure that the containers can run stably, reserve certain capacity in the dockersys volume for container logs and other related files.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      When selecting a data disk, consider the following formulas:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Capacity for dockersys volume > Temporary storage capacity of the .tar package (approximately equal to the actual total image storage capacity) + Number of containers x Storage capacity of a single container (about 1 GiB log storage capacity must be reserved for each container)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Capacity for thinpool volume > Actual total image storage capacity + Total add-on image storage capacity (about 2 GiB)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If container logs are output in the json.log format, they will occupy some capacity in the dockersys volume. If container logs are stored on persistent storage, they will not occupy capacity in the dockersys volume. Estimate the capacity of every container as required.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If container logs are output in the json.log format, they will occupy some capacity in the dockersys volume. If container logs are stored on persistent storage, they will not occupy capacity in the dockersys volume. Estimate the capacity of every container as required.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Assume that the node uses the Device Mapper and the data disk attached to this node is 20 GiB. According to the preceding methods, the container engine and image storage capacity occupies 90% of the data disk capacity, and the disk usage of the dockersys volume is 3.6 GiB. Additionally, the storage capacity of the mandatory add-ons may occupy about 2 GiB of the dockersys volume during cluster creation. The remaining storage capacity is about 1.6 GiB. If you deploy a .tar image package larger than 1.6 GiB, the storage capacity of the dockersys volume is insufficient for the package to be decompressed. As a result, the image pull may fail.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_bestpractice_10016.html b/docs/cce/umn/cce_bestpractice_10016.html
index fdb500369..16a69b3e2 100644
--- a/docs/cce/umn/cce_bestpractice_10016.html
+++ b/docs/cce/umn/cce_bestpractice_10016.html
@@ -2,66 +2,72 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Suggestions on CCE Cluster Selection
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      When you use CCE to create a Kubernetes cluster, there are multiple configuration options and terms. This section compares the key configurations for CCE clusters and provides recommendations to help you create a cluster that better suits your needs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Cluster Types
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      CCE supports CCE Turbo clusters and CCE standard clusters to meet your requirements. This section describes the differences between these two types of clusters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Cluster Types
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      CCE supports multiple cluster types for your service requirements. The differences between the cluster types are listed in the table below.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Table 1 Cluster types
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Category
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
@@ -74,89 +80,109 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      After a cluster is created, the network model cannot be changed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Cluster Type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Subcategory
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      CCE Standard
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      CCE Turbo Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      CCE Standard Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      CCE Turbo
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Positioning
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Positioning
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Standard clusters that provide highly reliable and secure containers for commercial use
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Next-gen container cluster designed for Cloud Native 2.0, with accelerated computing, networking, and scheduling
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Standard cluster for common commercial use
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Next-generation clusters designed for Cloud Native 2.0, with accelerated compute, networking, and scheduling
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Node type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Application scenario
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Deployment of VMs
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      For users who expect to use container clusters to manage applications, obtain elastic compute resources, and enable simplified management on compute, network, and storage resources
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Deployment of VMs
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      For users who have higher requirements on performance, resource utilization, and full-scenario coverage
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Networking
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Network model
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Model
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Cloud native 1.0 networks: for scenarios where requirements on performance are not high and there are not so many containers
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Tunnel network
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Virtual Private Cloud (VPC) network
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Cloud Native 2.0 networks: for scenarios where requirements on performance are high and there are many containers
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Max networking scale: 2,000 nodes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Cloud native 1.0 networks: for scenarios where requirements on performance are not high and there are not so many containers
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Tunnel network model
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • VPC network model
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Cloud Native 2.0 networks: for scenarios where there are many containers and need high performance
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      A maximum of 2000 nodes is supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Performance
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      hostPort
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Flattens the VPC network and container network into one, achieving zero performance loss.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Overlays the VPC network with the container network, causing certain performance loss.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Not supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Container network isolation
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Network performance
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Associates pods with security groups. Unifies security isolation in and out the cluster via security groups' network policies.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The container network is overlaid with the VPC network, causing certain performance loss.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Tunnel network model: supports network policies for intra-cluster communications.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • VPC network model: supports no isolation.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The VPC network and container network are flattened into one for zero performance loss.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Security
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Network isolation
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Isolation
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Tunnel networks: network policies for communications within a cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • VPC networks: isolation not supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • VM: runs common containers, isolated by cgroups.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Pods can be associated with security groups for isolation. This isolation policy, based on security groups, ensures consistent security isolation both within and outside a cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Runs common containers, isolated by cgroups.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Container resource isolation
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      cgroups are used to isolate common containers.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • VM-level isolation is supported for secure containers that run only on physical machines.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • cgroups are used to isolate common containers.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Edge infrastructure management
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Not supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Management of CloudPond edge sites
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Table 2 Network model comparison
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Dimension
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
@@ -170,7 +196,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Service Forwarding Modes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      kube-proxy is a key component of a Kubernetes cluster. It is responsible for load balancing and forwarding between a Service and its backend pod.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      CCE supports the iptables and IPVS forwarding modes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • IPVS allows higher throughput and faster forwarding. It applies to scenarios where the cluster scale is large or the number of Services is large.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Iptables: the traditional kube-proxy mode. This mode applies to the scenario where the number of Services is small or there are a large number of short concurrent connections on the client.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • IPVS allows higher throughput and faster forwarding. It applies to scenarios where the cluster scale is large or the number of Services is large.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • iptables is the traditional kube-proxy mode. This mode applies to the scenario where the number of Services is small or there are a large number of short concurrent connections on the client.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If high stability is required and the number of Services is less than 2000, the iptables forwarding mode is recommended. In other scenarios, the IPVS forwarding mode is recommended.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Node Specifications
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The minimum specifications of a node are 2 vCPUs and 4 GiB memory. Evaluate based on service requirements before configuring the nodes. However, using many low-specification ECSs is not the optimal choice. The reasons are as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The upper limit of network resources is low, which may result in a single-point bottleneck.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Resources may be wasted. If each container running on a low-specification node needs a lot of resources, the node cannot run multiple containers and there may be idle resources in it.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
@@ -178,8 +204,9 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Advantages of using large-specification nodes are as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The upper limit of the network bandwidth is high. This ensures higher resource utilization for high-bandwidth applications.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Multiple containers can run on the same node, and the network latency between containers is low.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The efficiency of pulling images is higher. This is because an image can be used by multiple containers on a node after being pulled once. Low-specifications ECSs cannot respond promptly because the images are pulled many times and it takes more time to scale these nodes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Additionally, select a proper vCPU/memory ratio based on your requirements. For example, if a service container with large memory but fewer CPUs is used, configure the specifications with the vCPU/memory ratio of 1:4 for the node where the container resides to reduce resource waste.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      In a CCE Turbo cluster, pods use elastic or supplementary network interfaces on nodes. The maximum number of pods that can be created on a node is related to the number of network interfaces that can be used by the node. So you need to evaluate the number of network interfaces that can be used by the node. This determines the maximum number of pods that can run on the node. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Container Engines
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      CCE supports the containerd and Docker container engines. containerd is recommended for its shorter traces, fewer components, higher stability, and less consumption of node resources. Since Kubernetes 1.24, Dockershim is removed and Docker is no longer supported by default. For details, see Kubernetes is Moving on From Dockershim: Commitments and Next Steps. CCE clusters 1.27 do not support the Docker container engine.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Container Engines
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      CCE supports the containerd and Docker container engines. containerd is recommended for its shorter traces, fewer components, higher stability, and less consumption of node resources. Since Kubernetes 1.24, Dockershim is removed and Docker is no longer supported by default. For details, see Kubernetes is Moving on From Dockershim: Commitments and Next Steps. CCE clusters of v1.27 do not support the Docker container engine.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Use containerd in typical scenarios. The Docker container engine is supported only in the following scenarios:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Docker in Docker (usually in CI scenarios)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Running the Docker commands on the nodes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Calling Docker APIs
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_bestpractice_10017.html b/docs/cce/umn/cce_bestpractice_10017.html
index 619598f29..a9026abba 100644
--- a/docs/cce/umn/cce_bestpractice_10017.html
+++ b/docs/cce/umn/cce_bestpractice_10017.html
@@ -41,7 +41,7 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Selecting a Network Model
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Network model: CCE supports VPC, Cloud Native 2.0, and container tunnel network models for your clusters. Different models have different performance and functions. For details, see Network Models.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • VPC network: To enable your applications to access other cloud services like RDS, create related services in the same VPC network as your cluster which runs these applications. This is because services using different VPC networks are isolated from each other. If you have created instances, use VPC peering connections to enable communications between VPCs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Container CIDR block: Do not configure a small container CIDR block. Otherwise, the number of supported nodes will be limited.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • For a cluster using a VPC network, if the subnet mask of the container CIDR block is /16, there are 256 x 256 IP addresses available. If the maximum number of pods reserved on each node is 128, the maximum number of nodes supported is 512.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • For a cluster using a container tunnel network, if the subnet mask of the container CIDR block is /16, there are 256 x 256 IP addresses assigned to your cluster. The container CIDR block allocates 16 IP addresses to the nodes at a time by default. The maximum number of nodes supported by your cluster is 4096 (65536/16=4096).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • For a cluster using a Cloud Native 2.0 network, the container CIDR block is the VPC subnet, and the number of containers can be created depends on the size of the selected subnet.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Selecting a Network Model
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Network model: CCE supports VPC, Cloud Native 2.0, and container tunnel network models. Different models have different performance and functions. For details, see Network Models.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • VPC network: To enable your applications to access other cloud services like RDS, create related services in the same VPC network as your cluster. This is because services using different VPC networks are isolated from each other. If you have instances, use VPC peering connections to enable communications between VPCs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Container CIDR block: Do not configure a small container CIDR block. Otherwise, the number of supported nodes will be limited.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • For a cluster using a VPC network, if the subnet mask of the container CIDR block is /16, there are 256 x 256 IP addresses available. If the maximum number of pods reserved on each node is 128, the maximum number of nodes supported is 512.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • For a cluster using a container tunnel network, if the subnet mask of the container CIDR block is /16, there are 256 x 256 IP addresses assigned to your cluster. The container CIDR block allocates 16 IP addresses to the nodes at a time by default. The maximum number of nodes supported by your cluster is 4096 (65536/16=4096).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • For a cluster using a Cloud Native 2.0 network, the container CIDR block is the VPC subnet, and the number of containers can be created depends on the size of the selected subnet.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Service CIDR block: The service CIDR block determines the upper limit of Service resources in your cluster. Evaluate your actual needs and then configure the CIDR block. A created CIDR block cannot be modified. Do not configure an excessively small one.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        For details, see Planning CIDR Blocks for a Cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
@@ -52,7 +52,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Configuring Quotas and Limits for the Cloud Service Resources and Resources in a Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        CCE allows you to configure resource quotas and limits for your cloud service resources and resources in your clusters. This prevents excessive use of resources. When creating your applications for CCE clusters, consider these limits and periodically review them. This will avoid scaling failures caused by insufficient quotas during application running.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Configuring resource quotas for cloud services: Cloud services like ECS, EVS, VPC, ELB, and SWR are also used to run the CCE clusters. If the existing resource quotas cannot meet your requirements, submit a service ticket to increase the quotas.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Configuring resource quotas for a cluster: You are allowed to configure the namespace-level resource quotas to limit the number of objects of a certain type created in a namespace and the total computing resources like CPU and memory consumed by the objects. For details, see Configuring Resource Quotas.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Partitioning Data Disks Attached to a Node
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        By default, the first data disk of a worker node is for storing the container runtime and kubelet components. The remaining capacity of this data disk affects image download and container startup and running. For details, see Space Allocation of a Data Disk.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Partitioning Data Disks Attached to a Node
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        If System Component Storage is set to Data Disk, one of the data disks attached to the node will be used for the container runtime and kubelet. For details about data disk allocation, see Space Allocation of a Data Disk.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        The default space of this date disk is 100 GiB. You can adjust the space as required. Images, system logs, and application logs are stored on data disks. Therefore, you need to evaluate the number of pods to be deployed on each node, the size of logs, images, and temporary data of each pod, as well as some reserved space for the system. For details, see Selecting a Data Disk for the Node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Running npd
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        A failure in a worker node may affect the availability of the applications. CCE Node Problem Detector is used to monitor node exceptions. It helps you detect and handle latent exceptions in a timely manner. You can also customize the check items, including target node, check period, and triggering threshold. For details, see Configuring Node Fault Detection Policies.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_bestpractice_10020.html b/docs/cce/umn/cce_bestpractice_10020.html
index e5d6a8814..707b11df1 100644
--- a/docs/cce/umn/cce_bestpractice_10020.html
+++ b/docs/cce/umn/cce_bestpractice_10020.html
@@ -1,25 +1,25 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Executing the Pre- or Post-installation Commands During Node Creation
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Background
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        When creating a node, use the pre- or -installation commands to install tools or perform security hardening on the node. This section provides guidance for you to correctly use the pre- or post-installation scripts. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Background
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        When creating a node, use the pre- or -installation commands to install tools or perform security hardening on the node. This section provides guidance for you to correctly use the pre- or post-installation scripts. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Precautions
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Do not use pre- or post-installation scripts that take a long time to execute.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          The pre-installation script has a 15-minute time limit, while the post-installation script has a 30-minute time limit. If the node is not available within the designated time, the node reclaim process will be initiated. Therefore, do not use pre- or post-installation scripts that take a long time to execute.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Do not directly use reboot in the script.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          CCE executes the post-installation command after installing mandatory components on a node. The node will be available only after the post-installation command is executed. If you run reboot directly, the node may be restarted before its status is reported. As a result, it cannot reach the running state within 30 minutes, and a rollback due to timeout will be triggered. Therefore, do not use reboot.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          If you need to restart a node, perform the following operations:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Run shutdown -r <time > in the script to delay the restart. For example, you can run shutdown -r 1 to delay the restart for 1 minute.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • After the node is available, manually restart it.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Precautions
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Do not use pre- or post-installation scripts that take a long time to execute.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            The pre-installation script has a 15-minute time limit, while the post-installation script has a 30-minute time limit. If the node is not available within the designated time, the node reclaim process will be initiated. Therefore, do not use pre- or post-installation scripts that take a long time to execute.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Do not directly use reboot in the script.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            CCE executes the post-installation command after installing mandatory components on a node. The node will be available only after the post-installation command is executed. If you run reboot directly, the node may be restarted before its status is reported. As a result, it cannot reach the running state within 30 minutes, and a rollback due to timeout will be triggered. Therefore, do not use reboot.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            If you need to restart a node, perform the following operations:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Run shutdown -r <time > in the script to delay the restart. For example, you can run shutdown -r 1 to delay the restart for 1 minute.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • After the node is available, manually restart it.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Procedure
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Log in to the CCE console. In the navigation pane, choose Clusters. Click the target cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. Choose Nodes in the navigation pane, click the Nodes tab, click Create Node in the right corner, and configure the parameters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. In the Advanced Settings area, enter pre- or post-installation commands.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            For example, you can create iptables rules by running a post-installation command to allow a maximum of 25 TCP data packets to be addressed to port 80 per minute and allow a maximum of 100 data packets to be addressed to the port when the limit is exceeded to prevent DDoS attacks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            iptables -A INPUT -p tcp --dport 80 -m limit --limit 25/minute --limit-burst 100 -j ACCEPT
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            The command example here is for reference only.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Procedure
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console. In the navigation pane, choose Clusters. Click the target cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            2. Choose Nodes in the navigation pane, click the Nodes tab, click Create Node in the right corner, and configure the parameters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            3. In the Advanced Settings area, enter pre- or post-installation commands.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              For example, you can create iptables rules by running a post-installation command to allow a maximum of 25 TCP data packets to be addressed to port 80 per minute and allow a maximum of 100 data packets to be addressed to the port when the limit is exceeded to prevent DDoS attacks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              iptables -A INPUT -p tcp --dport 80 -m limit --limit 25/minute --limit-burst 100 -j ACCEPT
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              The command example here is for reference only.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            4. After the configuration, enter the number of nodes to be created and click Next: Confirm.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            5. Click Submit.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4. After the configuration, enter the number of nodes to be created and click Next: Confirm.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          5. Click Submit.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Parent topic: Node O&M
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Parent topic: Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
diff --git a/docs/cce/umn/cce_bestpractice_10020_0.html b/docs/cce/umn/cce_bestpractice_10020_0.html
index 0af683c6a..b6851ecd1 100644
--- a/docs/cce/umn/cce_bestpractice_10020_0.html
+++ b/docs/cce/umn/cce_bestpractice_10020_0.html
@@ -1,25 +1,25 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Executing the Pre- or Post-installation Commands During Node Creation
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Background
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        When creating a node, use the pre- or -installation commands to install tools or perform security hardening on the node. This section provides guidance for you to correctly use the pre- or post-installation scripts. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Background
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        When creating a node, use the pre- or -installation commands to install tools or perform security hardening on the node. This section provides guidance for you to correctly use the pre- or post-installation scripts. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Precautions
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Do not use pre- or post-installation scripts that take a long time to execute.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          The pre-installation script has a 15-minute time limit, while the post-installation script has a 30-minute time limit. If the node is not available within the designated time, the node reclaim process will be initiated. Therefore, do not use pre- or post-installation scripts that take a long time to execute.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Do not directly use reboot in the script.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          CCE executes the post-installation command after installing mandatory components on a node. The node will be available only after the post-installation command is executed. If you run reboot directly, the node may be restarted before its status is reported. As a result, it cannot reach the running state within 30 minutes, and a rollback due to timeout will be triggered. Therefore, do not use reboot.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          If you need to restart a node, perform the following operations:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Run shutdown -r <time > in the script to delay the restart. For example, you can run shutdown -r 1 to delay the restart for 1 minute.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • After the node is available, manually restart it.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Precautions
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Do not use pre- or post-installation scripts that take a long time to execute.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            The pre-installation script has a 15-minute time limit, while the post-installation script has a 30-minute time limit. If the node is not available within the designated time, the node reclaim process will be initiated. Therefore, do not use pre- or post-installation scripts that take a long time to execute.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Do not directly use reboot in the script.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            CCE executes the post-installation command after installing mandatory components on a node. The node will be available only after the post-installation command is executed. If you run reboot directly, the node may be restarted before its status is reported. As a result, it cannot reach the running state within 30 minutes, and a rollback due to timeout will be triggered. Therefore, do not use reboot.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            If you need to restart a node, perform the following operations:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Run shutdown -r <time > in the script to delay the restart. For example, you can run shutdown -r 1 to delay the restart for 1 minute.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • After the node is available, manually restart it.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Procedure
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Log in to the CCE console. In the navigation pane, choose Clusters. Click the target cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. Choose Nodes in the navigation pane, click the Nodes tab, click Create Node in the right corner, and configure the parameters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. In the Advanced Settings area, enter pre- or post-installation commands.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            For example, you can create iptables rules by running a post-installation command to allow a maximum of 25 TCP data packets to be addressed to port 80 per minute and allow a maximum of 100 data packets to be addressed to the port when the limit is exceeded to prevent DDoS attacks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            iptables -A INPUT -p tcp --dport 80 -m limit --limit 25/minute --limit-burst 100 -j ACCEPT
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            The command example here is for reference only.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Procedure
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console. In the navigation pane, choose Clusters. Click the target cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            2. Choose Nodes in the navigation pane, click the Nodes tab, click Create Node in the right corner, and configure the parameters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            3. In the Advanced Settings area, enter pre- or post-installation commands.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              For example, you can create iptables rules by running a post-installation command to allow a maximum of 25 TCP data packets to be addressed to port 80 per minute and allow a maximum of 100 data packets to be addressed to the port when the limit is exceeded to prevent DDoS attacks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              iptables -A INPUT -p tcp --dport 80 -m limit --limit 25/minute --limit-burst 100 -j ACCEPT
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              The command example here is for reference only.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            4. After the configuration, enter the number of nodes to be created and click Next: Confirm.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            5. Click Submit.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4. After the configuration, enter the number of nodes to be created and click Next: Confirm.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          5. Click Submit.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Parent topic: Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Parent topic: Node O&M
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
diff --git a/docs/cce/umn/cce_bestpractice_10021.html b/docs/cce/umn/cce_bestpractice_10021.html
index 5b2d3e155..21cfdc7f9 100644
--- a/docs/cce/umn/cce_bestpractice_10021.html
+++ b/docs/cce/umn/cce_bestpractice_10021.html
@@ -6,14 +6,14 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Step 1: Obtain the Data Reporting Address
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Prometheus provides standard Remote Write APIs. You can enter the source address (Remote Write URL) in the Cloud Native Cluster Monitoring add-on for storing the locally collected monitoring data in a Prometheus instance remotely.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • If the Prometheus instance for receiving data is provided by a third-party vendor, view the Remote Write URL on the vendor's console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • If the Prometheus instance for receiving data is an on-premises one, the Remote Write URL is https:// {prometheus_addr} /api/v1/write, where {prometheus_addr} indicates the IP address and port number for external access.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Step 2: Obtain the Authentication Mode
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • For the third-party Prometheus instance, go to the vendor's console to view the token or account password used for authorized access.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • For the on-premises Prometheus instance, perform the following steps to obtain a token:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. If this Prometheus instance is deployed in a Kubernetes cluster, view the token in the corresponding container. If this Prometheus instance is deployed on a VM, skip this step.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            kubectl exec -ti -n monitoring prometheus-server-0 -- sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Step 2: Obtain the Authentication Mode
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • For the third-party Prometheus instance, go to the vendor's console to view the token or account password used for authorized access.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • For the on-premises Prometheus instance, perform the following operations to obtain a token:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              1. If this Prometheus instance is deployed in a Kubernetes cluster, view the token in the corresponding container. If this Prometheus instance is deployed on a VM, skip this step.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                kubectl exec -ti -n monitoring prometheus-server-0 -- sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Replace the variables in the command as needed:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • monitoring: indicates the namespace where a Prometheus pod is in.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • prometheus-server-0: indicates the name of a Prometheus pod.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              2. Check the location of the configuration file.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                ps -aux | grep prometheus
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Information similar to the following is displayed:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              3. View and record the token information in prometheus.env.yaml.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                cat /etc/prometheus/config_out/prometheus.env.yaml
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
@@ -23,7 +23,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. After the modification is complete, click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Step 4: Check the Data Sending and Receiving Statuses
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        After the preceding configuration is complete, log in to the Prometheus console supported by the third-party platform and view the Prometheus metrics with remote write on the Graph page.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_bestpractice_10024.html b/docs/cce/umn/cce_bestpractice_10024.html
index 98758782b..ad003c57b 100644
--- a/docs/cce/umn/cce_bestpractice_10024.html
+++ b/docs/cce/umn/cce_bestpractice_10024.html
@@ -1,113 +1,168 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Protecting a CCE Cluster Against Overload
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        As services grow, the Kubernetes cluster scales up, putting more pressure on the control plane. If the control plane cannot handle the load, clusters may fail to provide services. This document explains the symptoms, impact, and causes of cluster overload, as well as how CCE clusters can protect against overload. It also provides recommended measures for protecting against overload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        What Is Cluster Overload?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        An overloaded cluster can cause delays in Kubernetes API responses and increase the resource usage on master nodes. In severe cases, the APIs may fail to respond, master nodes may become unusable, and the entire cluster may malfunction.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        When a cluster is overloaded, both the control plane and the services that rely on it are impacted. The following lists some scenarios that may be affected:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Kubernetes resource management: Creating, deleting, updating, or obtaining Kubernetes resources may fail.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Kubernetes distributed leader selection: In distributed applications based on Kubernetes Leases, leaders may restart due to lease renewal request timeout.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          For example, if the lease renewal of the controller component of the NPD add-on fails, an active/standby switchover is triggered. This means that the active instance will restart, and the standby instance will take over services, ensuring that there is no impact on services.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Cluster management: When a cluster is severely overloaded, it may become unavailable. In this case, cluster management operations, such as creating or deleting nodes, cannot be performed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Common causes of cluster overload are as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • The cluster resource data volume is too large.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          etcd and kube-apiserver are two core components of the cluster control plane. etcd serves as the background database that stores all cluster data, while kube-apiserver acts as the entry point for processing requests. kube-apiserver caches cluster data to lessen the burden on etcd, and other core components in the cluster also cache various resources and monitor changes to these resources.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          However, if the cluster resource data volume is too large, the control plane resource usage remains high, leading to overload when the resource data volume exceeds the bearing capability.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • A large amount of data is obtained from a client. For example, a large number of LIST requests are initiated or a single LIST request is sent to obtain a large amount of data.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Assume that a client uses field selectors to obtain pod data in a cluster and needs to obtain data from etcd (although the client can also get data from the kube-apiserver cache). Data in etcd cannot be obtained by field, so kube-apiserver must get all pod data from etcd, replicate, and serialize structured pod data, and then respond to the client request.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          When the client sends a LIST request, it may need to be processed by multiple control plane components, resulting in a larger amount of data to be processed and a more complex data type. As a result, when the client gets a large amount of data, resource usages on etcd and API server remain high. If the bearing capability is exceeded, the cluster becomes overloaded.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Cluster overload occurs when a Kubernetes cluster's compute, storage, or network resources exceed its processing capacity, leading to exhaustion of key control plane components (like etcd and kube-apiserver) or worker nodes. This can severely degrade cluster performance or even cause operational failures. To prevent this, proactive overload protection is essential. Policies like overload control and LIST request optimization help maintain the stability of core services, ensuring that sudden spikes in loads do not result in service disruptions. This section explores the causes and impacts of cluster overload, explains CCE cluster overload control, and provides best practices for maintaining stability.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Causes of Cluster Overload
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Cluster overload affects stability and service continuity within a Kubernetes environment. Common causes include:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Resource request exceeding cluster capacity: Core components on the cluster control plane include etcd and kube-apiserver. etcd is a backend database that stores all cluster data. kube-apiserver acts as the entry to the control plane and processes requests. kube-apiserver caches cluster data to lessen the burden on etcd. Other core components in the cluster also cache various resources and monitor changes to these resources. When the demand for compute, network, and storage resources surpasses the cluster capacity, these components become heavily loaded. If this load exceeds a certain threshold, the cluster becomes overloaded.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Lots of data queries (such as multiple LIST requests or a single request retrieving large amounts of data): If a client obtains pod data using field selectors, but kube-apiserver cache does not contain the requested information, the client must fetch the full pod data from etcd, since etcd cannot get data by field. Once retrieved, kube-apiserver deserializes the pod data into structured objects in memory, traverses each pod to match the requested fields, and returns the obtained serialized results. When many concurrent queries occur, resource utilization of each component increases sharply, leading to issues such as etcd latency spikes, OOM errors in kube-apiserver, and control loop imbalances. Consequently, the entire cluster becomes overloaded.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Figure 1 Example of a large amount of data obtained from a client
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          CCE Overload Control
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Overload control: CCE clusters have supported overload control since v1.23, which reduces the number of LIST requests outside the system when the control plane experiences high resource usage pressure. To use this function, enable overload control for your clusters. For details, see Enabling Overload Control for a Cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Optimized processes on LIST requests: Starting from CCE clusters of v1.23.8-r0 and v1.25.3-r0, processes on LIST requests have been optimized. Even if a client does not specify the resourceVersion parameter, kube-apiserver responds to requests based on its cache to avoid additional etcd queries and ensure that the response data is up to date. Additionally, namespace indexes are now added to the kube-apiserver cache. This means that when a client requests a specified resource in a specified namespace, it no longer needs to obtain resources belonging to the namespace based on full data. This effectively reduces the response delay and control plane memory overhead.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Refined traffic limiting policy on the server: The API Priority and Fairness (APF) feature is used to implement fine-grained control on concurrent requests. For details, see API Priority and Fairness.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Suggestions
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          This section describes measures and suggestions you can take to prevent clusters from being overloaded.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Impacts of Cluster Overload
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          When a cluster experiences overload, Kubernetes API response delay increase, and resource utilization on control plane nodes rises, affecting both the control plane and related services. Below are key areas impacted:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Kubernetes resource management: Operations such as creating, deleting, updating, or obtaining Kubernetes resources may fail.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Kubernetes leader election: Overload can prevent a leader node lease renewal from completing on time. If the lease expires, the leader node loses its leadership role, triggering re-election. This can cause temporary service interruptions, task migrations, scheduling delays, and fluctuations in cluster performance.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Cluster management failures: Severe overload may make a cluster unavailable, preventing management operations like node creation or deletion.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          CCE Overload Control
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Overload control: CCE clusters have supported overload control since v1.23, which reduces the number of LIST requests outside the system when the control plane experiences high resource usage pressure. To use this function, enable overload control for your clusters. For details, see Enabling Overload Control for a Cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Optimized processes on LIST requests: Starting from CCE clusters of v1.23.8-r0 and v1.25.3-r0, processes on LIST requests have been optimized. Even if a client does not specify the resourceVersion parameter, kube-apiserver responds to requests based on its cache to avoid additional etcd queries and ensure that the response data is up to date. Additionally, namespace indexes are now added to the kube-apiserver cache. This allows clients to request specified resources in a namespace without needing to fetch full data for that namespace. This effectively reduces the response delay and control plane memory overhead.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Refined traffic limit policy on the server: The API Priority and Fairness (APF) feature is used to implement fine-grained control on concurrent requests. For details, see API Priority and Fairness.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Configuration Suggestions
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          When running services in Kubernetes clusters, the cluster performance and availability are influenced by various factors, including the cluster scale, number and volume of resources, and resource access. CCE has optimized cluster performance and availability based on cloud native practices and has developed suggestions to protect against cluster overload. You can use these suggestions to ensure that your services run stably and reliably over the long term.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Table 1 Networking model comparison
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Dimension
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Tunnel Network
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Tunnel Network
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      VPC Network
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      VPC Network
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Cloud Native Network 2.0
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Cloud Native 2.0 Network
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Application scenarios
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Application scenario
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Low requirements on performance: As the container tunnel network requires additional VXLAN tunnel encapsulation, it has about 5% to 15% of performance loss when compared with the other two container network models. Therefore, the container tunnel network applies to the scenarios that do not have high performance requirements, such as web applications, and middle-end and back-end services with a small number of access requests.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Large-scale networking: Different from the VPC network that is limited by the VPC route quota, the container tunnel network does not have any restriction on the infrastructure. In addition, the container tunnel network controls the broadcast domain to the node level. The container tunnel network supports a maximum of 2000 nodes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Low requirements on performance: As a container tunnel network requires additional VXLAN tunnel encapsulation, it has about 5% to 15% of performance loss when compared with the other two container network models. Therefore, the container tunnel networks apply to the scenarios that do not have high performance requirements, such as web applications, and middle-end and back-end services with a small number of access requests.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Large-scale networks: Different from a VPC network that is limited by the VPC route quota, a container tunnel network does not have any restriction on the infrastructure. In addition, the container tunnel network controls the broadcast domain to the node level and supports a maximum of 2000 nodes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • High performance requirements: As no tunnel encapsulation is required, the VPC network model delivers the performance close to that of a VPC network when compared with the container tunnel network model. Therefore, the VPC network model applies to scenarios that have high requirements on performance, such as AI computing and big data computing.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Small- and medium-scale networks: Due to the limitation on VPC route tables, it is recommended that the number of nodes in a cluster be less than or equal to 1000.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • High performance requirements: As no tunnel encapsulation is required, the VPC network model delivers the performance close to that of a VPC network when compared with the container tunnel network model. Therefore, the VPC network model applies to scenarios that have high requirements on performance, such as AI computing and big data computing.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Small- and medium-scale networks: Due to the limitation on VPC route tables, it is recommended that the number of nodes in a cluster be less than or equal to 1000.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • High performance requirements: Cloud Native Network 2.0 uses VPC networks to construct container networks, eliminating the need for tunnel encapsulation or NAT when containers communicate. This makes Cloud Native Network 2.0 ideal for scenarios that demand high bandwidth and low latency.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Large-scale networking: Cloud Native Network 2.0 supports up to 2,000 ECS nodes and 100,000 pods.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • High performance requirements: Cloud Native 2.0 networks use VPC networks to construct container networks, eliminating the need for tunnel encapsulation or NAT required by container communications. This makes Cloud Native 2.0 networks ideal for scenarios that demand high bandwidth and low latency.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Large-scale networks: A Cloud Native 2.0 network supports a maximum of 2000 ECS nodes and 100,000 pods.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Core technology
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Core technology
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      OVS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      OVS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      IPvlan and VPC route
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      IPvlan and VPC route
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      VPC ENI/sub-ENI
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      VPC network interfaces/supplementary network interfaces
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Applicable clusters
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Applicable cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      CCE standard cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      CCE standard cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      CCE standard cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      CCE standard cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      CCE Turbo cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      CCE Turbo cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Container network isolation
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Container network isolation
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Kubernetes native NetworkPolicy for pods
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Pods support Kubernetes-native network policies.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      No
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Not supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Pods support security group isolation.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Pods support security group isolation.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Interconnecting pods to a load balancer
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Interconnecting pods to a load balancer
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Interconnected through a NodePort
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Interconnected through a NodePort
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Interconnected through a NodePort
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Interconnected through a NodePort
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Directly interconnected using a dedicated load balancer
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Interconnected using a shared load balancer through a NodePort
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Directly interconnected using a dedicated load balancer
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Interconnected using a shared load balancer through a NodePort
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Managing container IP addresses
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Container IP address management
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Separate container CIDR blocks needed
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Container CIDR blocks divided by node and dynamically added after being allocated
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Separate container CIDR blocks are needed. Container CIDR blocks cannot overlap with VPC CIDR blocks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • After a cluster is created, the container CIDR block cannot be expanded. To avoid insufficient IP addresses, you are advised to set the subnet mask of the container CIDR block to a maximum of 19 bits.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Separate container CIDR blocks needed
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Container CIDR blocks divided by node and statically allocated (the allocated CIDR blocks cannot be changed after a node is created)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Separate container CIDR blocks are needed. Container CIDR blocks cannot overlap with VPC CIDR blocks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • You can add multiple container CIDR blocks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • After a cluster is created, you can add more container CIDR blocks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • When container IP addresses are allocated, a fixed IP address range is configured for each node from the container CIDR block. The IP addresses of all pods on a node are allocated from the IP address range.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Container CIDR blocks divided from a VPC subnet (You do not need to configure separate container CIDR blocks.)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • You can specify a VPC subnet as the container CIDR block.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • After a cluster is created, you can add more container CIDR blocks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Container IP addresses are directly allocated from the VPC, consuming many IP addresses. You are advised to plan a large VPC CIDR block in advance.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Network performance
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Maximum number of pods on a node
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Performance loss due to VXLAN encapsulation
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      It is determined by the maximum number of pods that can be created on a node (the kubelet parameter maxPods).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      No tunnel encapsulation, and cross-node traffic forwarded through VPC routers (The performance is so good that is comparable to that of the host network, but there is a loss caused by NAT.)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The smaller value between the following two options is used:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The maximum number of pods that can be created on a node (the kubelet parameter maxPods).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The number of container IP addresses reserved for each node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Container network integrated with VPC network, eliminating performance loss
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The smaller value between the following two options is used:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The maximum number of pods that can be created on a node (the kubelet parameter maxPods).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The number of network interfaces on a node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Networking scale
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Network performance
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      A maximum of 2000 nodes are supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Performance loss due to VXLAN encapsulation
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Suitable for small- and medium-scale networks due to the limitation on VPC route tables. It is recommended that the number of nodes be less than or equal to 1000.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Each time a node is added to the cluster, a route is added to the VPC route tables. Evaluate the cluster scale that is limited by the VPC route tables before creating the cluster. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      No tunnel encapsulation, and cross-node traffic forwarded through VPC routers (The performance is so good that is comparable to that of the host network, but there is a loss caused by NAT.)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      A maximum of 2000 nodes are supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      In a cloud-native network 2.0 cluster, containers' IP addresses are assigned from VPC CIDR blocks, and the number of containers supported is restricted by these blocks. Evaluate the cluster's scale limitations before creating it.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Container network integrated with VPC network, eliminating performance loss
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Network scale
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      A maximum of 2000 nodes is supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Suitable for small- and medium-scale networks due to the limitation on VPC route tables. It is recommended that the number of nodes be less than or equal to 1000.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Each time a node is added to the cluster, a route is added to the VPC route tables. Evaluate the cluster scale that is limited by the VPC route tables before creating the cluster. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      A maximum of 2000 nodes is supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      In a cluster that uses a Cloud Native 2.0 network, container IP addresses are assigned from the VPC CIDR block, and the number of containers is also restricted by this CIDR block. Evaluate the cluster's scale limitations before creating it.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      IPv4/IPv6 dual-stack
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Not supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Category
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
-
-
-
-
-
-
-
-
+
-
-
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Category
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Reference
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Reference
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Upgrading the Cluster Version
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Keeping the Cluster Version Up to Date
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Enabling Overload Control
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Enabling Overload Control
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Changing the Cluster Scale
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Changing the Cluster Scale
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Splitting the Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Controlling Data Volume of Resources
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      O&M
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Enabling Observability
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Using Multiple Clusters
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Clearing Unused Resources
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      O&M
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Enabling Observability
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Application
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Clearing Unused Resources
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Optimizing the Client Access Mode
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Application
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Optimizing the Client Access Mode
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Upgrading the Cluster Version
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      As the CCE cluster version evolves, new overload protection features and optimizations are regularly introduced. It is recommended that you promptly upgrade your clusters to the latest version. For details, see Process and Method of Upgrading a Cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Keeping the Cluster Version Up to Date
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      As the CCE cluster version evolves, new overload protection features and optimizations are regularly introduced. It is recommended that you promptly upgrade your clusters to the latest version. For details, see Cluster Upgrade Overview.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Enabling Overload Control
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      After overload control is enabled, concurrent LIST requests outside the system will be dynamically controlled based on the resource demands received by master nodes to ensure the stable running of the master nodes and the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      For details, see Cluster Overload Control.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      For details, see Enabling Overload Control for a Cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Changing the Cluster Scale
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If the resource usage on the master nodes in a cluster remains high for a long time, for example, the memory usage is greater than 85%, it is recommended that you promptly increase the cluster management scale. This will prevent the cluster from becoming overloaded during sudden traffic surges. For details, see Changing a Cluster Scale.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The larger the cluster management scale, the higher the specifications and performance of the master nodes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The CCE cluster management scale is the maximum number of nodes that a cluster can manage. It is used as a reference during service deployment planning, and the actual quantity of nodes in use may not reach the limit. The actual scale depends on various factors, including the type, quantity, and size of resource objects in the cluster, as well as the amount of external access to the cluster control plane.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Controlling Data Volume of Resources
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      When the resource data volume in a cluster is too large, it can negatively impact etcd performance, including data read and write latency. Additionally, if the data volume of a single type of resource is too large, the control plane consumes a significant number of resources when a client requests all the resources. To avoid these issues, it is recommended that you keep both the etcd data volume and the data volume of a single type of resources under control.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Table 1 Recommended maximum etcd data volume for different cluster scales
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Cluster Scale
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      50 Nodes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      200 Nodes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1000 Nodes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2000 Nodes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Total etcd data capacity
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      500 MiB
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1 GiB
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      4 GiB
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      8 GiB
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      etcd data volume of a single type of resources
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      50 MiB
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      100 MiB
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      400 MiB
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      800 MiB
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Using Multiple Clusters
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The Kubernetes architecture has a performance bottleneck, meaning that the scale of a single cluster cannot be expanded indefinitely. If your cluster has 2,000 worker nodes, it is necessary to split the services and deploy them across multiple clusters. If you encounter any issues with splitting a cluster, submit a service ticket for technical support.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Enabling Observability
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Observability is crucial for maintaining the reliability and stability of clusters. By using monitoring, alarms, and logs, administrators can gain a better understanding of the clusters' performance, promptly identify any issues, and take corrective action in a timely manner.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Monitoring configurations
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • You can check the monitoring information about master nodes on the Overview page of the CCE cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Controlling Data Volume of Resources
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      When the resource data volume in a cluster is too large, it can negatively impact etcd performance, including data read and write latency. Additionally, if the data volume of a single type of resource is too large, the control plane consumes a significant number of resources when a client requests all the resources. To avoid these issues, it is recommended that you keep both the etcd data volume and the data volume of a single type of resources under control.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Clearing Unused Resources
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      To prevent a large number of pending pods from consuming extra resources on the control plane, it is recommended that you promptly clear up Kubernetes resources that are no longer in use, such as ConfigMaps, Secrets, and PVCs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Table 1 Recommended maximum etcd data volume for different cluster scales
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Cluster Scale
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
-
-
-
-
-
-
-
-
-
-
-
-
+
-
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Table 2 Resource limits
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Category
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      50 Nodes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      200 Nodes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1,000 Nodes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2,000 Nodes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Recommended Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Total etcd data capacity
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Number of Services in a namespace
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      500Mi
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      In a Kubernetes cluster, kubelet transforms the Service information specified in the cluster into environment variables and then injects them into the pod that is running on the node. This enables the pod to access these environment variables and locate the Service, facilitating communication with it.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      However, if there are numerous Services defined in a namespace, kubelet may have to inject a larger number of environment variables into the pod, which could potentially delay the pod's startup process. In severe cases, the pod may even fail to start.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1Gi
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      4Gi
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      8Gi
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Do not configure these environment variables and set enableServiceLinks in podSpec to false. For details, see Accessing the Service.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      etcd data volume of a single type of resources
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Total number of Services in a cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      50Mi
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If the number of Services increases, the number of kube-proxy network rules increases, affecting network performance.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      100Mi
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      It is recommended that the total number of Services be less than or equal to 10,000.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      It is recommended that the total number of LoadBalancer Services be less than or equal to 500.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      400Mi
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Maximum number of endpoints in a Service
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      800Mi
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      When a Service is associated with a large number of endpoints, each time the endpoints are updated, a large amount of data is synchronized between the control plane component kube-apiserver and kube-proxy on the node, which may cause significant pressure on network and system resources.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       NOTE: 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Kubernetes provides the EndpointSlices feature to efficiently update endpoints. This feature is enabled by default in clusters of v1.19 and later versions, and enters the stable state in clusters of v1.21.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      It is recommended that the number of backend pods of a single Service endpoint be less than or equal to 3000.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Total number of endpoints of all Services
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If a Service has an excessive number of endpoints, the API server will have to handle a larger amount of data, potentially leading to a high workload on the API server and a decline in network performance.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      It is recommended that the total number of endpoints associated with all Services be less than or equal to 64,000.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Number of pending pods
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      When there is a high number of pods waiting to be scheduled in a cluster, new pods may remain in the pending state for an extended period, causing delays in their allocation to suitable nodes. If a pod cannot be scheduled for a prolonged period, the scheduler generates events at regular intervals, leading to an excessive number of events.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      It is recommended that the total number of pending pods be less than or equal to 10,000.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Clearing Unused Resources
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      To prevent a large number of pending pods from consuming extra resources on the control plane, it is recommended that you promptly clear up Kubernetes resources that are no longer in use, such as ConfigMaps, Secrets, and PVCs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Optimizing the Client Access Mode
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • To avoid frequent LIST queries, it is best to use the client cache mechanism when retrieving cluster resource data multiple times. It is recommended that you communicate with clusters using informers and listers. For details, see client-go documentation.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        If a LIST query must be used, you can:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Obtain needed data from the kube-apiserver cache first and avoid making additional queries on etcd data. For clusters earlier than v1.23.8-r0 and v1.25.3-r0, you can set resourceVersion to 0. In clusters of v1.23.8-r0, v1.25.3-r0, and later versions, CCE has improved the way data is retrieved and ensured that the cached data is up to date. By default, you can access the required data from the cache.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Accurately define the query scope to avoid retrieving irrelevant data and using unnecessary resources. For example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          # client-go Code example for obtaining pods in a specified namespace
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Optimizing the Client Access Mode
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • To avoid frequent LIST queries, it is best to use the client cache mechanism when retrieving cluster resource data multiple times. It is recommended that you communicate with clusters using informers and listers. For details, see the Go documentation.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            If a LIST query must be used, you can:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Obtain needed data from the kube-apiserver cache first and avoid making additional queries on etcd data. For clusters earlier than v1.23.8-r0 or v1.25.3-r0, you can set resourceVersion to 0. In clusters of v1.23.8-r0, v1.25.3-r0, and later versions, CCE has improved data retrieval and ensured that the cached data is up to date. By default, you can access the required data from the cache.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Accurately define the query scope to avoid retrieving irrelevant data and using unnecessary resources. For example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              # client-go Code example for obtaining pods in a specified namespace
 k8sClient.CoreV1().Pods("<your-namespace>").List(metav1.ListOptions{})
 # kubectl Command example for obtaining pods in a specified namespace
 kubectl get pods -n <your-namespace>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
@@ -115,14 +170,6 @@ kubectl get pods -n 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Use the more efficient Protobuf format instead of the JSON format. By default, Kubernetes returns objects serialized to JSON with content type application/json. This is the default serialization format for the API. However, clients may request the more efficient Protobuf representation of these objects for better performance. For details, see Alternate representations of resources.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Changing the Cluster Scale
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          If the resource usage on the master nodes in a cluster remains high for a long time, for example, the memory usage is greater than 85%, it is recommended that you promptly increase the cluster management scale. This will prevent the cluster from becoming overloaded during sudden traffic surges. For details, see Changing Cluster Scale.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • The performance of the master nodes improves and their specifications become higher as the management scale of a cluster increases.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • The CCE cluster management scale is the maximum number of nodes that a cluster can manage. It is used as a reference during service deployment planning, and the actual quantity of nodes in use may not reach the maximum number of nodes selected. The actual scale depends on various factors, including the type, quantity, and size of resource objects in the cluster, as well as the number of external accesses to the cluster control plane.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Splitting the Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          The Kubernetes architecture has a performance bottleneck, meaning that the scale of a single cluster cannot be expanded indefinitely. If your cluster has 2,000 worker nodes, it is necessary to split the services and deploy them across multiple clusters. If you encounter any issues with splitting a cluster, submit a service ticket for technical support.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Summary
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          When running services on Kubernetes clusters, their performance and availability are influenced by various factors, including the cluster scale, number and size of resources, and resource access. CCE has optimized cluster performance and availability based on cloud native practices and has developed measures to protect against cluster overload. You can use these measures to ensure that your services run stably and reliably over the long term.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_bestpractice_10041.html b/docs/cce/umn/cce_bestpractice_10041.html
index 74d5ae75b..f1f922fda 100644
--- a/docs/cce/umn/cce_bestpractice_10041.html
+++ b/docs/cce/umn/cce_bestpractice_10041.html
@@ -1,9 +1,9 @@
 
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Accessing an IP Address Outside of a Cluster That Uses a VPC Network by Using Source Pod IP Addresses Within the Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Accessing an IP Address Outside a Cluster That Uses a VPC Network by Using Source Pod IP Addresses Within the Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      In a CCE cluster that uses a VPC network, when pods try to communicate with external systems, CCE automatically translates the source IP addresses of the pods into the IP addresses of the nodes that are running them. This allows pods to communicate with external systems using the node IP addresses. This process is known as pod IP address masquerading or Source Network Address Translation (SNAT).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      You are allowed to configure private CIDR blocks for your clusters using the nonMasqueradeCIDRs parameter. If a pod tries to access a private CIDR block, the source node will not perform NAT on the pod IP address. Instead, the VPC route table can directly send the pod data packet to the destination, which means, the pod IP address is directly used to communicate with the private CIDR block in the cluster. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Figure 1 Pod IP address translation
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Figure 1 Pod IP address translation
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      You have a cluster that uses the VPC network and whose version is v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, or later.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Default Non-Masqueraded CIDR Block Settings in a CCE Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      By default, CCE uses the following well-known private CIDR blocks as non-masqueraded CIDR blocks in each cluster:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_bestpractice_10069.html b/docs/cce/umn/cce_bestpractice_10069.html
new file mode 100644
index 000000000..1b56e6d16
--- /dev/null
+++ b/docs/cce/umn/cce_bestpractice_10069.html
@@ -0,0 +1,19 @@
+
+
+
+  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Backing Up and Migrating Clusters
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
+  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
+
+
diff --git a/docs/cce/umn/cce_bulletin_0027.html b/docs/cce/umn/cce_bulletin_0027.html
index 279b86f03..98029edd8 100644
--- a/docs/cce/umn/cce_bulletin_0027.html
+++ b/docs/cce/umn/cce_bulletin_0027.html
@@ -5,8 +5,10 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Resource Changes and Deprecations
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Kubernetes v1.23 Release Notes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • FlexVolume is deprecated. Use CSI.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • HorizontalPodAutoscaler v2 is promoted to GA, and HorizontalPodAutoscaler API v2 is gradually stable in version 1.23. The HorizontalPodAutoscaler v2beta2 API is not recommended. Use the v2 API.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • PodSecurity moves to beta, replacing the deprecated PodSecurityPolicy. PodSecurity is an admission controller that enforces pod security standards on pods in the namespace based on specific namespace labels that set the enforcement level. PodSecurity is enabled by default in version 1.23.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Kubernetes v1.22 Release Notes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Ingresses no longer support networking.k8s.io/v1beta1 and extensions/v1beta1 APIs. If you use the API of an earlier version to manage ingresses, an application cannot be exposed to external services. Use networking.k8s.io/v1.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • CustomResourceDefinitions no longer support the apiextensions.k8s.io/v1beta1 API. If you use the API of an earlier version to create a CRD, the creation will fail, which affects the controller that reconciles this CRD. Use apiextensions.k8s.io/v1.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • ClusterRoles, ClusterRoleBindings, Roles, and RoleBindings no longer support the rbac.authorization.k8s.io/v1beta1 API. If you use the API of an earlier version to manage RBAC resources, application permissions control is affected and even cannot work in the cluster. Use rbac.authorization.k8s.io/v1.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The Kubernetes release cycle is changed from four releases a year to three releases a year.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • StatefulSets support minReadySeconds.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • During scale-in, pods are randomly selected and deleted based on the pod UID by default (LogarithmicScaleDown). This feature enhances the randomness of the pods to be deleted and alleviates the problems caused by pod topology spread constraints. For more information, see KEP-2185 and issue 96748.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The BoundServiceAccountTokenVolume feature is stable, which has changed the method of mounting tokens into pods for enhanced token security of the service account. This feature is enabled by default in Kubernetes clusters of v1.21 and later versions.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Ingresses no longer support networking.k8s.io/v1beta1 and extensions/v1beta1 APIs. If you use the API of an earlier version to manage ingresses, an application cannot be exposed to external services. Use networking.k8s.io/v1.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • CustomResourceDefinitions no longer support the apiextensions.k8s.io/v1beta1 API. If you use the API of an earlier version to create a CRD, the creation will fail, which affects the controller that reconciles this CRD. Use apiextensions.k8s.io/v1.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • ClusterRoles, ClusterRoleBindings, Roles, and RoleBindings no longer support the rbac.authorization.k8s.io/v1beta1 API. If you use the API of an earlier version to manage RBAC resources, application permissions control is affected and even cannot work in the cluster. Use rbac.authorization.k8s.io/v1.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The Kubernetes release cycle is changed from four releases a year to three releases a year.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • StatefulSets support minReadySeconds.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • During scale-in, pods are randomly selected and deleted based on the pod UID by default (LogarithmicScaleDown). This feature enhances the randomness of the pods to be deleted and alleviates the problems caused by pod topology spread constraints. For more information, see KEP-2185 and issue 96748.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The BoundServiceAccountTokenVolume feature is stable, which has changed the method of mounting tokens into pods for enhanced token security of the service account. This feature is enabled by default in Kubernetes clusters of v1.21 and later versions.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Incompatible Changes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      In Kubernetes 1.23, kube-proxy's startup behavior has changed. If a node's kernel parameter value exceeds the default value calculated by kube-proxy, kube-proxy will not override it. For example, if a node's nf_conntrack_max is set to 1000000 and kube-proxy calculates 131072, the kernel value 1000000 will be used.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Community PR: https://github.com/kubernetes/kubernetes/pull/103174
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      References
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      For more details about the performance comparison and function evolution between Kubernetes 1.23 and other versions, see the following documents:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
diff --git a/docs/cce/umn/cce_bulletin_0058.html b/docs/cce/umn/cce_bulletin_0058.html
index b61a43074..08803838f 100644
--- a/docs/cce/umn/cce_bulletin_0058.html
+++ b/docs/cce/umn/cce_bulletin_0058.html
@@ -1,6 +1,6 @@
 
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Kubernetes 1.25 (EOM) Release Notes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Kubernetes 1.25 Release Notes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      This section describes the changes made in Kubernetes 1.25 compared with Kubernetes 1.23.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Indexes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_bulletin_0104.html b/docs/cce/umn/cce_bulletin_0104.html
new file mode 100644
index 000000000..e7c9307a9
--- /dev/null
+++ b/docs/cce/umn/cce_bulletin_0104.html
@@ -0,0 +1,31 @@
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Kubernetes 1.32 Release Notes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      CCE allows you to create Kubernetes 1.32 clusters. This section describes the changes made in Kubernetes 1.32.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Indexes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      New and Enhanced Features
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • SizeMemoryBackedVolumes (GA)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        SizeMemoryBackedVolumes moved to GA. This feature allows you to specify the size limits for memory-backed volumes (such as emptyDir) to prevent pods from occupying too much node memory. For details, see emptyDir.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • PodLifecycleSleepAction (GA)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        PodLifecycleSleepAction moved to GA. This feature allows you to use the sleep command by setting the Sleep field in the container lifecycle hooks to pause the container for a specified duration. For details, see Container hooks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • StatefulSetAutoDeletePVC (GA)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        StatefulSetAutoDeletePVC moved to GA. This feature allows you to set the PVC retention policy when a StatefulSet is deleted or scaled in, and allows PVCs to be deleted at the same time when a StatefulSet is deleted or scaled in. For details, see PersistentVolumeClaim Retention.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • CronJobsScheduledAnnotation (GA)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        CronJobsScheduledAnnotation moved to GA. This feature writes the scheduling time of a cron job to the batch.kubernetes.io/cronjob-scheduled-timestamp annotation of a job.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • PodIndexLabel (GA)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        PodIndexLabel moved to GA. This feature writes the completion sequence of an indexed job to the batch.kubernetes.io/job-completion-index label of the pod.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • CustomResourceFieldSelectors (GA)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        CustomResourceFieldSelectors moved to GA. This feature allows you to specify the selectableFields field of a CustomResourceDefinition to define which other fields in a custom resource may be used in field selectors. Field selectors can then be used to get only resources by filtering List, Watch, and DeleteCollection requests. For details, see Selectable fields for custom resources.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • JobManagedBy (Beta)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        JobManagedBy moved to Beta. This feature allows you to specify a custom job controller through the spec.managedBy field of the job. For details, see Delegation of managing a Job object to external controller.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • RelaxedEnvironmentVariableValidation (Beta)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        RelaxedEnvironmentVariableValidation moved to Beta. This feature allows all printable ASCII characters (except =) to be used in environment variable names, increasing the flexibility of environment variable usage. For details, see Define Environment Variables for a Container.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • WatchList (Beta)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        The WatchList feature has been advanced to Beta and is enabled by default. For users who use client-go, after the WatchListClient feature of client-go is enabled, an API client can request a stream of data rather than fetching a full list to access the kube-apiserver, reducing resource consumption on the control plane.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      API Changes and Removals
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The metadata annotation kubernetes.io/enforce-mountable-secrets of service accounts was deprecated from Kubernetes 1.32, but the removal time was not set. You are advised to use a separate namespace to isolate access to secrets.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The kube-controller-manager parameter concurrent-daemonset-syncs is available. This parameter controls the number of DaemonSet objects that can synchronize concurrently. This setting can be adjusted using the configuration management function.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Enhanced Kubernetes 1.32 on CCE
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      During a version maintenance period, CCE periodically updates Kubernetes 1.32 and provides enhanced functions.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      For details about cluster version updates, see Patch Versions.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      References
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      For more details about the performance comparison and function evolution between Kubernetes 1.32 and other versions, see Kubernetes v1.32 Release Notes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Parent topic: Kubernetes Version Release Notes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
diff --git a/docs/cce/umn/cce_faq_00006.html b/docs/cce/umn/cce_faq_00006.html
index 22507dbeb..7aa761f0c 100644
--- a/docs/cce/umn/cce_faq_00006.html
+++ b/docs/cce/umn/cce_faq_00006.html
@@ -1,13 +1,13 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Common FAQ
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Cluster Management
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Cluster Management
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Node/Node Pool Management
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Workload Management
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Workload Management
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Network Management
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Network Management
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Storage Management
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_faq_00012.html b/docs/cce/umn/cce_faq_00012.html
index cc51b9945..f9c6ff026 100644
--- a/docs/cce/umn/cce_faq_00012.html
+++ b/docs/cce/umn/cce_faq_00012.html
@@ -5,7 +5,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Possible Cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The metadata.enable field in the YAML file of the workload is false. As a result, the pod of the workload is deleted and the workload is in the stopped status.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Delete the enable field or set it to true.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_faq_00015.html b/docs/cce/umn/cce_faq_00015.html
index 46c8f7987..849d1dfa9 100644
--- a/docs/cce/umn/cce_faq_00015.html
+++ b/docs/cce/umn/cce_faq_00015.html
@@ -1,7 +1,7 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      What Should I Do If a Pod Fails to Pull the Image?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Fault Locating
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      When a workload's status shows "Pod not ready: Back-off pulling image "xxxxx", a Kubernetes event of PodsFailed to pull image or Failed to re-pull image will be reported. For details about how to view Kubernetes events, see Viewing Pod Events.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Fault Locating
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      When a workload's status shows "Pod not ready: Back-off pulling image "xxxxx", a Kubernetes event of Failed to pull image or Failed to re-pull image will be reported. For details about how to view Kubernetes events, see Viewing Pod Events.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Troubleshooting
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Determine the cause based on the events, as listed in Table 1.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
@@ -87,8 +87,9 @@ spec:
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Check Item 2: Whether the Image Address Is Correct When a Third-Party Image Is Used
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      CCE allows you to create workloads using images pulled from third-party image repositories.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      You need to enter the third-party image addresses based on specific requirements. The image addresses must be in the format of ip:port/path/name:version or name:version. If no version is specified, latest is used by default.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • For a private repository, enter an image address in the format of ip:port/path/name:version.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • For an open source Docker repository, enter an image address in the format of name:version, for example, nginx:latest.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      You need to enter the third-party image addresses based on specific requirements. The image address must be in the format of domainname/organization/imagename:tag. If no version is specified, latest is used by default.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • For a private repository, enter the image address in the format of domainname/organization/imagename:tag.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • For an open-source Docker repository, enter the image address in the format of name:version, for example, nginx:latest.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      When you fail to pull an image due to incorrect image address provided, information similar to the following information is displayed in the Kubernetes events:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Failed to pull image "nginx:v1.1": rpc error: code = Unknown desc = Error response from daemon: Get https://registry-1.docker.io/v2/: dial tcp: lookup registry-1.docker.io: no such host
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
@@ -102,7 +103,7 @@ spec:
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Failed create pod sandbox: rpc error: code = Unknown desc = failed to create a sandbox for pod "nginx-6dc48bf8b6-l8xrw": Error response from daemon: mkdir xxxxx: no space left on device
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      You can obtain the disk space for storing images on a node by running the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      lvs
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Solution 1: Clearing images
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Perform the following operations to clear unused images:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Nodes that use containerd
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        1. Obtain local images on the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          crictl images -v
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2. Delete the unnecessary images by image ID.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          crictl rmi {Image ID}
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
@@ -238,7 +239,7 @@ systemctl restart docker
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Check Item 6: Whether the Image Size Is Too Large
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          The pod events contain "Failed to pull image". This may be caused by a large image size.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Failed to pull image "XXX": rpc error: code = Unknown desc = context canceled
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          However, the image can be manually pulled by running the docker pull command on the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Possible cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Possible Cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          In Kubernetes clusters, there is a default timeout period for pulling images. If the image pulling progress is not updated within a certain period of time, the pulling will be canceled. If the node performance is poor or the image size is too large, the image may fail to be pulled and the workload may fail to be started.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • (Recommended) Solution 1:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the node and manually pull the image.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Nodes that use containerd:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                crictl pull <image-address>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
@@ -251,7 +252,7 @@ systemctl restart docker
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Check Item 7: Whether the Image Repository Can Be Accessed
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Symptom
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                An error message similar to the following is displayed during workload creation:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Failed to pull image "docker.io/bitnami/nginx:1.22.0-debian-11-r3": rpc error: code = Unknown desc = Error response from daemon: Get https://registry-1.docker.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Possible cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Possible Cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                The image repository cannot be accessed due to the network problems. SWR allows you to pull images only from the official Docker repository. To pull images from other repositories, you need to access the Internet.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Bind a public IP address to the node to which the image needs to be pulled.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Push images to SWR and then pull them from SWR to your nodes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
@@ -261,7 +262,7 @@ systemctl restart docker
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                ERROR: toomanyrequests: Too Many Requests.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Or
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                you have reached your pull rate limit, you may increase the limit by authenticating an upgrading: https://www.docker.com/increase-rate-limits.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Possible cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Possible Cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Docker Hub sets limits for the maximum number of container image pull requests. For details, see Docker Hub pull usage and limits.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Push the frequently used images to SWR and then pull them from SWR to your nodes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
diff --git a/docs/cce/umn/cce_faq_00018.html b/docs/cce/umn/cce_faq_00018.html
index 63397df6a..7b5edec42 100644
--- a/docs/cce/umn/cce_faq_00018.html
+++ b/docs/cce/umn/cce_faq_00018.html
@@ -1,92 +1,119 @@
 
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                What Should I Do If Container Startup Fails?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Fault Locating
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                On the details page of a workload, if an event is displayed indicating that the container fails to be started, perform the following operations to locate the fault:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                1. Log in to the node where the abnormal workload is located.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                2. Check the ID of the container where the workload pod exits abnormally.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the node is a Docker node, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  What Should I Do If a Pod Startup Fails?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Fault Locating
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  On the details page of a workload, if an event is displayed indicating that the pod fails to be started, perform the following operations to locate the fault:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the node where the abnormal workload is located.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. Check the ID of the container where the workload pod exits abnormally.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If the node uses Docker, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    docker ps -a | grep $podName
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If the node is a containerd node, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    crictl ps -a | grep $podName
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If the node uses containerd, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    crictl ps -a | grep $podName
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  3. View the logs of the corresponding container.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If the node is a Docker node, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  4. View the container logs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If the node uses Docker, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    docker logs $containerID
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If the node is a containerd node, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    crictl logs $containerID
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If the node uses containerd, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    crictl logs $containerID
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Rectify the fault of the workload based on logs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  5. Check the error logs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    cat /var/log/messages | grep $containerID  | grep oom
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Check whether the system OOM is triggered based on the logs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  6. Check the error logs of the OS. For example, check whether the logs contain any OOM errors.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    cat /var/log/messages | grep $containerID  | grep oom
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Check whether a system OOM is triggered based on the logs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Troubleshooting
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Determine the cause based on the event information, as listed in Table 1.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Troubleshooting
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Determine the cause based on the logs or events, as listed in Table 1.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
-
diff --git a/docs/cce/umn/cce_faq_00202.html b/docs/cce/umn/cce_faq_00202.html
index 9fa23bc09..07a1996d2 100644
--- a/docs/cce/umn/cce_faq_00202.html
+++ b/docs/cce/umn/cce_faq_00202.html
@@ -7,7 +7,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Check Item 1: Container and Container Port
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Log in to the CCE console or use kubectl to obtain the pod IP address. Then, log in to the node or the pod and run curl to manually call the API and check whether the expected result is returned.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If {Container IP address}:{Port number} is not accessible, log in to the service container, and attempt to access 127.0.0.1:{Port number}.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Common issues:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Common Issues
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. The container port is incorrectly configured (the container does not listen to the access port).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. The URL does not exist (no related path exists in the container).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  3. A Service exception (a Service bug in the container) occurs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  4. Check whether the cluster network kernel component is abnormal (container tunnel network model: openswitch kernel component; VPC network model: ipvlan kernel component).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Check Item 2: Node IP Address and Node Port
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Only NodePort or LoadBalancer Services can be accessed using the node IP address and node port.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -16,20 +16,20 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  nodePort: 30637 indicates the exposed node port. targetPort: 80 indicates the exposed pod port. port: 123 is the exposed Service port. LoadBalancer Services also use this port to configure the ELB listener.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  After finding the node port (nodePort), access <IP address>:<port> of the node where the container is located and check whether the expected result is returned.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Common issues:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Common Issues
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. The service port is not allowed in the inbound rules of the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. A custom route is incorrectly configured for the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  3. The label of the pod does not match that of the Service (created using kubectl or API).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Check Item 3: ELB IP Address and Port
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  There are several possible causes if <IP address>:<port> of the ELB cannot be accessed, but <IP address>:<port> of the node can be accessed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Possible causes:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • The backend server group of the port or URL does not meet the expectation.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • The security group on the node has not exposed the related protocol or port to the ELB.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • The health check of the layer-4 load balancing is not enabled.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • The certificate used for Services of layer-7 load balancing has expired.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Common issues:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. When exposing a layer-4 ELB load balancer, if you have not enabled health check on the console, the load balancer may route requests to abnormal nodes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. For UDP access, the ICMP port of the node has not been allowed in the inbound rules.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  3. The label of the pod does not match that of the Service (created using kubectl or API).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • The backend server group of the port or URL does not meet the expectation.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • The security group on the node has not exposed the related protocol or port to the ELB.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • The health check of the Layer 4 load balancing is not enabled.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • The certificate used for Services of layer-7 load balancing has expired.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Common Issues
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. When exposing a Layer 4 ELB load balancer, if you have not enabled health check on the console, the load balancer may route requests to abnormal nodes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. For UDP access, the ICMP port of the node has not been allowed in the inbound rules.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  3. The label of the pod does not match that of the Service (created using kubectl or API).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Check Item 4: NAT Gateway + Port
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Generally, no EIP is configured for the backend server of NAT. Otherwise, exceptions such as network packet loss may occur.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Check Item 5: Whether the Security Group of the Node Where the Container Is Located Allows Access
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Log in to the management console and choose Service List > Networking > Virtual Private Cloud. On the Network console, choose Access Control > Security Groups, locate the security group rule of the CCE cluster, and modify and harden the security group rule.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Check Item 5: Whether the Security Group of the Node Where the Container Is Located Allows Access
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Log in to the management console and choose Service List > Networking > Virtual Private Cloud. On the Network console, choose Access Control > Security Groups, locate the security group rule of the CCE cluster, and modify and harden the security group rule.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • CCE cluster:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The security group name of the node is {Cluster name}-cce-node-{Random characters}.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • CCE Turbo cluster:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The security group name of the node is {Cluster name}-cce-node-{Random characters}.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The name of the security group associated with the containers is {Cluster name}-cce-eni-{Random characters}.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
diff --git a/docs/cce/umn/cce_faq_00203.html b/docs/cce/umn/cce_faq_00203.html
index 248238315..085f702d0 100644
--- a/docs/cce/umn/cce_faq_00203.html
+++ b/docs/cce/umn/cce_faq_00203.html
@@ -4,9 +4,9 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    CCE does not return any error code when you fail to access your applications using a browser. Check your services first.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    404 Not Found
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If the error code shown in the following figure is returned, it indicates that the ELB cannot find the corresponding forwarding policy. Check the forwarding policies.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Figure 1 404:ALB
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Figure 1 404:ALB
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If the error code shown in the following figure is returned, it indicates that errors occur on Nginx (your services). In this case, check your services.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Figure 2 404:nginx/1.**.*
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Figure 2 404:nginx/1.**.*
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
diff --git a/docs/cce/umn/cce_faq_00205.html b/docs/cce/umn/cce_faq_00205.html
index a42e96c5c..3a6b8b7c0 100644
--- a/docs/cce/umn/cce_faq_00205.html
+++ b/docs/cce/umn/cce_faq_00205.html
@@ -10,7 +10,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • What Should I Do If a Container Fails to Access the Internet?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • What Should I Do If a Node Fails to Connect to the Internet (Public Network)?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • What Should I Do If a Node Fails to Access the Internet?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • What Could Cause Access Exceptions After Configuring an HTTPS Certificate for a LoadBalancer Ingress?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • 
diff --git a/docs/cce/umn/cce_faq_00215.html b/docs/cce/umn/cce_faq_00215.html
index 2fb7d852f..153c4c0cc 100644
--- a/docs/cce/umn/cce_faq_00215.html
+++ b/docs/cce/umn/cce_faq_00215.html
@@ -4,12 +4,16 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
diff --git a/docs/cce/umn/cce_faq_00218.html b/docs/cce/umn/cce_faq_00218.html
index 38f790ef4..0a5c39ff6 100644
--- a/docs/cce/umn/cce_faq_00218.html
+++ b/docs/cce/umn/cce_faq_00218.html
@@ -2,7 +2,7 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    What Should I Do If the Host Cannot Be Found When Files Need to Be Uploaded to OBS During the Access to the CCE Service from a Public Network?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    When a Service deployed on CCE attempts to upload files to OBS after receiving an access request from an offline machine, an error message is displayed, indicating that the host cannot be found. The following figure shows the error message.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Fault Locating
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    After receiving the HTTP request, the Service transfers files to OBS through the proxy.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If too many files are transferred, a large number of resources are consumed. Currently, the proxy is assigned 128 MiB of memory. According to pressure test results, resource consumption is large, resulting in request failure.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The test results show that all traffic passes through the proxy. Therefore, if the service volume is large, more resources need to be allocated.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
diff --git a/docs/cce/umn/cce_faq_00263.html b/docs/cce/umn/cce_faq_00263.html
index d29fb7f69..861d317a4 100644
--- a/docs/cce/umn/cce_faq_00263.html
+++ b/docs/cce/umn/cce_faq_00263.html
@@ -4,7 +4,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Symptom
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The vdb disk of a node is damaged and the node cannot be recovered after reset.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Error Scenarios
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • On a normal node, delete the LV and VG. The node is unavailable.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Reset an abnormal node, and a syntax error is reported. The node is unavailable.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The following figure shows the details.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Fault Locating
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If the volume group (VG) on the node is deleted or damaged and cannot be identified, you need to manually restore the VG first to prevent your data disks from being formatted by mistake during the reset.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
diff --git a/docs/cce/umn/cce_faq_00265.html b/docs/cce/umn/cce_faq_00265.html
index 33a4b58dc..5f5f3a9e6 100644
--- a/docs/cce/umn/cce_faq_00265.html
+++ b/docs/cce/umn/cce_faq_00265.html
@@ -1,8 +1,8 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    How Can I Configure a Security Group Rule for a Cluster?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    CCE is a universal container platform. Its default security group rules apply to common scenarios. When a cluster is created, a security group is automatically created for the master nodes and worker nodes, separately. The name of the master node security group is in the format of {Cluster name}-cce-control-{Random ID}, and that of the worker node security group is in the format of {Cluster name}-cce-node-{Random ID}. For a CCE Turbo cluster, an additional ENI security group, with the name following the format of {Cluster name}-cce-eni-{Random ID}, will be created.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    To modify the security group rules, log in to the management console and choose Service List > Networking > Virtual Private Cloud. On the page displayed, choose Access Control > Security Groups in the navigation pane, locate the rpw containing the target security group, and modify the rules.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    CCE is a universal container platform. Its default security group rules apply to common scenarios. When a cluster is created, a security group is automatically created for the master nodes and worker nodes, separately. The name of the master node security group is in the format of {Cluster name}-cce-control-{Random ID}, and that of the worker node security group is in the format of {Cluster name}-cce-node-{Random ID}. For a CCE Turbo cluster, an additional elastic network interface security group, with the name following the format of {Cluster name}-cce-eni-{Random ID}, will be created.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    You can log in to the VPC console, choose Access Control > Security Groups in the navigation pane, and modify the security group rules for the cluster based on your security requirements.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    You can check the default security group rules of clusters using different network models in:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Be careful when modifying or removing security group rules as it could impact the cluster's operation. Avoid modifying the rules for the ports essential to CCE.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • When adding a security group rule, ensure that this rule does not conflict with the existing rules. If there is a conflict, existing rules may become invalid, affecting cluster running.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
@@ -34,7 +34,7 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
-
-
-
-
-
-
@@ -179,7 +179,7 @@
 
-
-
-
@@ -237,7 +237,7 @@
 
-
-
-
-
-
-
-
@@ -379,7 +379,7 @@
 
-
-
-
@@ -437,7 +437,7 @@
 
-
-
-
-
-
-
-
@@ -572,7 +572,7 @@
 
-
-
-
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Table 1 Container startup failure
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Log or Event
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
+
-
-
+
-
-
+
-
-
+
-
-
+
-
-
+
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Table 1 Pod startup failure
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Log or Event
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Cause and Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Possible Cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Fault Locating and Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The log contains exit(0).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Pod logs: exit code 0
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  No process exists in the container.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Check whether the container is running properly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Check Item 1: Whether There Are Processes that Keep Running in the Container (Exit Code: 0)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  There is no process in the pod.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Check whether the pod can run properly. For details, see No Process in the Pod (Exit Code: 0).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Event information: Liveness probe failed: Get http...
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The log contains exit(137).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Kubernetes event:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Liveness probe failed: Get http…
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Pod logs: exit code 137
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Health check fails.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Check Item 2: Whether Health Check Fails to Be Performed (Exit Code: 137)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The health check fails.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Check whether the liveness probe for the pod is properly configured. For details, see Health Check Failed (Exit Code: 137).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Event:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Thin Pool has 15991 free data blocks which are less than minimum required 16383 free data blocks. Create more free space in thin pool or use dm.min_free_space option to change behavior
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Kubernetes event:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Thin Pool has 15991 free data blocks which is less than minimum required 16383 free data blocks. Create more free space in thin pool or use dm.min_free_space option to change behavior
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Pod logs: no left space
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The disk space is insufficient. Clear the disk space.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Check Item 3: Whether the Container Disk Space Is Insufficient
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The disk space is insufficient.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Expand the disk space or clear unneeded files. For details, see Insufficient Disk Space of the Pod.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The keyword OOM exists in the log.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Pod logs: oom
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The memory is insufficient.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Check Item 4: Whether the Upper Limit of Container Resources Has Been Reached
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Check Item 5: Whether the Resource Limits Are Improperly Configured for the Container
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The pod memory is insufficient.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Check whether the pod has proper resource settings. For details, see Insufficient Container Resources.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Address already in use
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Pod logs: Address already in use
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  A conflict occurs between container ports in the pod.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Check Item 6: Whether the Container Ports in the Same Pod Conflict with Each Other
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  A conflict occurs between container ports in the pod.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Check whether there is a container port conflict in the pod. For details, see Container Port Conflict in the Pod.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Error: failed to start container "filebeat": Error response from daemon: OCI runtime create failed: container_linux.go:330: starting container process caused "process_linux.go:381: container init caused \"setenv: invalid argument\"": unknown
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Kubernetes event:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Error: failed to start container "filebeat": Error response from daemon: OCI runtime create failed: container_linux.go:330: starting container process caused "process_linux.go:381: container init caused \"setenv: invalid argument\"": unknown
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  A secret is mounted to the workload, and the value of the secret is not encrypted using Base64.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Check Item 7: Whether the Value of the Secret Mounted to the Workload Meets Requirements
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  A secret is mounted to the workload, and the value of the secret is not encrypted using Base64.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  For details about the solution, see Improper Value of the Secret Mounted to the Workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Kubernetes event:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  the failed container exited with ExitCode: 255
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The x86 container image may run on an Arm node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  For details about the solution, see Unmatched Container Image Tag with the Node Architecture.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Kubernetes event:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  the failed container exited with ExitCode: 141
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The containerd version is incompatible with the tail version.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  For details about the solution, see Exit of tail -f xx in the Container Startup Command (Exit Code: 141).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Other pod logs
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Locate the fault based on services.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  For details about the fault locating, see Service Setting Checks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  In addition to the preceding possible causes, there are some other possible causes:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Figure 1 Troubleshooting process of the container restart failure
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Check Item 1: Whether There Are Processes that Keep Running in the Container (Exit Code: 0)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the node where the abnormal workload is located.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. View the container status.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If the node is a Docker node, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    No Process in the Pod (Exit Code: 0)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Log in to the node where the abnormal workload is located.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2. View the pod status.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If the node uses Docker, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      docker ps -a | grep $podName
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If the node is a containerd node, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      crictl ps -a | grep $podName
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If the node uses containerd, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      crictl ps -a | grep $podName
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If no running process exists in the container, the status code Exited (0) is displayed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Below shows an example.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If there is no process in the pod, the status code Exited (0) is displayed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Check Item 2: Whether Health Check Fails to Be Performed (Exit Code: 137)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The health check configured for a workload is performed on services periodically. If an exception occurs, the pod reports an event and the pod fails to be restarted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If the liveness-type (workload liveness probe) health check is configured for the workload and the number of health check failures exceeds the threshold, the containers in the pod will be restarted. On the workload details page, if Kubernetes events contain Liveness probe failed: Get http..., the health check fails.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Health Check Failed (Exit Code: 137)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The health checks configured for a workload are performed on services periodically. If an exception occurs, there will be an event that indicates an unhealthy pod, and the pod restarts will fail.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If a liveness probe is configured for the workload and the number of health check failures exceeds the threshold, the pod will be restarted. On the workload details page, if Kubernetes events contain Liveness probe failed: Get http..., the health check fails.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Click the workload name to go to the workload details page, click the Containers tab. Then select Health Check to check whether the policy is proper or whether services are running properly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Check Item 3: Whether the Container Disk Space Is Insufficient
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The following message refers to the thin pool disk that is allocated from the Docker disk selected during node creation. You can run the lvs command as user root to view the current disk usage.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Thin Pool has 15991 free data blocks which are less than minimum required 16383 free data blocks. Create more free space in thin pool or use dm.min_free_space option to change behavior
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Insufficient Disk Space of the Pod
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The following message refers to the thin pool disk that is allocated from the Docker disk selected during node creation. You can run the lvs command as user root to view the current disk usage.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Thin Pool has 15991 free data blocks which is less than minimum required 16383 free data blocks. Create more free space in thin pool or use dm.min_free_space option to change behavior
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Solution 1: Clearing images
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Perform the following operations to clear unused images:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Nodes that use containerd
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Obtain local images on the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        crictl images -v
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
@@ -202,51 +229,56 @@ vda                                   8:0    0   50G  0 disk
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Check Item 4: Whether the Upper Limit of Container Resources Has Been Reached
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the upper limit of container resources has been reached, OOM will be displayed in the event details as well as in the log:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Insufficient Container Resources
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the upper limit of container resources has been reached, OOM will be displayed in the event details as well as in the log:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  cat /var/log/messages | grep 96feb0a425d6 | grep oom
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  When a workload is created, if the requested resources exceed the configured upper limit, the system OOM is triggered and the container exits unexpectedly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Check Item 5: Whether the Resource Limits Are Improperly Configured for the Container
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the resource limits set for the container during workload creation are less than required, the container fails to be restarted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Check Item 6: Whether the Container Ports in the Same Pod Conflict with Each Other
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the node where the abnormal workload is located.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. Check the ID of the container where the workload pod exits abnormally.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If the node is a Docker node, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Container Port Conflict in the Pod
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Log in to the node where the abnormal workload is located.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2. Check the ID of the container where the workload pod exits abnormally.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If the node uses Docker, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      docker ps -a | grep $podName
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If the node is a containerd node, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      crictl ps -a | grep $podName
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If the node uses containerd, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      crictl ps -a | grep $podName
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3. View the logs of the corresponding container.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If the node is a Docker node, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4. View the container logs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If the node uses Docker, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      docker logs $containerID
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If the node is a containerd node, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      crictl logs $containerID
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If the node uses containerd, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      crictl logs $containerID
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Rectify the fault of the workload based on logs. As shown in the following figure, container ports in the same pod conflict. As a result, the container fails to be started.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Figure 2 Container restart failure due to a container port conflict
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Figure 1 Pod restart failure due to a container port conflict
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Re-create the workload and set a port number that is not used by any other pod.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Configure proper container ports that do not conflict with each other. Then, create the workload again.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If a pod uses the host network (with hostNetwork: true configured), there may be a container port conflict. This is because containers in the pod share the network interface and port range with the host node. Multiple pods using the same port cannot run on the same node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Check Item 7: Whether the Value of the Secret Mounted to the Workload Meets Requirements
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Information similar to the following is displayed in the event:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Improper Value of the Secret Mounted to the Workload
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Information similar to the following is displayed in the event:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Error: failed to start container "filebeat": Error response from daemon: OCI runtime create failed: container_linux.go:330: starting container process caused "process_linux.go:381: container init caused \"setenv: invalid argument\"": unknown
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The root cause is that a secret is mounted to the workload, but the value of the secret is not encrypted using Base64.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Create a secret on the console. The value of the secret is automatically encrypted using Base64.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If you use YAML to create a secret, you need to manually encrypt its value using Base64.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    # echo -n "Content to be encoded" | base64
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    echo -n "Content to be encoded" | base64
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Check Item 8: Whether the Container Startup Command Is Correctly Configured
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The error messages are as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Click the workload name to go to the workload details page, click the Containers tab. Choose Lifecycle, click Startup Command, and ensure that the command is correct.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Unmatched Container Image Tag with the Node Architecture
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The proper image tag is not used during the workload creation on an Arm node. To resolve this issue, use the proper image tag.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Check Item 9: Whether the User Service Has a Bug
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Check whether the workload startup command is correctly executed or whether the workload has a bug.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Log in to the node where the abnormal workload is located.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2. Check the ID of the container where the workload pod exits abnormally.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If the node is a Docker node, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Exit of tail -f xx in the Container Startup Command (Exit Code: 141)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The Kubernetes event is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      the failed container exited with ExitCode: 141
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Possible Cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The legacy version of containerd is incompatible with the tail version (≥ 8.28) in the container image. As a result, executing the tail -f command leads to an unexpected exit, returning exit code 141.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Temporary Workaround
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Change tail -f xx in the startup parameters to sleep 2 && tail -f xx and create a workload again.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Upgrade the cluster to v1.25.16-r20, v1.27.16-r20, v1.28.15-r10, v1.29.10-r10, v1.30.6-r10, v1.31.4-r0, or later.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Reset the node and use the Docker container engine instead.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Service Setting Checks
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Check whether the workload startup command is correctly executed or whether the workload has a bug.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Log in to the node where the abnormal workload is located.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2. Check the ID of the container where the workload pod exits abnormally.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        If the node uses Docker, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        docker ps -a | grep $podName
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        If the node is a containerd node, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        crictl ps -a | grep $podName
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        If the node uses containerd, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        crictl ps -a | grep $podName
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      3. View the logs of the corresponding container.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        If the node is a Docker node, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      4. View the container logs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        If the node uses Docker, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        docker logs $containerID
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        If the node is a containerd node, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        crictl logs $containerID
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        If the node uses containerd, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        crictl logs $containerID
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Note: In the preceding command, containerID indicates the ID of the container that has exited.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Figure 3 Incorrect startup command of the container
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Figure 2 Incorrect startup command of the container
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        As shown in the figure above, the container fails to be started due to an incorrect startup command. For other errors, rectify the bugs based on the logs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_faq_00020.html b/docs/cce/umn/cce_faq_00020.html
index f289f7d93..d6c93651c 100644
--- a/docs/cce/umn/cce_faq_00020.html
+++ b/docs/cce/umn/cce_faq_00020.html
@@ -3,9 +3,9 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      How Do I Rectify Failures When the NVIDIA Driver Is Used to Start Containers on GPU Nodes?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Did a Resource Scheduling Failure Event Occur on a Cluster Node?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Symptom
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      A node is running properly and has GPU resources. However, the following error information is displayed:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      0/9 nodes are available: 9 insufficient nvida.com/gpu
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Analysis
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Check whether the node is attached with NVIDIA label.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        0/9 nodes are available: 9 insufficient nvidia.com/gpu
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Fault Locating
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        1. Check whether the node is attached with NVIDIA label.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2. Check whether the NVIDIA driver is running properly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Log in to the node where the add-on is running and view the driver installation log in the following path:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          /opt/cloud/cce/nvidia/nvidia_installer.log
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_faq_00022.html b/docs/cce/umn/cce_faq_00022.html
index 958985cdd..3b47d00c4 100644
--- a/docs/cce/umn/cce_faq_00022.html
+++ b/docs/cce/umn/cce_faq_00022.html
@@ -1,7 +1,7 @@
 
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          What Should I Do If a Node Fails to Connect to the Internet (Public Network)?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          If a node fails to be connected to the Internet, perform the following operations:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          What Should I Do If a Node Fails to Access the Internet?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          If a node cannot access the Internet, you can check the items described in this section and resolve the issue.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Check Item 1: Whether an EIP Has Been Bound to the Node
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Log in to the ECS console and check whether an EIP has been bound to the ECS corresponding to the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          If there is an IP address in the EIP column, an EIP has been bound. If there is no IP address in that column, bind one.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_faq_00025.html b/docs/cce/umn/cce_faq_00025.html
index 27d8a8a45..60318a1b7 100644
--- a/docs/cce/umn/cce_faq_00025.html
+++ b/docs/cce/umn/cce_faq_00025.html
@@ -2,7 +2,7 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          How Can I Access a Cluster API Server?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          You can use either of the following methods to access a cluster API server:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • (Recommended) Through the cluster API. This access mode uses certificate authentication. It is suitable for API calls on scale thanks to its direct connection to the API Server. This is a recommended option.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • API Gateway. This access mode uses token authentication. You need to obtain a toke using your account. This access mode applies to small-scale API calls. API gateway flow control may be triggered when APIs are called on scale.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • (Recommended) Through the cluster API. This access mode uses certificate authentication. It is suitable for API calls on scale thanks to its direct connection to the API Server. This is a recommended option.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Through API Gateway. This access mode uses token authentication. You need to obtain a toke using your account. This access mode applies to small-scale API calls. API gateway flow control may be triggered when APIs are called on scale.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_faq_00027.html b/docs/cce/umn/cce_faq_00027.html
index 19b8204b4..9d802281d 100644
--- a/docs/cce/umn/cce_faq_00027.html
+++ b/docs/cce/umn/cce_faq_00027.html
@@ -17,7 +17,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Scenario 1: IP addresses in the VPC CIDR block are not used up.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            When creating a node, you can select a new node subnet in the network configuration. If no node subnet is available, you can go to the VPC console and create a node subnet. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Scenario 2: All IP addresses in the VPC CIDR block have been used up.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            If all IP addresses in the VPC CIDR block have been used up, you need to expand the VPC CIDR block and create a node subnet.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the management console. In the service list, choose Virtual Private Cloud. In the VPC list, locate the row containing the target VPC and click Edit CIDR block in the Operation column.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            2. Scenario 2: All IP addresses in the VPC CIDR block have been used up.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              If all IP addresses in the VPC CIDR block have been used up, you need to expand the VPC CIDR block and create a node subnet.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              1. Log in to the management console. In the service list, choose Virtual Private Cloud. In the VPC list, locate the row containing the target VPC and click Edit CIDR block in the Operation column.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              2. After adding a secondary CIDR block, click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              3. In the navigation pane, choose Subnets and click Create Subnet to create a subnet for the VPC where the cluster resides.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
@@ -30,18 +30,18 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Check Item 2: EIP Quota
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Symptom
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          When a node is added, EIP is set to Auto create. The node cannot be created, and a message indicating that EIPs are insufficient is displayed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Check Item 2: EIP Quota
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Symptom
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          When a node is added, EIP is set to Auto create. The node cannot be created, and a message indicating that EIPs are insufficient is displayed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Two methods are available to solve the problem.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Method 1: Unbind the VMs bound with EIPs and add a node again.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the management console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            2. Choose Service List > Compute > Elastic Cloud Server.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            3. In the ECS list, locate the target ECS and click its name.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            4. On the page displayed, click the EIPs tab. In the EIP list, locate the row containing the target EIP, click Unbind, and click Yes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            5. Return to the page for adding a node on the CCE console, select Use existing for EIP, and add the node again.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Method 1: Unbind the VMs bound with EIPs and add a node again.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              1. Log in to the management console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              2. Choose Service List > Compute > Elastic Cloud Server.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              3. In the ECS list, locate the target ECS and click its name.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              4. On the page displayed, click the EIPs tab. In the EIP list, locate the row containing the target EIP, click Unbind, and then click Yes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              5. Return to the page for adding a node on the CCE console, select Use existing for EIP, and add the node again.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Method 2: Increase the EIP quota.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Check Item 3: Security Group
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Symptom
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            A node cannot be added to a CCE cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            You can click the cluster name to view the cluster details. In the Networking Configuration area, click the icon next to the value of Default Node Security Group to check whether the default security group is deleted and whether the security group rules comply with How Can I Configure a Security Group Rule for a Cluster?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            If your account has multiple clusters and you need to manage network security policies of nodes in a unified manner, you can specify custom security groups.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Click the cluster name to access the Overview page. In the Networking Configuration area, click the icon next to the value of Default Node Security Group to check whether the default security group is deleted and whether the security group rules comply with How Can I Configure a Security Group Rule for a Cluster?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            If your account has multiple clusters and you need to manage network security policies of nodes centrally, you can specify custom security groups.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
@@ -52,6 +52,18 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            You can click Increase Quota to go to the corresponding page and increase the quota.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Check Item 5: Private DNS Resolution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          During node creation, software packages are downloaded from OBS via the domain name. A private DNS server must be used to resolve the OBS domain name. Therefore, the DNS server address of the subnet where the node resides must be set to a private DNS server address so that the node can access the private DNS server. By default, the private DNS server is used when you create a subnet. However, if you have modified the subnet DNS, verify that the DNS server in use can resolve the OBS domain name. If it cannot, you will need to use the private DNS server.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          To confirm and modify the DNS of the subnet where the node resides, take the following steps:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. View the node subnet.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • For the default node pool: In the navigation pane, choose Overview. In the Networking Configuration area, view the subnet name.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • For a custom node pool: In the navigation pane, choose Nodes. On the Node Pools tab, click the node pool name to view the name of the subnet associated with the node pool. A node pool can be associated with multiple subnets.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. Confirm and modify the DNS of the node subnet. If there are multiple node subnets, confirm and modify them one by one.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the VPC console and choose Subnets from the navigation pane.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            2. Search for the name of the subnet where the node is located in the search box and click the subnet name.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            3. Confirm and modify the DNS server address. You are advised to add the default private DNS.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_faq_00029.html b/docs/cce/umn/cce_faq_00029.html
index a2346a806..0929e12bc 100644
--- a/docs/cce/umn/cce_faq_00029.html
+++ b/docs/cce/umn/cce_faq_00029.html
@@ -10,7 +10,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        3. What Should I Do If a Pod Fails to Pull the Image?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4. 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        4. What Should I Do If Container Startup Fails?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        5. What Should I Do If a Pod Startup Fails?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          6. 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        6. What Should I Do If a Pod Fails to Be Evicted?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          7. 
diff --git a/docs/cce/umn/cce_faq_00030.html b/docs/cce/umn/cce_faq_00030.html
index 928209085..f76b19ffa 100644
--- a/docs/cce/umn/cce_faq_00030.html
+++ b/docs/cce/umn/cce_faq_00030.html
@@ -3,7 +3,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          How Do I Change the Node Specifications in a CCE Cluster?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          If the node whose specifications need to be changed is accepted into the cluster for management, remove the node from the cluster and then change the node specifications to avoid affecting services.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Log in to the CCE console and click the cluster. In the navigation pane, choose Nodes. Click the name of the node to display the ECS details page.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. In the upper right corner of the ECS details page, click Stop. After the ECS is stopped, choose More > Modify Specifications.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. On the Modify ECS Specifications page, select a flavor name and click Submit to finish the specification modification. Return to ECS list page and choose More > Start to start the ECS.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Nodes. Locate the target node in the node list, and click Sync Server Data in the Operation column. After the synchronization is complete, you can view that the node specifications are the same as the modified specifications of the ECS.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Log in to the CCE console and click the cluster. In the navigation pane, choose Nodes. Click the name of the node to display the ECS details page.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2. In the upper right corner of the ECS details page, click Stop. After the ECS is stopped, choose More > Modify Specifications.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3. On the Modify ECS Specifications page, select a flavor name and click Submit to finish the specification modification. Return to ECS list page and choose More > Start to start the ECS.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Nodes. Locate the target node in the node list, and click Sync Server Data in the Operation column. After the synchronization is complete, you can view that the node specifications are the same as the modified specifications of the ECS.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Common Issues
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          After the specifications of a node configured with CPU management policies are changed, the node may fail to be rebooted or workloads may fail to be created. In this case, see What Should I Do If I Fail to Restart or Create Workloads on a Node After Modifying the Node Specifications? to rectify the fault.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/cce_faq_00039.html b/docs/cce/umn/cce_faq_00039.html
index d81368970..b893e66fd 100644
--- a/docs/cce/umn/cce_faq_00039.html
+++ b/docs/cce/umn/cce_faq_00039.html
@@ -2,18 +2,18 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          How Do I Locate the Fault When a Cluster Is Unavailable?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          This section provides you with some operations to locate the fault when a cluster becomes unavailable.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Troubleshooting
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          The issues here are described in order of how likely they are to occur.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Check these causes one by one until you find the cause of the fault.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Fault Locating
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Possible causes are described here in order of how likely they are to occur.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          If the fault persists after you have ruled out a cause, check other causes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          If the fault persists, contact the customer service to help you locate the fault.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Check Item 1: Whether the Security Group Is Modified
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1. Log in to the management console and choose Service List > Networking > Virtual Private Cloud. In the navigation pane, choose Access Control > Security Groups and find the security group of the master node in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            The name of this security group is in the format of Cluster name-cce-control-ID.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Check Item 1: Whether the Security Group Is Modified
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the management console and choose Service List > Networking > Virtual Private Cloud. In the navigation pane, choose Access Control > Security Groups and find the security group of the master node in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              The name of this security group is in the format of Cluster name-cce-control-ID.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            2. Click the security group. On the details page displayed, ensure that the security group rules of the master node are correct.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              For details, see How Can I Configure a Security Group Rule for a Cluster?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Check Item 2: Whether the Cluster Is Overloaded
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Symptom
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            The resource usage on the master nodes in the cluster reaches 100%.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Possible cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Possible Cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            When a cluster has a large number of resources created simultaneously, it causes an overload on the API server. This, in turn, overloads the master nodes and leads to OOM issues.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Increase the cluster management scale. A larger cluster management scale means higher capacity and improved performance of the master nodes. For details, see Changing Cluster Scale.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
diff --git a/docs/cce/umn/cce_faq_00041.html b/docs/cce/umn/cce_faq_00041.html
index 305a06978..54df8f194 100644
--- a/docs/cce/umn/cce_faq_00041.html
+++ b/docs/cce/umn/cce_faq_00041.html
@@ -1,7 +1,7 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            How Do I Download kubeconfig for Connecting to a Cluster Using kubectl?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            1. Log in to the CCE console and click the name of the target cluster to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            2. In the Connection Information area, check the kubectl access mode.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            3. In the window that slides out from the right, download the kubectl configuration file (kubeconfig.json).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Figure 1 Downloading kubeconfig.json
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              1. Log in to the CCE console and click the name of the target cluster to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              2. In the Connection Information area, check the kubectl access mode.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              3. In the window that slides out from the right, download the kubectl configuration file (kubeconfig.json).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Figure 1 Downloading kubeconfig.json
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
diff --git a/docs/cce/umn/cce_faq_00089.html b/docs/cce/umn/cce_faq_00089.html
index 0e10669a2..d9536594d 100644
--- a/docs/cce/umn/cce_faq_00089.html
+++ b/docs/cce/umn/cce_faq_00089.html
@@ -1,7 +1,7 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Can I Create a CCE Node Without Adding a Data Disk to the Node?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • If System Component Storage is set to System Disk, you do not need to add a data disk.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Data disks are required if System Component Storage is set to Data Disk.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                A data disk dedicated for kubelet and the container engine will be attached to a new node. By default, CCE uses LVM to manage data disks. With LVM, you can adjust the disk space ratio for different resources on a data disk.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • If System Component Storage is set to System Disk, you do not need to add a data disk.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Data disks are required if System Component Storage is set to Data Disk.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  A data disk dedicated for kubelet and the container engine will be attached to a new node. By default, CCE uses LVM to manage data disks. With LVM, you can adjust the disk space ratio for different resources on a data disk.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the data disk is uninstalled or damaged, the container engine will malfunction and the node becomes unavailable.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
diff --git a/docs/cce/umn/cce_faq_00097.html b/docs/cce/umn/cce_faq_00097.html
index bdb0585ba..828df5c31 100644
--- a/docs/cce/umn/cce_faq_00097.html
+++ b/docs/cce/umn/cce_faq_00097.html
@@ -2,13 +2,13 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                How Do I Troubleshoot Problems Occurred When Accepting Nodes into a CCE Cluster?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Overview
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                This section describes how to troubleshoot the problems occurred when you accept or add existing ECSs to a CCE cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • While an ECS is being accepted into a cluster, the operating system of the ECS will be reset to the standard OS image provided by CCE to ensure node stability. The CCE console prompts you to select the operating system and the login mode during the reset.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • The ECS system and data disks will be formatted while the ECS is being accepted into a cluster. Ensure that data in the disks has been backed up.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • While an ECS is being accepted into a cluster, do not perform any operation on the ECS through the ECS console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • While an ECS is being accepted into a cluster, the operating system of the ECS will be reset to the standard OS image provided by CCE to ensure node stability. The CCE console prompts you to select the operating system and the login mode during the reset.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • The ECS system and data disks will be formatted while the ECS is being accepted into a cluster. Ensure that data in the disks has been backed up.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • During the acceptance of an ECS, do not perform any operation on the ECS through the ECS console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Notes and Constraints
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • ECSs can be managed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Prerequisites
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                The cloud servers to be managed must meet the following requirements:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • The node to be accepted must be in the Running state and not used by other clusters. In addition, the node to be accepted does not carry the CCE-Dynamic-Provisioning-Node tag.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • The node to be accepted and the cluster must be in the same VPC. (If the cluster version is earlier than v1.13.10, the node to be accepted and the CCE cluster must be in the same subnet.)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Data disks must be attached to the nodes to be managed if the system components of these nodes are separately stored. A local disk (disk-intensive disk) or a data disk of at least 20 GiB can be attached to the node, and any data disks already attached cannot be smaller than 10 GiB. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • The node to be accepted has 2-core or higher CPU, 4 GiB or larger memory, and only one NIC.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Only cloud servers with the same data disk configuration can be accepted in batches for management.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • If IPv6 is enabled for a cluster, only nodes in a subnet with IPv6 enabled can be accepted and managed. If IPv6 is not enabled for the cluster, only nodes in a subnet without IPv6 enabled can be accepted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Nodes in a CCE Turbo cluster must support sub-ENIs or be bound to at least 16 ENIs. For details about the node flavors, see the options provided on the console when you create a node. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Data disks that have been partitioned will be ignored during node management. Ensure that there is at least one unpartitioned data disk meeting the specifications is attached to the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • The node to be accepted must be in the Running state and not used by other clusters. In addition, the node to be accepted does not carry the CCE-Dynamic-Provisioning-Node tag.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • The node to be accepted and the cluster must be in the same VPC. (If the cluster version is earlier than v1.13.10, the node to be accepted and the CCE cluster must be in the same subnet.)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Data disks must be attached to the nodes to be managed if the system components of these nodes are stored separately. These nodes can be attached with either a local disk (disk-intensive disk) or a data disk of at least 20 GiB. Additionally, any data disks already attached must not be smaller than 10 GiB. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • The node to be accepted must have at least 2 CPU cores, 4 GiB of memory, and only one network interface.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Only cloud servers with the same data disk configuration can be accepted in batches for management.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • If IPv6 is enabled for a cluster, only nodes in a subnet with IPv6 enabled can be accepted and managed. If IPv6 is not enabled for the cluster, only nodes in a subnet without IPv6 enabled can be accepted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • CCE Turbo clusters require that each node supports supplementary network interfaces, or you will need to bind at least 16 network interfaces. For details about the node flavors, see the options provided on the console when you create a node. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Data disks that have been partitioned will be ignored during node management. Ensure that there is at least one unpartitioned data disk meeting the specifications is attached to the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Procedure
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                View the cluster log information to locate the failure cause and rectify the fault.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                1. Log in to the CCE console and click Operation Records above the cluster list to view operation records.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                2. Click the record of the Failed status to view error information.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                3. Rectify the fault based on the error information and accept the node into a cluster again.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
diff --git a/docs/cce/umn/cce_faq_00107.html b/docs/cce/umn/cce_faq_00107.html
index 360837936..dae2fc0bf 100644
--- a/docs/cce/umn/cce_faq_00107.html
+++ b/docs/cce/umn/cce_faq_00107.html
@@ -8,9 +8,9 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                According to the resolution rules of private domain names, the subnet DNS in the VPC must be set to the cloud DNS. You can find the details of the private network DNS service on its console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                The customer can perform domain name resolution on the ECSs in the VPC subnet, which indicates that the preceding configuration has been completed in the subnet.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                However, when the domain name resolution is performed in a container, the message "bad address" is displayed, indicating that the domain name cannot be resolved.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Log in to the CCE console and check the add-ons installed in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                If you find that the coredns add-on does not exist in Add-ons Installed, the coredns add-on may have been incorrectly uninstalled.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Install it and add the corresponding domain name and DNS service address to resolve the domain name.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
diff --git a/docs/cce/umn/cce_faq_00109.html b/docs/cce/umn/cce_faq_00109.html
index a4b4a071f..86e594f44 100644
--- a/docs/cce/umn/cce_faq_00109.html
+++ b/docs/cce/umn/cce_faq_00109.html
@@ -8,12 +8,12 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Fault Locating
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                1. The CCE AI Suite (NVIDIA GPU) add-on has an outdated driver version. After a new driver is downloaded and installed, the fault is rectified.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                2. You did not specify the requirement for GPUs in workloads.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Suggested Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                After you install gpu-beta (gpu-device-plugin) on a node, nvidia-smi will be automatically installed. If an error is reported during GPU deployment, this issue is typically caused by an NVIDIA driver installation failure. Check whether the NVIDIA driver has been downloaded.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • GPU node:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  # If the add-on version is earlier than 2.0.0, run the following command:
-cd /opt/cloud/cce/nvidia/bin && ./nvidia-smi
-
-# If the add-on version is 2.0.0 or later and the driver installation path is changed, run the following command:
-cd /usr/local/nvidia/bin && ./nvidia-smi
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Container:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  cd /usr/local/nvidia/bin && ./nvidia-smi
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • GPU node:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • If the add-on version is earlier than 2.0.0, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      cd /opt/cloud/cce/nvidia/bin && ./nvidia-smi
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • If the add-on version is 2.0.0 or later, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      cd /usr/local/nvidia/bin && ./nvidia-smi
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Container:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • If the cluster version is v1.27 or earlier, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      cd /usr/local/nvidia/bin && ./nvidia-smi
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • If the cluster version is v1.28 or later, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      cd /usr/bin && ./nvidia-smi
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If GPU information is returned, the device is available and the add-on has been installed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the driver address is incorrect, uninstall the add-on, reinstall it, and configure the correct address.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
diff --git a/docs/cce/umn/cce_faq_00111.html b/docs/cce/umn/cce_faq_00111.html
index 74ca0bd02..56885c7b1 100644
--- a/docs/cce/umn/cce_faq_00111.html
+++ b/docs/cce/umn/cce_faq_00111.html
@@ -1,6 +1,6 @@
 
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Why Cannot I Create a CCE Cluster?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Why Can't I Create a CCE Cluster?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Overview
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  This section describes how to locate and rectify the fault if you fail to create a CCE cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Details
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Possible causes:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
diff --git a/docs/cce/umn/cce_faq_00120.html b/docs/cce/umn/cce_faq_00120.html
index db84e206f..8cc9850bc 100644
--- a/docs/cce/umn/cce_faq_00120.html
+++ b/docs/cce/umn/cce_faq_00120.html
@@ -4,9 +4,9 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If you encountered a fault that a cluster is available but some nodes in it are unavailable, you can rectify this fault by referring to the methods provided in this section.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Mechanism for Detecting Node Unavailability
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Kubernetes provides heartbeats to help you detect whether a node is available. For details about the mechanism and detection interval, see Heartbeats.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Fault Locating
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The issues here are described in order of how likely they are to occur.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Check these causes one by one until you find the cause of the fault.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Fault Locating
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Possible causes are described here in order of how likely they are to occur.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the fault persists after you have ruled out a cause, check other causes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Check Item 1: Whether the Node Is Overloaded
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Symptom
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The node connection in the cluster is abnormal. Multiple nodes report write errors, but services are not affected.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -19,45 +19,46 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Check Item 2: Whether the ECS Is Deleted or Faulty
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Check whether the cluster is available.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Log in to the CCE console and check whether the cluster is available.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. Log in to the ECS console and view the ECS status.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • If the ECS status is Deleted, go back to the CCE console, delete the corresponding node from the node list, and create another one.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • If the ECS status is Stopped or Frozen, restore the ECS first. It takes about 3 minutes to restore the ECS.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • If the ECS is Faulty, restart the ECS to rectify the fault.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • If the ECS status is Running, log in to the ECS and locate the fault by referring to Check Item 7: Whether Internal Components Are Normal.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  3. Log in to the ECS console and view the ECS status.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • If the ECS status is Deleted, go back to the CCE console, delete the corresponding node from the node list of the cluster, and then create another one.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • If the ECS status is Stopped or Frozen, restore the ECS first. It takes about 3 minutes to restore the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • If the ECS is faulty, restart it to rectify the fault.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • If the ECS status is Running, log in to the ECS and locate the fault by referring to Check Item 7: Whether Internal Components Are Normal.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Check Item 3: Whether the ECS Can Be Logged In To 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the ECS console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. Check whether the node name displayed is the same as that on the VM and whether the password or key can be used to log in to the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If the node names are inconsistent and the node cannot be logged in to using the password or key, it means that a Cloud-Init problem occurred when the ECS was created. In this case, restart the node and submit a service ticket to the ECS personnel to locate the root cause.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Check Item 3: Whether You Can Log In to the ECS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Log in to the ECS console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2. Check whether the node name displayed is the same as that on the VM and whether the password or key can be used to log in to the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If the node names are inconsistent and the node cannot be logged in to using the password or key, it means that a Cloud-Init problem occurred when the ECS was created. In this case, restart the node and submit a service ticket to the ECS personnel to locate the root cause.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Check Item 4: Whether the Security Group Has Been Changed
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Log in to the VPC console. In the navigation pane, choose Access Control > Security Groups and locate the security group of the cluster master node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Check Item 4: Whether the Security Group Has Been Changed
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Log in to the VPC console. In the navigation pane, choose Access Control > Security Groups and find the master node security group of the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The name of this security group is in the format of {Cluster name}-cce-control-{ID}. You can search for the security group by cluster name and then -cce-control-.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Check whether the security group rules have been changed. For details about security groups, see How Can I Configure a Security Group Rule for a Cluster?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Check Item 5: Whether the Security Group Rules Contain the One That Allows the Communication Between the Master Nodes and the Worker Nodes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Check whether such a security group rule exists.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    When a node is added to an existing cluster, if an extended CIDR block is added to the subnet's VPC and the subnet is an extended CIDR block, you need to add the security group rules shown in the below figure to the master node security group, with the name following the format of Cluster name-cce-control-Random number. These rules ensure that the nodes added to the cluster are available. (This step is not required if an extended CIDR block has been added to the VPC during cluster creation.)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    When adding a node to the cluster, add the security group rules in the figure below to the cluster-name-cce-control-random-ID security group to ensure the availability of the added node. This is necessary if a secondary CIDR block is added to the VPC of the node subnet and the subnet is in the secondary CIDR block. However, if a secondary CIDR block has already been added to the VPC during cluster creation, this step is not required.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    For details about security groups, see How Can I Configure a Security Group Rule for a Cluster?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Check Item 6: Whether the Disk Is Abnormal
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Each new node is equipped with a 100-GiB data disk dedicated for Docker. If this data disk is removed or damaged, the Docker service will be disrupted and the node will become unavailable.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Click the node name and check whether the data disk attached to the node has been removed. If the disk has been detached from the node, you need to attach another data disk to the node and restart the node. Then the node can be restored.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Check Item 7: Whether Internal Components Are Normal
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Log in to the ECS of the unavailable node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2. Run the following command to check whether the PaaS components are normal:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      systemctl status kubelet
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If the command is successfully executed, the status of each component is displayed as active.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If the component status is not active, do as follows: (The faulty component canal is taken as an example):
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Run systemctl restart canal to restart the component.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      After restarting the component, run systemctl status canal to check the status.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3. If the restart command fails to be run, run the following command to check the running status of the monitrc process:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      ps -ef | grep monitrc
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If the monitrc process exists, run the following command to kill this process. The monitrc process will be automatically restarted after it is killed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      kill -s 9  `ps -ef | grep monitrc | grep -v grep | awk '{print $2}'`
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Check Item 7: Whether Internal Components Are Normal
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Log in to the node and check whether the following key components are running properly:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • kubelet
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • kube-proxy
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Network components
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • yangtse: used by clusters that use the VPC or Cloud Native 2.0 networks
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • canal: used by clusters that use the container tunnel networks
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Runtime: Docker or containerd
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • chronyd
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Check the status of a component. For example, to check the status of kubelet, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      systemctl status kubelet
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      kubelet is a component name. You can replace it as required.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The expected output is shown in the figure below.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2. If the component is not in the Active state, restart it. Specify the restart command based on the faulty component. If yangtse is faulty, run the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      systemctl restart yangtse
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Check the component status again.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      systemctl status yangtse
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3. If the node status is still not restored after the component restart, submit a service ticket and contact customer service.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Check Item 8: Whether the DNS Address Is Properly Configured
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Log in to the node and check whether any domain name resolution failure is recorded in the /var/log/cloud-init-output.log file.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      cat /var/log/cloud-init-output.log | grep resolv
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If the command output contains the following information, it means that there is a domain name resolution failure.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Could not resolve host:  Unknown error
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2. On the node, ping the domain name that cannot be resolved in the previous step to check whether the domain name can be resolved.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • If not, the DNS cannot resolve the IP address. Check whether the DNS address in the /etc/resolv.conf file is the same as that configured on the VPC subnet. In most cases, the DNS address in the file is configured incorrectly, leading to the inability to resolve the domain name. To fix this issue, adjust the DNS configuration of the VPC subnet and reset the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • If yes, the DNS address configuration is correct. Check whether there are other faults.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3. On the node, ping the domain name that cannot be resolved in the previous step to check whether the domain name can be resolved.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • If the domain name cannot be pinged, the DNS cannot resolve the IP address. Check whether the DNS address in the /etc/resolv.conf file is the same as that configured on the VPC subnet. In most cases, the DNS address in the file is configured incorrectly, leading to the inability to resolve the domain name. To fix this issue, adjust the DNS configuration of the VPC subnet and reset the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • If yes, the DNS address configuration is correct. Check whether there are other faults.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Check Item 9: Whether the vdb Disk on the Node Has Been Deleted
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If the vdb disk on a node has been deleted, you can refer to this topic to restore the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Check Item 10: Whether the Docker Service Is Normal
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Run the following command to check whether the Docker service is running:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      systemctl status docker
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If the command fails to be executed or the Docker service status is not active, locate the cause or contact technical support if necessary.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2. Run the following command to check the number of containers on the node:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      docker ps -a | wc -l
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If the command is suspended, takes too long to execute, or if there are over 1000 abnormal containers, you should check if workloads are being repeatedly created and deleted. If many containers are being created and deleted frequently, it may result in numerous abnormal containers that cannot be cleared promptly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_faq_00127.html b/docs/cce/umn/cce_faq_00127.html
index 1bb8525f8..d0457b16c 100644
--- a/docs/cce/umn/cce_faq_00127.html
+++ b/docs/cce/umn/cce_faq_00127.html
@@ -1,6 +1,6 @@
 
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      What Should I Do If No Node Creation Record Is Displayed When the Node Pool Is Being Expanding?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      What Should I Do If No Node Creation Record Is Displayed When the Node Pool Is Being Scaled Out?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Symptom
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The node pool keeps being in the expanding state, but no node creation record is displayed in the operation record.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Troubleshooting
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Check and rectify the following faults:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_faq_00130.html b/docs/cce/umn/cce_faq_00130.html
new file mode 100644
index 000000000..fce86ffa6
--- /dev/null
+++ b/docs/cce/umn/cce_faq_00130.html
@@ -0,0 +1,20 @@
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      What Should I Do If Residual Process Resources Exist Due to an Earlier CCE Node Problem Detector Add-on Version?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      When the node load is heavy, residual CCE Node Problem Detector process resources may exist.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Symptom
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      After successful login to the ECS node where the CCE cluster runs, it is found that there are a large number of CCE Node Problem Detector processes exist.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Upgrade the CCE Node Problem Detector add-on to the latest version.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose Add-ons, locate the CCE Node Problem Detector add-on, and click Upgrade.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        If the CCE Node Problem Detector add-on version is 1.13.6 or later, you do not need to upgrade it.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2. In the window that slides out from the right, configure the parameters and click OK.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Parent topic: Chart and Add-on
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
diff --git a/docs/cce/umn/cce_faq_00134.html b/docs/cce/umn/cce_faq_00134.html
index 0cea806c2..3db827001 100644
--- a/docs/cce/umn/cce_faq_00134.html
+++ b/docs/cce/umn/cce_faq_00134.html
@@ -2,7 +2,7 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      How Can I Locate the Root Cause If a Workload Is Abnormal?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If a workload is abnormal, you can check the pod events first to locate the fault and then rectify the fault.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Fault Locating
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Fault Locating
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      To locate the fault of an abnormal workload, take the following steps:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Check whether the workload pod is running properly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2. Click the cluster name to access the cluster console. In the navigation pane, choose Workloads.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        3. In the upper left corner of the page, select the namespace, locate the target workload, and view its status.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • If the workload is not ready, you can view pod events to determine the cause. For details, see Viewing Pod Events. You can find the solution to the issue based on the events by referring to Common Pod Issues.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • If the workload is processing, wait patiently.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • If the workload is running, but it is not accessible, check whether intra-cluster access is normal.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
@@ -49,7 +49,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The container startup failed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The container failed to restart.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  What Should I Do If Container Startup Fails?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  What Should I Do If a Pod Startup Fails?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Evicted
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
diff --git a/docs/cce/umn/cce_faq_00140.html b/docs/cce/umn/cce_faq_00140.html
index 082e6db7f..eb4081204 100644
--- a/docs/cce/umn/cce_faq_00140.html
+++ b/docs/cce/umn/cce_faq_00140.html
@@ -3,14 +3,14 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  What Should I Do If a Workload Remains in the Creating State?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Symptom
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The workload remains in the creating state.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Troubleshooting
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The issues here are described in order of how likely they are to occur.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Check these causes one by one until you find the cause of the fault.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Troubleshooting
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Possible causes are described here in order of how likely they are to occur.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the fault persists after you have ruled out a cause, check other causes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Check Item 1: Whether the cce-pause Image Is Deleted by Mistake
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Symptom
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  When creating a workload, an error message indicating that the sandbox cannot be created is displayed. This is because the cce-pause:3.1 image fails to be pulled.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Failed to create pod sandbox: rpc error: code = Unknown desc = failed to get sandbox image "cce-pause:3.1": failed to pull image "cce-pause:3.1": failed to pull and unpack image "docker.io/library/cce-pause:3.1": failed to resolve reference "docker.io/library/cce-pause:3.1": pulling from host **** failed with status code [manifests 3.1]: 400 Bad Request
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Possible cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Possible Cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The image is a system image added during node creation. If the image is deleted by mistake, the workload cannot be created.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the faulty node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. Decompress the cce-pause image installation package.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    tar -xzvf /opt/cloud/cce/package/node-package/pause-*.tgz
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
@@ -20,7 +20,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  3. Create a workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Check Item 2: Modifying Node Specifications After the CPU Management Policy Is Enabled in the Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The kubelet option cpu-manager-policy defaults to static. This allows granting enhanced CPU affinity and exclusivity to pods with certain resource characteristics on the node. If you modify CCE node specifications on the ECS console, the original CPU information does not match the new CPU information. As a result, workloads on the node cannot be restarted or created.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the CCE node (ECS) and delete the cpu_manager_state file.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Example command for deleting the file:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Log in to the CCE node (ECS) and delete the cpu_manager_state file.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Example command for deleting the file:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      rm -rf /mnt/paas/kubernetes/kubelet/cpu_manager_state
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2. Restart the node or kubelet. The following is the kubelet restart command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      systemctl restart kubelet
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Verify that workloads on the node can be successfully restarted or created.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_faq_00154.html b/docs/cce/umn/cce_faq_00154.html
index 7f3bfd681..ad814cca1 100644
--- a/docs/cce/umn/cce_faq_00154.html
+++ b/docs/cce/umn/cce_faq_00154.html
@@ -1,9 +1,9 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Which Resource Quotas Should I Pay Attention To When Using CCE?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      CCE restricts only the number of clusters. However, when using CCE, you may also be using other cloud services, such as Elastic Cloud Server (ECS), Elastic Volume Service (EVS), Virtual Private Cloud (VPC), Elastic Load Balance (ELB), and SoftWare Repository for Containers (SWR).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      What Is Quota?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Quotas can limit the number or amount of resources available to users, such as the maximum number of ECS or EVS disks that can be created.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If the existing resource quota cannot meet your service requirements, you can apply for a higher quota.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      CCE restricts only the number of clusters. However, when using CCE, you may also be using other cloud services, such as Elastic Cloud Server (ECS), Elastic Volume Service (EVS), Virtual Private Cloud (VPC), Elastic Load Balance (ELB), and SoftWare Repository for Containers (SWR).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      What Is Quota?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Quotas are enforced for service resources on the platform to prevent unforeseen spikes in resource usage. Quotas can limit the quantity and capacity of resources available to users, such as the maximum number of ECSs or EVS disks that can be created.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If a quota cannot meet your needs, apply for a higher quota.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_faq_00163.html b/docs/cce/umn/cce_faq_00163.html
index 5c859e695..180cfc9b1 100644
--- a/docs/cce/umn/cce_faq_00163.html
+++ b/docs/cce/umn/cce_faq_00163.html
@@ -6,11 +6,11 @@
 
 
diff --git a/docs/cce/umn/cce_faq_00189.html b/docs/cce/umn/cce_faq_00189.html
index e0f48e829..57a1a9f8a 100644
--- a/docs/cce/umn/cce_faq_00189.html
+++ b/docs/cce/umn/cce_faq_00189.html
@@ -6,7 +6,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Impact
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The clusters that have enabled a CPU management policy will be affected.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Log in to the CCE node (ECS) and delete the cpu_manager_state file.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Example command for the file deletion:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        rm -rf /mnt/paas/kubernetes/kubelet/cpu_manager_state
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        1. Log in to the CCE node (ECS) and delete the cpu_manager_state file.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Example command for the file deletion:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          rm -rf /mnt/paas/kubernetes/kubelet/cpu_manager_state
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2. Restart the node or kubelet. The following is the kubelet restart command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          systemctl restart kubelet
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        3. Verify that workloads on the node can be successfully restarted or created.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_faq_00195.html b/docs/cce/umn/cce_faq_00195.html
index 1e18eca63..ca5f7e3d2 100644
--- a/docs/cce/umn/cce_faq_00195.html
+++ b/docs/cce/umn/cce_faq_00195.html
@@ -2,7 +2,7 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        How Do I Optimize the Configuration If the External Domain Name Resolution Is Slow or Times Out?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        The following is an example resolv.conf file for a container in a workload:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        In the preceding information:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • nameserver: IP address of the DNS. Set this parameter to the cluster IP address of CoreDNS.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • search: domain name search list, which is a common suffix of Kubernetes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • ndots: If the number of dots (.) is less than the domain name, search is preferentially used for resolution.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • timeout: timeout interval.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • single-request-reopen: indicates that different source ports are used to send different types of requests.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        By default, when you create a workload on the CCE console, the preceding parameters are configured as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_faq_00197.html b/docs/cce/umn/cce_faq_00197.html
index a9cc3fbc0..7b9bbae7b 100644
--- a/docs/cce/umn/cce_faq_00197.html
+++ b/docs/cce/umn/cce_faq_00197.html
@@ -3,7 +3,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        What Should I Do If Domain Name Resolution Fails in a CCE Cluster?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Check Item 1: Whether the coredns Add-on Has Been Installed
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2. In the navigation pane, choose Add-ons and check whether the CoreDNS add-on has been installed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        3. If not, install the add-on. For details, see Why Does a Container in a CCE Cluster Fail to Perform DNS Resolution?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Check Item 2: Whether the coredns Instance Reaches the Performance Limit
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        CoreDNS QPS is positively correlated with the CPU usage. If the QPS is high, adjust the coredns instance specifications based on the QPS. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Check Item 2: Whether the coredns Instance Reaches the Performance Limit
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        CoreDNS QPS is positively correlated with the CPU usage. If the QPS is high, adjust the CoreDNS instance specifications based on the QPS. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2. In the navigation pane, choose Add-ons and verify that CoreDNS is running.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        3. Click the CoreDNS add-on name to view the add-on pod list.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        4. Click Monitor of the add-on pods to view the CPU and memory usage.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          If the add-on performance reaches the bottleneck, adjust the coredns add-on specifications.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
@@ -15,9 +15,9 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • <pod uid> indicates the pod UID of the coredns add-on, which can be obtained by running the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          kubectl get po <pod name> -nkube-system -ojsonpath='{.metadata.uid}{"\n"}'
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          In the preceding command, <pod name> indicates the name of the coredns add-on running on the current node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • <coredns container ID> must be a complete container ID, which can be obtained by running the following command:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Nodes that use Docker:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          docker ps --no-trunc | grep k8s_coredns | awk '{print $1}'
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          docker ps --no-trunc | grep coredns | awk '{print $1}'
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Nodes that use containerd:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          crictl ps --no-trunc | grep k8s_coredns | awk '{print $1}'
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          crictl ps --no-trunc | grep coredns | awk '{print $1}'
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_faq_00200.html b/docs/cce/umn/cce_faq_00200.html
index eca52b518..586d2501d 100644
--- a/docs/cce/umn/cce_faq_00200.html
+++ b/docs/cce/umn/cce_faq_00200.html
@@ -33,8 +33,11 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The disk file system has been corrupted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Back up the disk in EVS and restore the file system:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  fsck -y {drive letter}
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Back up the disk on EVS.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. Run the following command on the node to restore the file system:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    fsck -y {drive letter}
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If an error message similar to "has unsupported feature (s): xxx" is displayed during the command execution, it indicates that the node fsck is incompatible with the file system.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Upgrade fsck and then run the command again.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modification not recommended
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the configuration is modified, the cluster will not function correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modifying the configuration can interrupt the cluster functionality.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  All TCP ports
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -48,7 +48,7 @@
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modification not recommended
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the configuration is modified, the cluster will not function correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modifying the configuration can interrupt the cluster functionality.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  TCP port range: 30000 to 32767
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -73,7 +73,7 @@
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modification not recommended
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the configuration is modified, the cluster will not function correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modifying the configuration can interrupt the cluster functionality.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  All
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -84,7 +84,7 @@
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modification not recommended
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the configuration is modified, the cluster will not function correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modifying the configuration can interrupt the cluster functionality.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  TCP port 22
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -141,7 +141,7 @@
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modification not recommended
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the configuration is modified, the cluster will not function correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modifying the configuration can interrupt the cluster functionality.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  TCP port 5444
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -157,14 +157,14 @@
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modification not recommended
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the configuration is modified, the cluster will not function correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modifying the configuration can interrupt the cluster functionality.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  TCP port 5443
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  All IP addresses (0.0.0.0/0)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Allow kube-apiserver of the master nodes to listen to the worker nodes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The HAProxy load balancing port for kube-apiserver, which allows incoming requests to be forwarded to backend kube-apiserver pods.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modification recommended
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modification not recommended
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the configuration is modified, the cluster will not function correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modifying the configuration can interrupt the cluster functionality.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  All
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -190,7 +190,7 @@
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modification not recommended
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the configuration is modified, the cluster will not function correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modifying the configuration can interrupt the cluster functionality.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Outbound rule
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -203,7 +203,7 @@
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modification not recommended
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the configuration is modified, the cluster will not function correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modifying the configuration can interrupt the cluster functionality.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modification not recommended
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the configuration is modified, the cluster will not function correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modifying the configuration can interrupt the cluster functionality.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  TCP port 10250
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -248,7 +248,7 @@
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modification not recommended
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the configuration is modified, the cluster will not function correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modifying the configuration can interrupt the cluster functionality.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  TCP port range: 30000 to 32767
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -284,7 +284,7 @@
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modification not recommended
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the configuration is modified, the cluster will not function correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modifying the configuration can interrupt the cluster functionality.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Outbound rule
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -330,7 +330,7 @@
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modification not recommended
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the configuration is modified, the cluster will not function correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modifying the configuration can interrupt the cluster functionality.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  TCP port 5444
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -341,7 +341,7 @@
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modification not recommended
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the configuration is modified, the cluster will not function correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modifying the configuration can interrupt the cluster functionality.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  TCP port 5444
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -357,14 +357,14 @@
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modification not recommended
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the configuration is modified, the cluster will not function correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modifying the configuration can interrupt the cluster functionality.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  TCP port 5443
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  All IP addresses (0.0.0.0/0)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Allow kube-apiserver of the master nodes to listen to the worker nodes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The HAProxy load balancing port for kube-apiserver, which allows incoming requests to be forwarded to backend kube-apiserver pods.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modification recommended
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modification not recommended
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the configuration is modified, the cluster will not function correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modifying the configuration can interrupt the cluster functionality.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  All
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -390,7 +390,7 @@
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modification not recommended
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the configuration is modified, the cluster will not function correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modifying the configuration can interrupt the cluster functionality.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Outbound rule
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -403,7 +403,7 @@
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modification not recommended
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the configuration is modified, the cluster will not function correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modifying the configuration can interrupt the cluster functionality.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modification not recommended
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the configuration is modified, the cluster will not function correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modifying the configuration can interrupt the cluster functionality.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  TCP port range: 30000 to 32767
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -473,7 +473,7 @@
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modification not recommended
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the configuration is modified, the cluster will not function correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modifying the configuration can interrupt the cluster functionality.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  All
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -484,7 +484,7 @@
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modification not recommended
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the configuration is modified, the cluster will not function correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modifying the configuration can interrupt the cluster functionality.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Outbound rule
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -530,7 +530,7 @@
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modification not recommended
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the configuration is modified, the cluster will not function correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modifying the configuration can interrupt the cluster functionality.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  TCP port 5444
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -539,7 +539,7 @@
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modification not recommended
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the configuration is modified, the cluster will not function correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modifying the configuration can interrupt the cluster functionality.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  TCP port 9443
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -550,14 +550,14 @@
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modification not recommended
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the configuration is modified, the cluster will not function correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modifying the configuration can interrupt the cluster functionality.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  TCP port 5443
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  All IP addresses (0.0.0.0/0)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Allow kube-apiserver of the master nodes to listen to the worker nodes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The HAProxy load balancing port for kube-apiserver, which allows incoming requests to be forwarded to backend kube-apiserver pods.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modification recommended
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modification not recommended
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the configuration is modified, the cluster will not function correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modifying the configuration can interrupt the cluster functionality.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  All
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -583,7 +583,7 @@
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modification not recommended
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the configuration is modified, the cluster will not function correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modifying the configuration can interrupt the cluster functionality.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  All
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -594,7 +594,7 @@
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modification not recommended
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the configuration is modified, the cluster will not function correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modifying the configuration can interrupt the cluster functionality.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Outbound rule
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -607,16 +607,16 @@
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modification not recommended
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the configuration is modified, the cluster will not function correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modifying the configuration can interrupt the cluster functionality.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  ENI security group
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Elastic network interface security group
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  In a CCE Turbo cluster, an additional security group, with the name following the format of {Cluster name}-cce-eni-{Random ID}, is created. By default, containers in the cluster are bound to this security group. For details about the default ports, see Table 7.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Table 7 Default ports of the ENI security group in a CCE Turbo cluster that uses the Cloud Native 2.0 network model
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Direction
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -634,13 +634,13 @@
 
-
-
-
-
@@ -679,18 +679,24 @@
 
-
-
-
-
-
+
-
+
+
+
-
-
diff --git a/docs/cce/umn/cce_faq_00417.html b/docs/cce/umn/cce_faq_00417.html
index c390d42e3..ff46fc6b3 100644
--- a/docs/cce/umn/cce_faq_00417.html
+++ b/docs/cce/umn/cce_faq_00417.html
@@ -2,7 +2,7 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  How Do I Configure an Access Policy for a Cluster?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  After the public API Server address is bound to the cluster, modify the security group rules of port 5443 on the master node to harden the access control policy of the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console. On the Overview page, find and copy the cluster ID.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. Log in to the VPC console. In the navigation pane, choose Access Control > Security Groups.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  3. Select Description as the filter criterion and search for the target security group by cluster ID.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  4. Locate the row that contains the security group (starting with {CCE cluster name}-cce-control) of the master node and click Manage Rules in the Operation column.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  5. On the page displayed, locate the row that contains port 5443 and click Modify in the Operation column to modify its inbound rules.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Log in to the CCE console and click the cluster name to access the cluster console. On the Overview page, find and copy the cluster ID.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2. Log in to the VPC console. In the navigation pane, choose Access Control > Security Groups.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3. Select Description as the filter criterion and search for the target security group by cluster ID.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4. Locate the row that contains the security group (starting with {CCE cluster name}-cce-control) of the master node and click Manage Rules in the Operation column.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    5. On the page displayed, locate the row that contains port 5443 and click Modify in the Operation column to modify its inbound rules.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    6. Change the source IP address that can be accessed as required. For example, if the IP address used by the client to access the API Server is 100.*.*.*, you can add an inbound rule for port 5443 and set the source IP address to 100.*.*.*.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      In addition to the client IP address, the port must allow traffic from the CIDR blocks of the VPC, container, and the control plane of the hosted service mesh to ensure that the API Server can be accessed from within the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_faq_00432.html b/docs/cce/umn/cce_faq_00432.html
index 4920ec40f..a3238520c 100644
--- a/docs/cce/umn/cce_faq_00432.html
+++ b/docs/cce/umn/cce_faq_00432.html
@@ -43,21 +43,21 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      ...call fsp to query keypair fail, error code : Ecs.0314, reason is : the keypair *** does not match the user_id ***...
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The possible causes are as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The key pair selected for logging in to the node pool has been deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The key pair selected for logging in to the node pool is a private one which cannot be used by the current user to log in to the node pool and create nodes in the node pool.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Solution:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • If the scale-out fails due to the first cause, you can create a key pair and then create a node pool which can be logged in to using this key pair.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • If the scale-out fails due to the second cause, only the user who created the private key pair can scale out the node pool. You can use another key pair when creating a new node pool.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Invalid KMS Key ID
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  When a node pool fails to be expanded, the reported event contains Ecs.0912.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  {"error":{"message":"encrypted key id [***] is invalid.","code":"Ecs.0912"}}
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The possible causes are as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • The KMS key ID entered during node pool creation does not exist.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • The KMS key ID entered during node pool creation is the key of another user, but the user has not authorized you.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Solution:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • If the scale-out fails due to the first cause, ensure that the entered key ID exists.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • If the scale-out fails due to second cause, use the ID of the shared key that has been authorized to you.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The Security Group Specified by the Node Pool Deleted
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  When a node pool fails to be expanded, the event contains the following information:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Security group [*****] not found
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  This issue can arise in the following scenarios:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Scenarios 1: A custom security group is set up for the node pool but gets deleted, so the node pool scale-out fails.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Scenarios 2: No custom security group is configured for the node pool and the default security group is deleted, so the node pool scale-out fails.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Solution:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Scenario 1: Update the security group specified by the customSecurityGroups field by calling the API for updating a node pool. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Scenario 2: Log in to the CCE console and change the default node security group on the Settings page of the cluster. The new node security group must meet the communication rules of the cluster ports. For details, see How Can I Configure a Security Group Rule for a Cluster?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
diff --git a/docs/cce/umn/cce_faq_00440.html b/docs/cce/umn/cce_faq_00440.html
index 2b328ae2a..dd9943e0f 100644
--- a/docs/cce/umn/cce_faq_00440.html
+++ b/docs/cce/umn/cce_faq_00440.html
@@ -37,14 +37,22 @@
 
-
-
+
+
+
+
diff --git a/docs/cce/umn/cce_faq_00443.html b/docs/cce/umn/cce_faq_00443.html
index 2bb6580a6..049680e10 100644
--- a/docs/cce/umn/cce_faq_00443.html
+++ b/docs/cce/umn/cce_faq_00443.html
@@ -1,6 +1,6 @@
 
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  How Do I Modify ECS Configurations When an ECS Cannot Be Managed by a Node Pool?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  How Do I Modify ECS Configurations When an ECS Can't Be Managed by a Node Pool?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If an ECS cannot be managed by a node pool due to the reasons listed in this section, you can modify the configuration to manage the ECS.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Table 7 Default ports of the elastic network interface security group in a CCE Turbo cluster that uses the Cloud Native 2.0 network model
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Direction
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Port
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  All
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  ENI security group
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Elastic network interface security group
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Allow containers within the cluster to access each other.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modification not recommended
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the configuration is modified, the cluster will not function correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modifying the configuration can interrupt the cluster functionality.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  VPC CIDR block
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -649,7 +649,7 @@
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modification not recommended
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the configuration is modified, the cluster will not function correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modifying the configuration can interrupt the cluster functionality.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Outbound rule
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -662,7 +662,7 @@
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modification not recommended
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the configuration is modified, the cluster will not function correctly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modifying the configuration can interrupt the cluster functionality.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  UDP port 53
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  TCP port 53
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  DNS server of the subnet
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  DNS server of the subnet
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Allow traffic on the port for domain name resolution.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Allow traffic on the port for domain name resolution.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  UDP port 5353
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  UDP port 53
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Container CIDR block
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  TCP port 5353
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Allow traffic on the port for CoreDNS domain name resolution.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Container CIDR block
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Allow traffic on the port for CoreDNS domain name resolution.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  UDP port 5353
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  UDP port 4789 (required only by clusters that use the tunnel networks)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -704,7 +710,7 @@
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Master node CIDR block
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Allow kube-apiserver of the master nodes to listen to the worker nodes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The HAProxy load balancing port for kube-apiserver, which allows incoming requests to be forwarded to backend kube-apiserver pods.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  TCP port 5444
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
diff --git a/docs/cce/umn/cce_faq_00266.html b/docs/cce/umn/cce_faq_00266.html
index 0d10e9b0c..0163fcc9d 100644
--- a/docs/cce/umn/cce_faq_00266.html
+++ b/docs/cce/umn/cce_faq_00266.html
@@ -1,12 +1,12 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  What Is the Relationship Between Clusters, VPCs, and Subnets?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  A VPC is similar to a private local area network (LAN) managed by a home gateway whose IP address is 192.168.0.0/16. A VPC is a private network built on the cloud and provides basic network environment for running ECSs, ELBs, and middleware. Networks of different scales can be configured based on service requirements. Generally, you can set the CIDR block to 10.0.0.0/8–24, 172.16.0.0/12–24, or 192.168.0.0/16–24. The largest CIDR block is 10.0.0.0/8, which corresponds to a class A network.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  A VPC is similar to a private local area network (LAN) managed by a home gateway whose IP address is 192.168.0.0/16. A VPC is a private network built on the cloud and provides basic network environment for running ECSs, load balancers, and middleware. Networks of different scales can be configured based on service requirements. Generally, you can set the CIDR block to 10.0.0.0/8–24, 172.16.0.0/12–24, or 192.168.0.0/16–24. The largest CIDR block is 10.0.0.0/8, which corresponds to a class A network.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  A VPC can be divided into multiple subnets. Security groups are configured to determine whether these subnets can communicate with each other. This ensures that subnets can be isolated from each other, so that you can deploy different services on different subnets.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  A cluster is one or a group of cloud servers (also known as nodes) in the same VPC. It provides computing resource pools for running containers.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  A cluster is one or a group of ECSs (also known as nodes) in the same VPC. It provides computing resource pools for running containers.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  As shown in Figure 1, a region may consist of multiple VPCs. A VPC consists of one or more subnets. The subnets communicate with each other through a subnet gateway. A cluster is created in a subnet. There are three scenarios:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Different clusters are created in different VPCs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Different clusters are created in the same subnet.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Different clusters are created in different subnets.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Figure 1 Relationship between clusters, VPCs, and subnets
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Figure 1 Relationship between clusters, VPCs, and subnets
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
diff --git a/docs/cce/umn/cce_faq_00277.html b/docs/cce/umn/cce_faq_00277.html
new file mode 100644
index 000000000..55b19374e
--- /dev/null
+++ b/docs/cce/umn/cce_faq_00277.html
@@ -0,0 +1,100 @@
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  How Do I Delete a Namespace in the Terminating State?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  A Kubernetes namespace is typically in the active or terminating state. If a namespace is deleted when there are still running resources, the namespace enters the terminating state. In this case, the namespace will be automatically deleted only after Kubernetes reclaims the resources in it.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  However, in some cases, even if no resource is running in the namespace, the namespace in the terminating state still cannot be deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  To solve this problem, perform the following operations:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. View the namespace details.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    $ kubectl  get ns  | grep rdb
+rdbms                  Terminating   6d21h
+
+$ kubectl  get ns rdbms -o yaml
+apiVersion: v1
+kind: Namespace
+metadata:
+  annotations:
+    kubectl.kubernetes.io/last-applied-configuration: |
+      {"apiVersion":"v1","kind":"Namespace","metadata":{"annotations":{},"name":"rdbms"}}
+  creationTimestamp: "2020-05-07T15:19:43Z"
+  deletionTimestamp: "2020-05-07T15:33:23Z"
+  name: rdbms
+  resourceVersion: "84553454"
+  selfLink: /api/v1/namespaces/rdbms
+  uid: 457788ddf-53d7-4hde-afa3-1fertg21ewe1
+spec:
+  finalizers:
+  - kubernetes
+status:
+  phase: Terminating
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. View resources in the namespace.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    # View resources that can be isolated using namespaces in the cluster.
+$ kubectl api-resources -o name --verbs=list --namespaced | xargs -n 1 kubectl get --show-kind --ignore-not-found -n rdbms
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The command output shows that no resource is occupied in the rdbms namespace.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  3. Delete the namespace.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Directly delete the rdbms namespace.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    $ kubectl  delete ns rdbms
+Error from server (Conflict): Operation cannot be fulfilled on namespaces "rdbms": The system is ensuring all content is removed from this namespace.  Upon completion, this namespace will automatically be purged by the system.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The deletion fails and a message is displayed, indicating that the system will automatically delete the namespace after confirming that no resource is running in it.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  4. Forcibly delete the namespace.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    $ kubectl  delete ns rdbms --force --grace-period=0
+warning: Immediate deletion does not wait for confirmation that the running resource has been terminated. The resource may continue to run on the cluster indefinitely.
+Error from server (Conflict): Operation cannot be fulfilled on namespaces "rdbms": The system is ensuring all content is removed from this namespace.  Upon completion, this namespace will automatically be purged by the system.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    After running this command, the namespace still cannot be deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  5. Call the Kubernetes native APIs to delete resources in the namespace. In most cases, resources in a namespace cannot be forcibly deleted. Use the Kubernetes native APIs instead.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    View the namespace details.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    $ kubectl  get ns rdbms  -o json > rdbms.json
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Check the JSON configuration defined by the namespace, edit the JSON file, and delete the spec part.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    $ cat rdbms.json
+{
+    "apiVersion": "v1",
+    "kind": "Namespace",
+    "metadata": {
+        "annotations": {
+            "kubectl.kubernetes.io/last-applied-configuration": "{\"apiVersion\":\"v1\",\"kind\":\"Namespace\",\"metadata\":{\"annotations\":{},\"name\":\"rdbms\"}}\n"
+        },
+        "creationTimestamp": "2019-10-14T12:17:44Z",
+        "deletionTimestamp": "2019-10-14T12:30:27Z",
+        "name": "rdbms",
+        "resourceVersion": "8844754",
+        "selfLink": "/api/v1/namespaces/rdbms",
+        "uid": "29067ddf-56d7-4cce-afa3-1fbdbb221ab1"
+    },
+    "spec": {
+        "finalizers": [
+            "kubernetes"
+        ]
+    },
+    "status": {
+        "phase": "Terminating"
+    }
+}
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    After the PUT request is executed, the namespace is automatically deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    $ curl --cacert /root/ca.crt --cert /root/client.crt --key /root/client.key -k -H "Content-Type:application/json" -X PUT --data-binary @rdbms.json https://x.x.x.x:5443/api/v1/namespaces/rdbms/finalize 
+{
+  "kind": "Namespace",
+  "apiVersion": "v1",
+  "metadata": {
+    "name": "rdbms",
+    "selfLink": "/api/v1/namespaces/rdbms/finalize",
+    "uid": "29067ddf-56d7-4cce-afa3-1fbdbb221ab1",
+    "resourceVersion": "8844754",
+    "creationTimestamp": "2019-10-14T12:17:44Z",
+    "deletionTimestamp": "2019-10-14T12:30:27Z",
+    "annotations": {
+      "kubectl.kubernetes.io/last-applied-configuration": "{\"apiVersion\":\"v1\",\"kind\":\"Namespace\",\"metadata\":{\"annotations\":{},\"name\":\"rdbms\"}}\n"
+    }
+  },
+  "spec": {
+
+  },
+  "status": {
+    "phase": "Terminating"
+  }
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If the namespace still cannot be deleted, check whether the finalizers field exists in the metadata. If the field exists, run the following command to access the namespace and delete the field:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    kubectl edit ns rdbms
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • For details about how to obtain a cluster certificate, see Accessing a Cluster Using an X.509 Certificate.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • https://x.x.x.x:5443 indicates the address for accessing the cluster. To obtain the private IP address, log in to the CCE console, access the cluster console, and view the connection information.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  6. Check whether the namespace has been deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    $ kubectl  get ns  | grep rdb
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Parent topic: Namespace
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
diff --git a/docs/cce/umn/cce_faq_00278.html b/docs/cce/umn/cce_faq_00278.html
index c5a53ed96..2c8fef3ff 100644
--- a/docs/cce/umn/cce_faq_00278.html
+++ b/docs/cce/umn/cce_faq_00278.html
@@ -8,7 +8,7 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
diff --git a/docs/cce/umn/cce_faq_00286.html b/docs/cce/umn/cce_faq_00286.html
index 55998af52..781140811 100644
--- a/docs/cce/umn/cce_faq_00286.html
+++ b/docs/cce/umn/cce_faq_00286.html
@@ -4,7 +4,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Symptom
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  A node fails to be accepted into a cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Possible Cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Log in to the node and check the /var/paas/sys/log/baseagent/baseagent.log installation log. The following error information is displayed:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Check the Logical Volume Manager (LVM) settings of the node. It is found that the LVM logical volume is not created in /dev/vdb.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Run the following command to manually create a logical volume:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
diff --git a/docs/cce/umn/cce_faq_00296.html b/docs/cce/umn/cce_faq_00296.html
index 94f2eb246..badfcb061 100644
--- a/docs/cce/umn/cce_faq_00296.html
+++ b/docs/cce/umn/cce_faq_00296.html
@@ -6,9 +6,9 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Attached SCSI disk
 task jdb2/xxx blocked for more than 120 seconds.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Possible Causes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  After a PCI device is hot added to BUS 0, the Linux OS kernel will traverse all the PCI bridges mounted to BUS 0 for multiple times, and these PCI bridges cannot work properly during this period. During this period, if the PCI bridge used by the device is updated, due to a kernel defect, the device considers that the PCI bridge is abnormal, and the device enters a fault mode and cannot work normally. If the front end is writing data into the PCI configuration space for the back end to process disk I/Os, the write operation may be deleted. As a result, the back end cannot receive notifications to process new requests on the I/O ring. Finally, the front-end I/O suspension occurs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Possible Cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  After a PCI device is hot added to BUS 0, the Linux OS kernel will traverse all the PCI bridges mounted to BUS 0 for multiple times, and these PCI bridges cannot work properly during this period. During this period, if the PCI bridge used by the device is updated, due to a kernel defect, the device considers that the PCI bridge is abnormal, and the device enters a fault mode and cannot work normally. If the front end is writing data into the PCI configuration space for the back end to process disk I/Os, the write operation may be deleted. As a result, the back end cannot receive notifications to process new requests on the I/O ring. Finally, the front-end I/O suspension occurs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Impact
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  CentOS Linux kernels of versions earlier than 3.10.0-1127.el7 are affected.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
diff --git a/docs/cce/umn/cce_faq_00307.html b/docs/cce/umn/cce_faq_00307.html
index 9155b90c4..9a53a95f1 100644
--- a/docs/cce/umn/cce_faq_00307.html
+++ b/docs/cce/umn/cce_faq_00307.html
@@ -4,7 +4,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Symptom
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  When the disk space of a thin pool on a node is about to be used up, the following exceptions occasionally occur:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Files or directories fail to be created in the container, the file system in the container is read-only, the node is tainted disk-pressure, or the node is unavailable.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  You can run the docker info command on the node to view the used and remaining thin pool space to locate the fault. The following figure is an example.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Possible Cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  When Docker device mapper is used, although you can configure the basesize parameter to limit the size of the /home directory of a single container (to 10 GB by default), all containers on the node still share the thin pool of the node for storage. They are not completely isolated. When the sum of the thin pool space used by certain containers reaches the upper limit, other containers cannot run properly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  In addition, after a file is deleted in the /home directory of the container, the thin pool space occupied by the file is not released immediately. Therefore, even if basesize is set to 10 GB, the thin pool space occupied by files keeps increasing until 10 GB when files are created in the container. The space released after file deletion will be reused only after a while. If the number of service containers on the node multiplied by basesize is greater than the thin pool space size of the node, there is a possibility that the thin pool space has been used up.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
diff --git a/docs/cce/umn/cce_faq_00311.html b/docs/cce/umn/cce_faq_00311.html
index 0d8bb0e5c..a13a956da 100644
--- a/docs/cce/umn/cce_faq_00311.html
+++ b/docs/cce/umn/cce_faq_00311.html
@@ -7,7 +7,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Possible Cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  This user has no permissions to operate Kubernetes resources.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  To grant the Kubernetes permissions to the user, perform the following operations:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the CCE console. In the navigation pane, choose Permissions.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. Select a cluster for which you want to add permissions from the drop-down list on the right.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  3. Click Add Permission in the upper right corner.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  4. Confirm the cluster name and select the namespace to assign permissions for. For example, select All namespaces, the target user or user group, and select the permissions.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If you do not have IAM permissions, you cannot select users or user groups when configuring permissions for other users or user groups. In this case, you can enter a user ID or user group ID. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2. In the navigation pane, choose Permissions. Select the cluster for which you want to add permissions from the drop-down list on the right.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3. Click Add Permission in the upper right corner.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4. Confirm the cluster name and select the namespace to assign permissions for. For example, select All namespaces, the target user or user group, and select the permissions.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If you do not have IAM permissions, you cannot select users or user groups when configuring permissions for other users or user groups. In this case, you can enter a user ID or user group ID. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Permissions can be customized as required. After selecting Custom for Permission Type, click Add Custom Role on the right of the Custom parameter. In the dialog box displayed, enter a name and select a rule. After the custom rule is created, you can select a value from the Custom drop-down list box.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Custom permissions are classified into ClusterRole and Role. Each ClusterRole or Role contains a group of rules that represent related permissions. For details, see Using RBAC Authorization.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_faq_00319.html b/docs/cce/umn/cce_faq_00319.html
index 4926b8705..0e90dc270 100644
--- a/docs/cce/umn/cce_faq_00319.html
+++ b/docs/cce/umn/cce_faq_00319.html
@@ -2,7 +2,7 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      What Can I Do If a Layer Is Missing During Image Pull?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Symptom
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      When containerd is used as the container engine, there is a possibility that the image layer is missing when an image is pulled to a node. As a result, the workload container fails to be created.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Possible Cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Docker earlier than v1.10 supports the layer whose mediaType is application/octet-stream. However, containerd does not support application/octet-stream. As a result, the image is not pulled.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_faq_00321.html b/docs/cce/umn/cce_faq_00321.html
index c137a6040..67671035d 100644
--- a/docs/cce/umn/cce_faq_00321.html
+++ b/docs/cce/umn/cce_faq_00321.html
@@ -3,7 +3,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      How Do I Rectify the Error Reported When Running the kubectl top node Command?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Symptom
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The error message "Error from server (ServiceUnavailable): the server is currently unable to handle the request (get nodes.metrics.k8s.io)" is displayed after the kubectl top node command is executed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Possible Causes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      "Error from server (ServiceUnavailable)" indicates that the cluster is not connected. In this case, you need to check whether the network between kubectl and the master node in the cluster is normal.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Possible Cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      "Error from server (ServiceUnavailable)" indicates that the cluster is not connected. In this case, you need to check whether the network between kubectl and the master node in the cluster is normal.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • If the kubectl command is executed outside the cluster, check whether the cluster is bound to an EIP. If yes, download the kubeconfig file and run the kubectl command again.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • If the kubectl command is executed on a node in the cluster, check the security group of the node and check whether the TCP/UDP communication between the worker node and master node is allowed. For details about security groups, see How Can I Configure a Security Group Rule for a Cluster?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_faq_00322.html b/docs/cce/umn/cce_faq_00322.html
index 07a590e55..3ebb90189 100644
--- a/docs/cce/umn/cce_faq_00322.html
+++ b/docs/cce/umn/cce_faq_00322.html
@@ -9,17 +9,17 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Use kubectl to connect to the cluster and manually clear the Secret and ConfigMap corresponding to the add-on release. The following uses autoscaler add-on release as an example.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Connect to the cluster using kubectl, and run the following command to view the Secret list of add-on releases:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        kubectl get secret -A |grep cceaddon
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        The Secret name of an add-on release is in the format of sh.helm.release.v1.cceaddon-{add-on name}.v*. If there are multiple release versions, you can delete their Secrets at the same time.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2. Run the release secret command to delete the Secrets.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        kubectl delete secret sh.helm.release.v1.cceaddon-autoscaler.v1 sh.helm.release.v1.cceaddon-autoscaler.v2 -nkube-system
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      3. If the add-on is created when Helm v2 is used, CCE automatically bumps the v2 release in ConfigMaps to v3 release in Secrets when viewing the add-ons and their details. The v2 release in the original ConfigMap is not deleted. Run the following command to view the ConfigMap list of add-on releases:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        kubectl get configmap -A | grep cceaddon
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        The ConfigMap name of an add-on release is in the format of cceaddon-{add-on name}.v*. If there are multiple release versions, you can delete their ConfigMaps at the same time.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      4. Run the release configmap command to delete the ConfigMaps.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        kubectl delete configmap cceaddon-autoscaler.v1 cceaddon-autoscaler.v2 -nkube-system
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Deleting resources in kube-system is a high-risk operation. Ensure that the command is correct before running it to prevent resources from being deleted by mistake.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      5. On the CCE console, install the add-on and then uninstall it. Ensure that the residual add-on resources are cleared. After the uninstallation is complete, install the add-on again.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        During the initial installation of the add-on, it is possible to encounter abnormal behavior caused by residual resources from a previous add-on release. This is a normal occurrence. In such cases, you can resolve the issue by uninstalling the add-on from the console. This will ensure that any remaining resources are cleared, allowing for a proper installation of the add-on again.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_faq_00324.html b/docs/cce/umn/cce_faq_00324.html
index c7edfffa7..872487c4b 100644
--- a/docs/cce/umn/cce_faq_00324.html
+++ b/docs/cce/umn/cce_faq_00324.html
@@ -10,6 +10,8 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_faq_00325.html b/docs/cce/umn/cce_faq_00325.html
index 416bfe0c9..d1d4e2146 100644
--- a/docs/cce/umn/cce_faq_00325.html
+++ b/docs/cce/umn/cce_faq_00325.html
@@ -2,7 +2,7 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        What Should I Do If a Namespace Fails to Be Deleted Due to an APIService Object Access Failure?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Symptom
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        The namespace remains in the Deleting state. The error message "DiscoveryFailed" is displayed in status in the YAML file.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        In the preceding figure, the full error message is "Discovery failed for some groups, 1 failing: unable to retrieve the complete list of server APIs: metrics.k8s.io/v1beta1: the server is currently unable to handle the request".
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        This indicates that the namespace deletion is blocked when kube-apiserver accesses the APIService resource object of the metrics.k8s.io/v1beta1 API.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_faq_00394.html b/docs/cce/umn/cce_faq_00394.html
index 79bbc2aeb..1eefa69ed 100644
--- a/docs/cce/umn/cce_faq_00394.html
+++ b/docs/cce/umn/cce_faq_00394.html
@@ -11,9 +11,9 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      6. Click the security group to view its details, and click the Associated Instances tab.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Obtain other resources associated with the security group, such as ENIs, sub-ENIs, and servers. You can delete the residual resources. The sub-ENIs will be automatically deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Obtain other resources associated with the security group, such as elastic network interfaces, supplementary network interfaces, and servers. You can delete the residual resources. The supplementary network interfaces will be automatically deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      7. For a residual ENI, go to the Network Interfaces page and delete the ENI obtained in the previous step.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      8. For a residual elastic network interface, go to the Network Interfaces page and delete the elastic network interface obtained in the previous step.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      9. Go to the Security Groups page to confirm that the security group is not associated with any instance. Then, go to the CCE console to delete the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_faq_00401.html b/docs/cce/umn/cce_faq_00401.html
index 89d22ef4a..b1a6d783d 100644
--- a/docs/cce/umn/cce_faq_00401.html
+++ b/docs/cce/umn/cce_faq_00401.html
@@ -8,7 +8,9 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
 
diff --git a/docs/cce/umn/cce_faq_00402.html b/docs/cce/umn/cce_faq_00402.html
index 2a7bfcdcf..d0b356763 100644
--- a/docs/cce/umn/cce_faq_00402.html
+++ b/docs/cce/umn/cce_faq_00402.html
@@ -1,6 +1,6 @@
 
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      What Do I Do If a Cluster Add-On Fails to be Upgraded During the CCE Cluster Upgrade?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      What Do I Do If a Cluster Add-on Fails to be Upgraded During the CCE Cluster Upgrade?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Overview
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      This section describes how to locate and rectify the fault if you fail to upgrade an add-on during the CCE cluster upgrade.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_faq_00409.html b/docs/cce/umn/cce_faq_00409.html
index 30425cb8d..9162e866f 100644
--- a/docs/cce/umn/cce_faq_00409.html
+++ b/docs/cce/umn/cce_faq_00409.html
@@ -34,7 +34,8 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       NOTE: 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      This issue has been resolved in Linux kernel 5.9. Since Kubernetes 1.22, kube-proxy does not modify the net.ipv4.vs.conn_reuse_mode parameter of nodes that use the kernel 5.9 or later. For details, see Don't set sysctl net.ipv4.vs.conn_reuse_mode for kernels >=5.9.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the IPVS service forwarding mode is used in CCE clusters of 1.19.16-r0 or later, the value of net.ipv4.vs.conn_reuse_mode varies with the kernel versions of node OSs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • For a node running EulerOS 2.5, the kernel version is earlier than 4.1. The value of net.ipv4.vs.conn_reuse_mode is 1. This results in Problem 2: There is a 1-second latency in the high-concurrency scenarios.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • For a node running EulerOS 2.9, the kernel version is too early. kube-proxy will set net.ipv4.vs.conn_reuse_mode to 0. This results in Problem 1. To resolve this problem, upgrade the kernel version. For details, see Rectification Plan.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • For a node running HCE OS 2.0 or Ubuntu 22.04, the kernel version is later than 5.9. The problem has been resolved.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the IPVS service forwarding mode is used in CCE clusters of 1.19.16-r0 or later, the value of net.ipv4.vs.conn_reuse_mode varies with the kernel versions of node OSs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • For a node running EulerOS 2.5:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • If the cluster version is between v1.19.8-r0 and v1.19.16-r60 (excluding v1.19.16-r60), v1.21.1-r0 and v1.21.11-r20 (excluding v1.21.11-r20), v1.23.1-r0 and v1.23.10-r0 (excluding v1.23.10-r0), v1.25.1-r0 and v1.25.5-r0 (excluding v1.25.5-r0), v1.27.1-r0 and v1.27.2-r0 (excluding v1.27.2-r0), the OS kernel version is earlier than 4.1. In these cases, kube-proxy keeps the default value (net.ipv4.vs.conn_reuse_mode=1). This results in Problem 2 (a 1-second latency in high concurrency scenarios).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • If the cluster is of other versions, net.ipv4.vs.conn_reuse_mode is set to 0. This results in Problem 1 (RS retention during port reuse).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • For a node running EulerOS 2.9, the kernel version is too early. kube-proxy will set net.ipv4.vs.conn_reuse_mode to 0. This results in Problem 1. To resolve this problem, upgrade the kernel version. For details, see Rectification Plan.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • For a node running HCE OS 2.0 or Ubuntu 22.04, the kernel version is later than 5.9. The problem has been resolved.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The ECS group does not exist (ServerGroupNotExists).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The ECS group to which the node pool belongs is not present. This may be because you manually deleted the ECS group.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the CCE console. In the navigation pane, choose Nodes, click the Node Pools tab, and click the name of the target node pool. Click the Overview tab, click Expand, and check the ECS group to which the node pool belongs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. Log in to the ECS console. In the navigation pane, choose Elastic Cloud Server > ECS Group and see if the target ECS group is present.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  3. If the ECS group is not present, log in to the CCE console. In the navigation pane, choose Nodes, click the Node Pools tab, locate the row containing the target node pool, and click Update. In the Advanced Settings area, unbind or change the ECS group.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the CCE console. In the navigation pane, choose Nodes. In the right pane, click the Node Pools tab and click the name of the target node pool. Click the Overview tab, click Expand, and check the ECS group to which the node pool belongs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. Log in to the ECS console. In the navigation pane, choose Elastic Cloud Server > ECS Group and see if the target ECS group is present.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  3. If the ECS group is not present, log in to the CCE console. In the navigation pane, choose Nodes, click the Node Pools tab, locate the row containing the target node pool, and click Update. In the Advanced Settings area, unbind or change the ECS group.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  InstanceAboveServerGroup
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The number of ECSs in the ECS group exceeds the upper limit.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the CCE console. In the navigation pane, choose Nodes, click the Node Pools tab, and click the name of the target node pool. Click the Overview tab, click Expand, and check the ECS group to which the node pool belongs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. Log in to the ECS console, choose Elastic Cloud Server > ECS Group in the navigation pane, and check the quota of the target ECS group.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  3. If the quota is insufficient, log in to the CCE console. In the navigation pane, choose Nodes, click the Node Pools tab, locate the row containing the target node pool, and click Update. In the Advanced Settings area, unbind or change the ECS group.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the CCE console. In the navigation pane, choose Nodes. In the right pane, click the Node Pools tab, locate the row containing the target node pool, and click the node pool name. On the page displayed, click the Overview tab, click Expand, and check the ECS group to which the node pool belongs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. Log in to the ECS console, choose Elastic Cloud Server > ECS Group in the navigation pane, and check the quota of the target ECS group.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  3. If the quota is insufficient, log in to the CCE console. In the navigation pane, choose Nodes, click the Node Pools tab, locate the row containing the target node pool, and click Update. In the Advanced Settings area, unbind or change the ECS group.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  MaxNodeCountReached
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The number of expected nodes in the current node pool or scaling group has reached the maximum allowed limit.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Manually add nodes to the node pool or scaling group as needed. If the expected number of nodes in a node pool or scaling group reaches the maximum allowed limit, auto scaling will no longer be triggered for that node pool or scaling group. However, this does not affect manual scale-out operations.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Choose Nodes in the navigation pane, click the Node Pools tab in the right pane, locate the row containing the target node pool, click Auto Scaling, and change the value of Nodes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Or simply disable auto scaling of the node pool or scaling group.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -37,7 +37,7 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Modifying the Flavor of an ECS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The flavor of the ECS to be managed must be changed to that contained in the target node pool.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the ECS console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. Click the name of the target ECS. On the page displayed, click Stop. After the ECS is stopped, choose More > Modify Specifications in the Operation column.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  3. On the Modify ECS Specifications page, select the needed flavor and submit the application.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  4. Go back to the ECS list page and start the ECS.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the ECS console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. Click the name of the target ECS. On the page displayed, click Stop. After the ECS is stopped, choose More > Modify Specifications in the Operation column.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  3. On the Modify ECS Specifications page, select the needed flavor and submit the application.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  4. Go back to the ECS list page and start the ECS.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Changing Data Disk Configuration of an ECS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The number, space, and type of data disks of the ECS to be managed must be the same as those of data disks in the node pool.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -53,7 +53,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Changing the ECS Group of an ECS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The ECS group of the ECS to be managed must be the same as that of the target node pool.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the ECS console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. In the navigation pane, choose Elastic Cloud Server > ECS Group.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  3. Locate the row containing the target ECS group and click Add ECS in the Operation column.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  4. In the dialog box displayed, select the ECS to be added.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  5. Click OK to add the ECS to the ECS group.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the ECS console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. In the navigation pane, choose Elastic Cloud Server > ECS Group.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  3. Locate the row containing the target ECS group and click Add ECS in the Operation column.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  4. In the dialog box displayed, select the ECS to be added.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  5. Click OK to add the ECS to the ECS group.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
diff --git a/docs/cce/umn/cce_faq_00447.html b/docs/cce/umn/cce_faq_00447.html
index 3f487493f..0bd90773f 100644
--- a/docs/cce/umn/cce_faq_00447.html
+++ b/docs/cce/umn/cce_faq_00447.html
@@ -1,11 +1,11 @@
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  How Can I Delete a Security Group Rule Associated with a Deleted Subnet?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Scenarios
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Pod subnets can be deleted from CCE Turbo clusters of v1.23.17-r0, v1.25.12-r0, v1.28.7-r0, or later versions.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Scenarios
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Pod subnets can be deleted from CCE Turbo clusters of v1.23.17-r0, v1.25.12-r0, v1.27.9-r0, v1.28.7-r0, v1.29.3-r0, or later versions.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  When you delete a subnet, CCE does not automatically remove the security group rules associated with the subnet in the default node security group created by CCE. You must manually delete these rules.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Procedure
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the CCE console and click the cluster name to access the cluster console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. In the navigation pane, choose Settings and click the Network tab.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  3. In the Container Network area, copy the IPv4 CIDR block of the subnet. (The default-network is used as an example.)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  4. In the navigation pane, choose Overview. In the Networking Configuration area, click the name of the default node security group.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  5. On the page displayed, click the Inbound Rules tab, locate the row containing the target subnet CIDR block based on the source IP address, and find the corresponding security group rule.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  6. In the navigation pane, choose Overview. In the Networking Configuration area, click the name of the default node security group.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  7. On the page displayed, click the Inbound Rules tab, locate the row containing the target subnet CIDR block based on the source IP address, and find the corresponding security group rule.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  8. Click Delete in the Operation column.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
diff --git a/docs/cce/umn/cce_faq_00460.html b/docs/cce/umn/cce_faq_00460.html
index 677ed6831..51c568ff4 100644
--- a/docs/cce/umn/cce_faq_00460.html
+++ b/docs/cce/umn/cce_faq_00460.html
@@ -3,7 +3,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  How Can I Determine Which Ingress the Listener Settings Have Been Applied To?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  With CCE, you can associate multiple ingresses with a single load balancer listener and establish various forwarding policies. Listener configuration parameters are stored in annotations, which means that a listener can have different configuration parameters on different ingresses. This section describes how to determine which ingress the listener settings are applied to. It covers:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Determining Which Ingress the Listener Settings Have Been Applied To
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Listener parameters can be configured for all ingresses associated with the same listener, so CCE uses the listener annotation configurations (excluding SNI certificates) from the earliest created ingress (the first ingress). The first ingress is determined by sorting the metadata.createTimestamp fields of the ingresses in ascending order.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • The first ingress information is written into annotations in clusters of v1.21.15-r0, v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, v1.29.1-r0, and later. You can check kubernetes.io/elb.listener-master-ingress in the annotations of the existing ingresses.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • The first ingress information is written into annotations in clusters of v1.21.15-r0, v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, v1.29.1-r0, and later. You can check kubernetes.io/elb.listener-master-ingress in the annotations of the existing ingresses.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • To get the first ingress in clusters earlier than v1.21.15-r0, v1.23.14-r0, v1.25.9-r0, v1.27.6-r0, v1.28.4-r0, and v1.29.1-r0, use the kubectl command to obtain the ingresses associated with the same load balancer listener, sort these ingresses in ascending order, based on their creation time, and check the first one.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The query command is as follows: (Replace the load balancer ID and port number as needed.)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      elb_id=${1}
 elb_port=${2}
@@ -38,7 +38,7 @@ spec:
         - 'example.com'
       secretName: default-ns-secret-2
 ...
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Update the configurations of default-ns-secret-1 and default-ns-secret-2 in the first ingress.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • After the key is updated, log in to the network console. In the navigation pane, choose Elastic Load Balance > Certificates. In the right pane, check whether the server certificate has been updated based on the update time.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                3. Update the configurations of default-ns-secret-1 and default-ns-secret-2 in the first ingress.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                4. After the key is updated, log in to the network console. In the navigation pane, choose Elastic Load Balance > Certificates. In the right pane, check whether the server certificate has been updated based on the update time.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  5. 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  To update the listener server certificate created by an ingress using an ELB certificate, follow these steps:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. On the ELB console, obtain the ID of the server certificate used by the load balancer listener.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Log in to the network console. In the navigation pane, choose Elastic Load Balance > Load Balancers. In the right pane, click the name of the target load balancer.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2. Click the Listeners tab and click the name of the target listener to go to the details page.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3. On the Summary tab, obtain the server certificate ID.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. In the navigation pane, choose Elastic Load Balance > Certificates, search for the certificate based on the obtained server certificate ID, locate the row containing the target certificate, and click Modify in the Operation column.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
diff --git a/docs/cce/umn/cce_faq_00468.html b/docs/cce/umn/cce_faq_00468.html
index 6ac9cc6de..a8a81a676 100644
--- a/docs/cce/umn/cce_faq_00468.html
+++ b/docs/cce/umn/cce_faq_00468.html
@@ -4,7 +4,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Fault Locating
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  CCE allows you to locate a node fault using the CCE Node Problem Detector add-on (Locating a Node Fault Using the CCE Node Problem Detector Add-on). You can also refer to Locating a Node Fault by Performing a Self-Check to locate the fault.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the fault persists, submit a service ticket.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Locating a Node Fault Using the CCE Node Problem Detector Add-on
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  CCE provides an add-on called CCE Node Problem Detector for you to locate faults occurred with nodes. In 1.16.0 and later versions of this add-on, a large number of check items have been added. They allow you to detect the exceptions of resources and components on nodes and locate the faults.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Locating a Node Fault Using the CCE Node Problem Detector Add-on
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  CCE provides an add-on called CCE Node Problem Detector for you to locate faults occurred with nodes. In 1.16.0 and later versions of this add-on, a large number of check items have been added. They allow you to detect the exceptions of resources and components on nodes and locate the faults.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  It is strongly recommended that you install this add-on or upgrade it to version 1.16.0 or later.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  With this add-on, if an exception occurs with a node, you can view the abnormal metrics on the console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  You can also view the events reported by the add-on in node events and locate the faults based on the events.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -134,7 +134,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Locating a Node Fault by Performing a Self-Check
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Figure 1 Performing a self-check
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Locating a Node Fault by Performing a Self-Check
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Figure 1 Performing a self-check
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Log in to the CCE console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. Click the cluster name to access the cluster console. Choose Nodes in the navigation pane. In the right pane, click the Nodes tab.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  3. Locate the row containing the target node, choose More > View YAML in the Operation column, and check the Status field of the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The node is in the NotReady state.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Check the node status and verify whether the value of PIDPressure, DiskPressure, or MemoryPressure becomes True. If any of them becomes True, you can find the appropriate solution based on the exception keyword.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Check the key components on the node and the logs of these components. The key components on a node include a kubelet and the node runtime (Docker or containerd). For details, see Checking Key Components of the Node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Check the kubelet.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Check whether the kubelet and its logs are normal. If there is an exception, see Abnormal kubelet.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Check the runtime (Docker or containerd).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Check the runtime of the node. If you are not sure whether the runtime is Docker or containerd, log in to the CCE console and view the runtime of the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • If there is an exception, see Abnormal Runtime.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
@@ -199,14 +199,14 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Checking the Disks Attached to the Node
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • By default, a 100-GiB data disk is attached to a node for runtime purposes. You have the option to attach additional data disks to the node if needed. If the data disk is detached or damaged, the runtime becomes abnormal and the node becomes unavailable.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Checking the Disks Attached to the Node
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • By default, a 100-GiB data disk is attached to a node for runtime purposes. You have the option to attach additional data disks to the node if needed. If the data disk is removed or damaged, the runtime will be disrupted and the node will become unavailable.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • You need to check whether the data disks of the node are detached from it. If they are, you are advised to create a node and delete the unavailable node. (To minimize risks, you are not advised to perform operations on the CCE nodes through the ECS console.)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Checking Key Components of the Node
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  kubelet
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Check the kubelet.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Log in to the target node, run the following command on it, and check the kubelet:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    systemctl status kubelet
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The following shows an example of the expected output.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The expected output is shown in the figure below.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • View the kubelet logs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Log in to the target node, run the following command on it, and check the kubelet:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    journalctl -u kubelet
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
@@ -214,31 +214,31 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Runtime
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Docker
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Check the Docker runtime.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Log in to the target node, run the following command on it, and check the Docker process:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        systemctl status docker
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        The following shows an example of the expected output.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        The expected output is shown in the figure below.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • View the Docker logs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Log in to the target node, run the following command on it, and check the Docker logs:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        journalctl -u docker
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • containerd
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Check the containerd runtime.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Log in to the target node, run the following command on it, and check the containerd process:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        systemctl status containerd
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        The following shows an example of the expected output.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        The expected output is shown in the figure below.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • View the containerd logs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Log in to the target node, run the following command on it, and check the containerd logs:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        journalctl -u containerd
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • NTP
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Check whether the NTP is normal.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Log in to the target node, run the following command on it, and check the chronyd process:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        systemctl status chronyd
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        The following shows an example of the expected output.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        The expected output is shown in the figure below.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • View the NTP logs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Log in to the target node, run the following command on it, and check the NTP logs:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        journalctl -u chronyd
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Verifying Whether the Node DNS Address Is Properly Configured
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Log in to the target node and check whether any domain name resolution failure is recorded in /var/log/cloud-init-output.log:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    cat /var/log/cloud-init-output.log | grep resolv
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Verifying Whether the Node DNS Address Is Properly Configured
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Log in to the node and check whether any domain name resolution failure is recorded in /var/log/cloud-init-output.log:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      cat /var/log/cloud-init-output.log | grep resolv
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If information similar to the following is displayed, the domain name cannot be resolved:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Could not resolve host: xxx ; Unknown error
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Ping the domain name that cannot be resolved on the node:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      ping xxx
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
@@ -247,7 +247,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Common Issues and Solutions
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    PID Pressure
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Possible cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    PID Pressure
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Possible Cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The pods on the node are using up a large number of PIDs, causing a shortage of available PIDs on the node. By default, CCE reserves 10% of the available PIDs for pods.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Symptom
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If the number of available PIDs on a node is lower than the specified value of pid.available, the PIDPressure of the node will be set to True, resulting in the eviction of pods running on that node. For details about node eviction, see Node-pressure Eviction.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
@@ -264,7 +264,7 @@ ps -eLf|awk '{print $2}' | sort -rn| head -n 1 #: Check the processes that use t
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The first column shows the number of PIDs used by each process, while the second column displays the current process IDs. You can locate the process and associated pods with the given process ID, analyze the reason for excessive PID usage, and optimize the relevant code accordingly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Reduce the load of the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • To restart the node, go to the ECS console and restart it. (Be cautious when restarting the node because it may cause interruptions to your services.)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Memory Pressure
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Possible cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Memory Pressure
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Possible Cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The pods on the node are using up a large amount of memory, causing a shortage of available memory on the node. By default, the available memory of a CCE node is 100 MiB.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Symptom
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • If the number of available memory resources on a node is lower than the specified value of memory.available, the MemoryPressure of the node will be set to True, resulting in the eviction of pods running on that node. For details about node eviction, see Node-pressure Eviction.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • If the memory of a node is not enough, the following message will show:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • The value of MemoryPressure becomes True.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • When some pods on the node are evicted:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • You can see "The node was low on resource: memory" in the events of the evicted pods.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • You can see "attempting to reclaim memory" in the node events.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
@@ -273,7 +273,7 @@ ps -eLf|awk '{print $2}' | sort -rn| head -n 1 #: Check the processes that use t
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Check the node memory usage through the node monitoring data, identify the time when the exception occurs, and verify if there is any memory leak in the processes on the node. For details, see Checking the Node Monitoring Data.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Reduce the load of the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • To restart the node, go to the ECS console and restart it. (Be cautious when restarting the node because it may cause interruptions to your services.)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Disk Pressure
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Possible cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Disk Pressure
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Possible Cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The root file system, image file system, or container file system on the node is consuming excessive disk space and inodes, surpassing the eviction threshold. This leads to the nodefs.available, nodefs.inodesFree, imagefs.available, or imagefs.inodesFree metric met the eviction threshold, causing disk pressure. The table below shows the default values for these parameters.
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -322,7 +322,7 @@ ps -eLf|awk '{print $2}' | sort -rn| head -n 1 #: Check the processes that use t
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • View the node disk usage through the node monitoring data, identify the time when the exception occurs, and check if processes on the node are consuming excessive disk space. For details, see Checking the Node Monitoring Data.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • If a large number of files are not deleted from the node disks, delete these files.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Restrict the ephemeral-storage configurations of the pods based on service requirements.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Use cloud storage services instead of hostPath volumes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Expand the capacity of the node disks. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Reduce the load of the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Abnormal kubelet
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Possible cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Abnormal kubelet
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Possible Cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The kubelet process is not functioning properly or the kubelet configuration is improper. Typically, CCE has set up health checks for kubelet as a default configuration. There is a greater chance of startup failure if the configuration is incorrect.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Symptom
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  kubelet is inactive.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -334,7 +334,7 @@ ps -eLf|awk '{print $2}' | sort -rn| head -n 1 #: Check the processes that use t
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Abnormal Runtime
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Possible cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Abnormal Runtime
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Possible Cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The Docker or containerd configuration or process is not functioning properly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Symptom
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Docker
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Docker is inactive.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Docker is active and running, but the node is experiencing issues and not functioning properly, resulting in abnormal behavior. In this case, the docker ps or docker exec command fails to be executed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • The value of RuntimeOffline of the node becomes True.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
@@ -343,11 +343,11 @@ ps -eLf|awk '{print $2}' | sort -rn| head -n 1 #: Check the processes that use t
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. Log in to the abnormal node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2. Restart the runtime:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      # Docker
 systemctl restart docker
-# Containerd
+# containerd
 systemctl restart containerd
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3. After the command is executed, check whether the running status is normal.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      # Docker
 systemctl status docker
-# Containerd
+# containerd
 systemctl status containerd
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4. If the component status is still abnormal after the restart, check the component logs:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      # Docker
 journalctl -u docker
@@ -355,7 +355,7 @@ journalctl -u docker
 journalctl -u containerd
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Abnormal NTP
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Possible cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Abnormal NTP
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Possible Cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The NTP process is abnormal.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Symptom
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • chronyd is inactive.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • The value of NTPProblem becomes True.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -365,17 +365,17 @@ journalctl -u containerd
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                5. If the chronyd status is still abnormal after the restart, log in to the node and view the chronyd logs:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  journalctl -u chronyd
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  6. 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Abnormal Node Restart
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Possible cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Abnormal Node Restart
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Possible Cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The node is experiencing abnormal load.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Symptom
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  During the restart, the node is in the NotReady state.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Check the time when the node was restarted:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    last reboot
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The following shows an example of the expected output.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The expected output is shown in the figure below.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. View the node monitoring data and locate the abnormal resource based on the restart time of the node. For details, see Checking the Node Monitoring Data.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  3. Check the kernel logs and locate the fault based on the restart time.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Abnormal Node Network
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Possible cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Abnormal Node Network
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Possible Cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The node is experiencing abnormal running status, incorrect security group configuration, or excessive network load.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Symptom
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • The node cannot be logged in to.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • The node is in the Unknown state.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -384,7 +384,7 @@ journalctl -u containerd
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                6. If the network load of the node is too high, perform the following operations:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • View the node networking through the node monitoring data and check whether the pods on the node are consuming excessive network bandwidth.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Use network policies to control network traffic of the pods on the node. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  7. 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Abnormal PLEG
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Possible cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Abnormal PLEG
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Possible Cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The pod lifecycle event generator (PLEG) records different events in the lifecycle of a pod, such as the pod startup and termination. The error "PLEG is not healthy" is usually due to abnormal runtime processes on the node or issues with the systemd version on the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Symptom
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • The node is in the NotReady state.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • You can see the following information in the kubelet logs:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    skipping pod synchronization - PLEG is not healthy: pleg was last seen active 3m17.028393648s ago; threshold is 3m0s.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
@@ -392,7 +392,7 @@ journalctl -u containerd
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Restart Docker or containerd and kubelet in sequence and then check whether the node is restored.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • If the node is not restored after the restart of the key components, restart the node. (Be cautious when restarting the node because it may cause interruptions to your services.)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Node Overloaded
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Possible cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Node Overloaded
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Possible Cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The node resources are not enough for pod scheduling.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Symptom
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If there are not enough scheduling resources available on the node, pod scheduling will fail and the following error information will be displayed: (Only errors related to common resources are listed.)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Insufficient CPUs in a cluster: 0/2 nodes are available: 2 Insufficient cpu
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Insufficient memory in a cluster: 0/2 nodes are available: 2 Insufficient memory
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Insufficient temporary storage space in a cluster: 0/2 nodes are available: 2 Insufficient ephemeral-storage
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -429,7 +429,7 @@ Allocated resources:
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the resources on a node are not enough for pod scheduling, reduce the node load through either of the following ways:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Delete unnecessary pods.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Restrict the resource configurations of pods based on service requirements.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Add more nodes to the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Restricted Node Scheduling with the node.kubernetes.io/route-unreachable Taint
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Possible cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Restricted Node Scheduling with the node.kubernetes.io/route-unreachable Taint
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Possible Cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The network infrastructure's route tables allow the container networks in a cluster that uses the VPC network model to be accessible. A newly created CCE node has network isolation support. If the node network is not functioning properly, the system will automatically add the node.kubernetes.io/route-unreachable taint to the node and remove it once the network is ready. If the node.kubernetes.io/route-unreachable taint remains for an extended period, it indicates abnormal network connectivity for the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Symptom
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  A newly created node is restricted for scheduling for a long time.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
@@ -458,21 +458,21 @@ spec:
                   - {node_ip}
   schedulerName: default-scheduler
   tolerations:
-    - key: node.kubernetes.io/route-unreachabe
+    - key: node.kubernetes.io/route-unreachable
       operator: Exists
       effect: NoSchedule
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  After the container is started, log in to another normal node and ping the IP address of the container. If the communication is abnormal, go to the next step.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                7. On the Route Tables page of the VPC console, check whether the node route has been added, whether the next hop type is cloud container, and whether the next hop is the node name. If the node route is present in the route table but the node is still unable to connect to the network, it suggests a potential problem with the underlying network. In such situations, submit a service ticket to the networking team for assistance.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                8. If the fault persists, submit a service ticket to CCE for troubleshooting.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  9. 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Node Unavailable Due to OOM
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Possible cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Node Unavailable Due to OOM
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Possible Cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Many containers are scheduled onto a node, using up all its resources and causing an OOM issue. This issue is primarily seen on nodes running the Docker container engine.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Symptom
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If a node in the cluster is assigned too many containers, the node OS might crash, rendering the node unavailable. You may see the information similar to the following after logging in to the node with VNC.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Check the node events:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  kubectl describe node {nodeName}
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Pay attention to the abnormal node events in the output.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the resources on a node are not enough for pod scheduling, reduce the node load through either of the following ways:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Reset the faulty node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Delete unnecessary pods.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Restrict the resource configurations of pods based on service requirements.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Add more nodes to the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
diff --git a/docs/cce/umn/cce_faq_00484.html b/docs/cce/umn/cce_faq_00484.html
index d14f81995..44b4a4028 100644
--- a/docs/cce/umn/cce_faq_00484.html
+++ b/docs/cce/umn/cce_faq_00484.html
@@ -2,8 +2,8 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  What Is an OBS Global Access Key and How Do I Check Whether a Global Access Key Is Used in a Cluster?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  When creating an OBS PVC in a CCE cluster, you need to select an access key (AK/SK). OBS access keys are classified into the following types:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • (Recommended) Custom access key: When a custom access key is used, the YAML file of the PVC contains the csi.storage.k8s.io/node-publish-secret-namespace and csi.storage.k8s.io/node-publish-secret-name annotations, which specify the secret namespace and secret name for storing keys in the cluster, respectively.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • (Not recommended and supported only by existing users who have uploaded files) Global access key: When a global access key is used, the YAML file of the PVC does not contain the csi.storage.k8s.io/node-publish-secret-namespace and csi.storage.k8s.io/node-publish-secret-name annotations, and the secret of the global access key is fixed in the kube-system namespace and named paas.longaksk.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • (Recommended) Custom access key: When a custom access key is used, the YAML file of the PVC contains the csi.storage.k8s.io/node-publish-secret-namespace and csi.storage.k8s.io/node-publish-secret-name annotations, which specify the secret namespace and secret name for storing keys in the cluster, respectively.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • (Not recommended and supported only by existing users who have uploaded files) Global access key: When a global access key is used, the YAML file of the PVC does not contain the csi.storage.k8s.io/node-publish-secret-namespace and csi.storage.k8s.io/node-publish-secret-name annotations, and the secret of the global access key is fixed in the kube-system namespace and named paas.longaksk.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The global access secret (paas.longaksk) is used by project. Once a global access secret is used, it is automatically created for each cluster within the same project. However, this can lead to security and management complexities. Therefore, it is not recommended that you use global access secrets.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      If you do not need to use the global access key, you can disable it in Settings of the cluster. After the operation, CCE deletes the global access key paas.longaksk from the kube-system namespace. If you need to use this function later, you can enable it again in the settings.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_faq_00487.html b/docs/cce/umn/cce_faq_00487.html
index 3ddd8a59d..51802751b 100644
--- a/docs/cce/umn/cce_faq_00487.html
+++ b/docs/cce/umn/cce_faq_00487.html
@@ -7,15 +7,15 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      The main issue here stems from Kubernetes' native mechanism. To maintain pod stability, you are advised to match the label of a pod with the label of the node where the pod runs. This prevents the pod from being terminated during affinity policy checks when kubelet restarts, or a new pod from encountering issues with scheduling due to mismatched affinity policies and node labels after creation.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • When you only need to add a new Kubernetes label to a node or node pool, avoid removing any existing Kubernetes labels from it. This ensures that the affinity policies remain unchanged so that the existing pods can continue running on the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • If you need to change or delete a Kubernetes label on a node or node pool, but the new label does not align with the affinity policies of the pods running on the node, take the following steps to verify if there are pods with affinity scheduling configured on the node: (If no check is done, there may be a problem with pod scheduling when kubelet restarts.)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        1. Check whether an affinity policy has been configured for the workloads on a node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • If the node is in the default node pool (DefaultPool), run the following command and replace <node-IP-address> with the actual one:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            nodeIP='<node-IP-address>' && kubectl get pod --all-namespaces -o=custom-columns=nodeIP:'status.hostIP',nodeAffinity:'spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms' | sed '1d' | grep $nodeIP | awk '{print substr($0, index($0,$2))}' | grep matchExpressions | uniq
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • If the command output is empty, it indicates that there is no affinity policy configured for any workload on the node, so the workload pods will not be rescheduled because of a new node label.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • If the command output is not empty, it means there is an affinity policy configured for some workloads on the node. The following shows an example, and it indicates that there is a tag1=value1 label configured for some workloads.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • If the command output is empty, it indicates that there is no affinity policy configured for any workload on the node, so the workload pods will not be rescheduled because of a new node label.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • If the command output is not empty, it means there is an affinity policy configured for some workloads on the node. The following shows an example, and it indicates that there is a tag1=value1 label configured for some workloads.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • If the node is in a custom node pool, run the following command and replace <node-pool-name> with the actual one:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              nodeIPs=$(kubectl get nodes -l cce.cloud.com/cce-nodepool=<node-pool-name> -o=custom-columns=IP:'metadata.annotations.alpha\.kubernetes\.io\/provided-node-ip' | sed '1d' | tr '\n' '|' | sed 's/|$//') && kubectl get pod --all-namespaces -o=custom-columns=nodeIP:'status.hostIP',nodeAffinity:'spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms' | sed '1d' | grep -E $nodeIPs | awk '{print substr($0, index($0,$2))}' | grep matchExpressions | uniq
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • If the command output is empty, it indicates that there is no affinity policy configured for any workload in the node pool, so the workload pods will not be rescheduled because of a new node label.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • If the command output is not empty, it means there is an affinity policy configured for some workloads in the node pool. The following shows an example, and it indicates that there is a tag1=value1 label configured for some workloads.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • If the command output is empty, it indicates that there is no affinity policy configured for any workload in the node pool, so the workload pods will not be rescheduled because of a new node label.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • If the command output is not empty, it means there is an affinity policy configured for some workloads in the node pool. The following shows an example, and it indicates that there is a tag1=value1 label configured for some workloads.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Get all workloads that are associated with the affinity policy. The value of affinity-policy is the one obtained in the previous step.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              match='affinity-policy' && kubectl get deployment,statefulset,daemonset,job,cronjob --all-namespaces -o=custom-columns=kind:'kind',name:'metadata.namespace',namespace:'metadata.name',nodeAffinity:'spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms' | grep -F "$match" | awk '{print "kind:" $1 ",namespace:" $2 ",name:" $3}' 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              As shown in the following figure, the workloads with the tag1=value1 label are displayed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Evaluate the impact of the workload restart on services before changing any label on the node or node pool.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              You can also modify the affinity policy of a workload to schedule it to other nodes and change the node label after the workload pod runs properly.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_faq_00488.html b/docs/cce/umn/cce_faq_00488.html
new file mode 100644
index 000000000..9dd324036
--- /dev/null
+++ b/docs/cce/umn/cce_faq_00488.html
@@ -0,0 +1,19 @@
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      How Can I Drain a GPU Node After Upgrading or Rolling Back the CCE AI Suite (NVIDIA GPU) Add-on?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Symptom
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      When GPU virtualization workloads are present on a GPU node, upgrading or rolling back the CCE AI Suite (NVIDIA GPU) add-on led to failures in upgrading or rolling back certain components like GPU virtualization and runtime components. To ensure smooth operation of the add-on, a drainage operation must be carried out on the GPU node to clear the GPU virtualization workloads. You are advised to follow the rolling drainage policy, which involves draining only one or a few GPU nodes at a time to avoid disrupting services on a large scale.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      When draining a GPU node, make sure to reserve enough GPU resources on other nodes to meet pod scheduling needs. This helps avoid pod scheduling issues due to inadequate resources and ensures smooth service operation.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Log in to the CCE console and click the cluster name to access the cluster Overview page.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2. In the navigation pane, choose Cluster > Nodes. In the right pane, click the Nodes tab, locate the row containing the target GPU node, and choose More > Drain Node in the Operation column.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      3. In the Drain Node dialog box displayed, click OK. If there are pods with emptyDir volumes mounted or pods that are not managed by controllers, enable forcible drainage.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      4. In the node list, locate the row containing the GPU node and choose More > Pods in the Operation column. In the window that slides out from the right, locate the row containing the nvidia-gpu-device-plugin-xxx pod and choose More > Delete in the Operation column. In the Delete Pod dialog box displayed, click Yes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        You can see that the nvidia-gpu-device-plugin-xxx pod is in the Abnormal state. Once it transitions to the Running state and Drained appears in the Status column, the GPU virtualization workloads on the GPU node have been drained.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      5. In the node list, locate the row containing the GPU node and choose More > Enable Scheduling in the Operation column. You can continue repeating the previous steps until all GPU nodes have been drained.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Parent topic: Chart and Add-on
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
diff --git a/docs/cce/umn/cce_faq_00493.html b/docs/cce/umn/cce_faq_00493.html
new file mode 100644
index 000000000..0f48d820d
--- /dev/null
+++ b/docs/cce/umn/cce_faq_00493.html
@@ -0,0 +1,246 @@
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      What Should I Do If the LoadBalancer Ingress Configuration Is Inconsistent with the Load Balancer Configuration During a CCE Cluster Upgrade?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      ELB Resources
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      In a CCE cluster, LoadBalancer ingresses are used to route external traffic to Services within the cluster. The parameters defined in an ingress are applied to configure a load balancer for effective traffic management and distribution. Table 1 lists the mapping between load balancer configuration and ingress parameters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Parameter
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   		
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Table 1 Mapping between load balancer configuration and LoadBalancer ingresses
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Load Balancer Configuration
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Description
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Mapping in a LoadBalancer Ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Load balancer (elb)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  -
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Distribute incoming traffic across backend servers in one or more AZs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  kubernetes.io/elb.id in ingress annotations
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Listener (listener)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  -
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Use the protocol and port you specify to check for requests from clients and route the requests to associated backend servers based on the routing rules you define.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  kubernetes.io/elb.port in ingress annotations, which defaults to 80/443 if not defined
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Forwarding policy (l7policy)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Forwarding policy
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Load balancer forwarding rules: domain names or paths
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Domain name and path in the forwarding rule: spec.rules[].host and spec.rules[].http.paths[].path in the ingress parameters, respectively
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Load balancer forwarding actions: forward to a backend server group
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Backend server group: the backend service of the associated Service specified by spec.rules[].http.paths[].backend.service in the ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Advanced forwarding policy
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Load balancer forwarding rules: domain names, paths, HTTP request methods, HTTP headers, query strings, or CIDR blocks
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The annotations related to advanced forwarding policies such as kubernetes.io/elb.actions and kubernetes.io/elb.conditions in the ingress annotations
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Load balancer forwarding actions: forward to a backend server group, redirect to another listener, redirect to another URL, return a specific response body, rewrite, write header, remove header, and limit request
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Backend server group (pool)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  -
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  A backend server group is a logical collection of one or more backend servers to receive massive requests concurrently. A backend server can be an ECS, supplementary network interface, or IP address.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  spec.rules[].http.paths[].backend in the ingress parameters
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Backend server (member)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  -
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Backend servers receive and process requests from the associated load balancer. For example, you can add an ECS as a backend server of a load balancer. The listener checks connection requests from clients using the configured protocol and port and forwards the requests to the backend servers in the backend server groups based on the load balancing algorithm you set.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Endpoint of the Service associated with the ingress
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Troubleshooting Inconsistency Between Ingress and Load Balancer Configuration
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  During a pre-upgrade cluster check, many discrepancies between ingress and load balancer configuration may be identified. For each inconsistent item, CCE provides the expected configuration details. An example is as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  inconsistent: ingress(default/nginx) need create listener(HTTP/8000) of elb(4a090bf3-9d11-45dc-8d04-f9cf010ba2ec), the wanted configuration is {"name":"k8s_HTTP_8000","protocol_port":8000,"protocol":"HTTP","loadbalancer_id":"4a090bf3-9d11-45dc-8d04-f9cf010ba2ec","sni_container_refs":null,"http2_enable":false}
+
+inconsistent: ingress(default/nginx) need create pool(k8s_default_nginx-80_HTTP-8000), the wanted configuration is {"name":"k8s_default_nginx-80_HTTP-8000","protocol":"HTTP","loadbalancer_id":"4a090bf3-9d11-45dc-8d04-f9cf010ba2ec","lb_algorithm":"ROUND_ROBIN","slow_start":{"enable":false,"duration":30}}
+
+inconsistent: need create member(address: 172.16.0.54) of pool(k8s_default_nginx-80_HTTP-8000), the wanted configuration is {"name":"2c2405d1abc17da48c70e9edc9a340fc","subnet_cidr_id":"77b9ad29-e30f-451b-92e7-949b83220b0f","address":"172.16.0.54","protocol_port":30838,"weight":6}
+
+inconsistent: ingress(default/nginx) need create l7policy(k8s_default_nginx_6666cd76) of listener(k8s_HTTP_8000/HTTP/8000), the wanted configuration is {"name":"k8s_default_nginx_6666cd76","listener_id":"k8s_HTTP_8000/HTTP/8000","action":"REDIRECT_TO_POOL","redirect_pool_id":"k8s_default_nginx-80_HTTP-8000"}
+
+ inconsistent: ingress(default/nginx) need create rule of l7policy(k8s_default_nginx_6666cd76), the wanted configuration is {"type":"PATH","compare_type":"STARTS_WITH","value":"/"}
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  You can perform the following operations in sequence.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  No.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Exception
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Cause
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Listener (listener)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  		
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Forwarding policy (l7policy)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  		
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  3
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Forwarding rule (rule)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Inconsistent Forwarding Rules: A Forwarding Rule Needs to Be Created or Deleted
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  4
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Backend server group (pool)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Inconsistent Backend Server Groups: A Backend Server Group Needs to Be Created
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  5
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Backend server (member)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  		
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  6
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Health check (healthMonitor)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  		
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Inconsistent Listeners: A Listener Needs to Be Created
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  inconsistent: ingress(xxx) need create listener ...
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  When a listener's name or description is modified or a listener is deleted from the ELB console, this problem arises. In this case, you can use the port to check whether the listener is available on the ELB console and if its name and description match the expected configuration.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The listener description should resemble the following, where cluster_id represents the ID of the cluster:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  {"attention":"Auto-generated by CCE service, do not modify!","cluster_id":"5d4d44bd-0891-11f0-84d3-0255ac10003e"}
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  For example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  inconsistent: ingress(default/nginx) need create listener(HTTP/8000) of elb(4a090bf3-9d11-45dc-8d04-f9cf010ba2ec), the wanted configuration is {"name":"k8s_HTTP_8000","protocol_port":8000,"protocol":"HTTP","loadbalancer_id":"4a090bf3-9d11-45dc-8d04-f9cf010ba2ec","sni_container_refs":null,"http2_enable":false}
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  This indicates that an Nginx ingress in the default namespace needs a listener with port 8000 and protocol HTTP under the load balancer 4a090bf3-9d11-45dc-8d04-f9cf010ba2ec. The listener should be named k8s_HTTP_8000, with sni_container_refs set to null and http2_enable set to false. The description also needs to be specified.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Inconsistent Listeners: A Listener Needs to Be Updated
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  inconsistent: ingress(xxx) need update listener ...
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  When the listener configuration is modified on the ELB console but is not synchronized with CCE, this problem arises. In this case, you can check the ELB console for the actual configuration and compare it with the expected configuration. If there is any inconsistency, you can update the listener manually or modify the ingress as needed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  For example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  inconsistent: ingress(default/cce-elb-ingress) need update listener(5ca8a931-9d7a-465e-b503-08f88d528cd8), the wanted configuration is {"id":"5ca8a931-9d7a-465e-b503-08f88d528cd8","sni_container_refs":null}
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The expected configuration of the listener is displayed after the wanted configuration is. In this example, the expected configuration is sni_container_refs: null. In this case, you can check whether the SNI function is enabled for the ELB listener but is missing in the ingress. If so, add the SNI configuration to the ingress. For details, see Configuring SNI for a LoadBalancer Ingress.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Inconsistent Forwarding Policies: A Forwarding Policy Needs to Be Created
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  inconsistent: ingress(xxx) need create l7policy(xxx) ...
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  When the description of a forwarding policy created by CCE is modified on the ELB console or a forwarding policy created by CCE is deleted on the ELB console, this problem arises. In this case, you can verify the policy's existence on the ELB console by its name and check whether the description matches the expected configuration.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The following shows an example for the description of a forwarding policy. The value of cluster_id is the ID of the current cluster, and the value of ingress_id is the UID of the current ingress.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  {"attention":"Auto-generated by CCE service, do not modify!","cluster_id":"5d4d44bd-0891-11f0-84d3-0255ac10003e","ingress_id":"8a79a17b-f9ab-4431-95f6-0e1125093aac"}
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  The ELB console does not provide a direct view of forwarding policy descriptions. To access this information, you must retrieve it from the data returned through the browser interface.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  For example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  inconsistent: ingress(default/nginx) need create l7policy(k8s_default_nginx_6666cd76) of listener(0bdabd92-a85b-4f9b-96df-0fde706ea028), the wanted configuration is {"name":"k8s_default_nginx_6666cd76","listener_id":"0bdabd92-a85b-4f9b-96df-0fde706ea028","action":"REDIRECT_TO_POOL","redirect_pool_id":"k8s_default_nginx-80_HTTP-8000"}
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  This indicates that the Nginx ingress in the default namespace needs a forwarding policy named k8s_default_nginx_6666cd76 under the listener 0bdabd92-a85b-4f9b-96df-0fde706ea028, and traffic needs to be forwarded to the backend server group named k8s_default_nginx-80_HTTP-8000. The description also needs to be specified. You can call the API for creating a forwarding policy.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  You can view the created forwarding policy in the returned information via the browser interface.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Inconsistent Forwarding Policies: A Forwarding Policy Needs to Be Updated
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  inconsistent: ingress(xxx) need update l7policy(xxx) of listener(xxx) ...
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  When the backend server group (redirect_pool_id) of the forwarding policy created by CCE is modified on the ELB console, this problem arises. For example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  inconsistent: ingress(default/nginx) need update l7policy(c4beb313-0a32-4add-9d0e-68b8f0f90e01) of listener(0bdabd92-a85b-4f9b-96df-0fde706ea028), the wanted configuration is {"id":"c4beb313-0a32-4add-9d0e-68b8f0f90e01","redirect_pool_id":"k8s_default_nginx-80_HTTP-8000","redirect_pools_config":[]}
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  This indicates that for the Nginx ingress in the default namespace, the redirect_pool_id in the forwarding policy c4beb313-0a32-4add-9d0e-68b8f0f90e01 must be updated to the backend server group ID of k8s_default_nginx-80_HTTP-8000 under the listener 0bdabd92-a85b-4f9b-96df-0fde706ea028. Additionally, the redirect_pools_config should be deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Inconsistent Forwarding Policies: A Forwarding Policy Needs to Be Deleted
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  inconsistent: ingress(xxx) need delete l7policy(id: xxx) ...
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  When a forwarding policy is created on the ELB console for the listener that is created by CCE, this problem arises. In this case, you can locate the forwarding policy based on its ID and then delete it.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  For example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  inconsistent: need delete l7policy(id: f4eda0af-869a-47fb-a699-2f27f286b641)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  You can call the API for viewing details of a forwarding policy to see which ELB listener the forwarding policy applies and then delete the forwarding policy. If you want to keep the forwarding policy, add the corresponding configuration to the ingress.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Inconsistent Forwarding Rules: A Forwarding Rule Needs to Be Created or Deleted
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  inconsistent: ingress(xxx) need create rule of l7policy(xxx) ...
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  When the forwarding rule of a forwarding policy created by CCE is modified on the ELB console, this problem arises. Typically, changes to the rule type, matching mode, or path result in discrepancies. CCE handles forwarding rule updates by deleting and recreating them, which often leads to simultaneous creation and deletion issues.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  For example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  inconsistent: ingress(default/nginx) need create rule of l7policy(k8s_default_nginx_6666cd76), the wanted configuration is {"type":"PATH","compare_type":"STARTS_WITH","value":"/"}
+
+inconsistent: need delete rule(6cf87a3e-373e-4378-bf7a-16a709feee63) of l7policy(c4beb313-0a32-4add-9d0e-68b8f0f90e01)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  This indicates that for the Nginx ingress in the default namespace, a forwarding rule needs to be created for the k8s_default_nginx_6666cd76 policy. The rule's type should be PATH, the matching mode should be STARTS_WITH (prefix matching), and the value should be /. Additionally, you need to delete the forwarding rule 6cf87a3e-373e-4378-bf7a-16a709feee63 from the forwarding policy c4beb313-0a32-4add-9d0e-68b8f0f90e01.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Inconsistent Backend Server Groups: A Backend Server Group Needs to Be Created
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  inconsistent: need create pool(xxx)...
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  When the backend server group (redirect_pool_id) of the forwarding policy created by CCE is modified on the ELB console, this problem arises. Typically, the system displays the message "need update l7policy ...". In this case, you can check if the backend server group exists by its name or listener. If the group exists, update the backend server group of the forwarding policy.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  For example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  inconsistent: ingress(default/nginx) need create pool(k8s_default_nginx-80_HTTP-8000), the wanted configuration is {"name":"k8s_default_nginx-80_HTTP-8000","protocol":"HTTP","loadbalancer_id":"4a090bf3-9d11-45dc-8d04-f9cf010ba2ec","lb_algorithm":"ROUND_ROBIN","slow_start":{"enable":false,"duration":30}}
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  If the group does not exist, create one based on the printed configuration items.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Inconsistent Backend Servers: A Backend Server Needs to Be Created
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  inconsistent: need create member(address: xxx) of pool(xxx) ...
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  When a backend server in a backend server group created by CCE is modified on the ELB console, this problem arises.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  For example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  inconsistent: need create member(address: 172.16.0.54) of pool(dab7b0c1-623e-4499-8c70-7477f36fc2ef), the wanted configuration is {"name":"2c2405d1abc17da48c70e9edc9a340fc","subnet_cidr_id":"77b9ad29-e30f-451b-92e7-949b83220b0f","address":"172.16.0.54","protocol_port":30838,"weight":6}
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  This indicates that a backend server 2c2405d1abc17da48c70e9edc9a340fc with the IP address 172.16.0.54, port 30838, weight 6, and subnet 77b9ad29-e30f-451b-92e7-949b83220b0f needs to be added to the backend server group dab7b0c1-623e-4499-8c70-7477f36fc2ef. You cannot enter a backend server name on the ELB console, but you can call the API for adding a backend server.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Inconsistent Backend Servers: A Backend Server Needs to Be Updated
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  inconsistent: need update member(address: xxx) of pool(xxx) ...
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  When the weight of a backend server in the backend server group created by CCE is changed on the ELB console, this problem arises.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  For example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  inconsistent: need update member(9a65b96c-891a-439e-a692-508c3e095095) of pool(dab7b0c1-623e-4499-8c70-7477f36fc2ef), the wanted configuration is {"id":"9a65b96c-891a-439e-a692-508c3e095095","name":"2c2405d1abc17da48c70e9edc9a340fc","weight":6}
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  This indicates that you need to change the weight of the backend server 9a65b96c-891a-439e-a692-508c3e095095 in the backend server group dab7b0c1-623e-4499-8c70-7477f36fc2ef to 6.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Inconsistent Backend Servers: A Backend Server Needs to Be Deleted
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  inconsistent: need delete member(address: xxx) of pool(xxx) ...
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  When a backend server in a backend server group created by CCE is modified on the ELB console, this problem arises.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  For example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  inconsistent: need delete members([d0891296-daf9-496b-9cac-ad1a1101b303]) of pool(dab7b0c1-623e-4499-8c70-7477f36fc2ef)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  This indicates that you need to delete the backend server d0891296-daf9-496b-9cac-ad1a1101b303 from the backend server group dab7b0c1-623e-4499-8c70-7477f36fc2ef.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Inconsistent Health Check Settings: Health Checks Need to Be Removed
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  inconsistent: need delete healthMonitor(xxx) of pool(xxx) ...
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  When the health checks of a backend server group created by CCE are enabled on the ELB console but are not configured in the ingress, this problem arises.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  For example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  inconsistent: need delete healthMonitor(ef7ad2c3-bdda-4727-8a1c-de37eeb48b55) of pool(402dbff8-58b8-4a49-bb99-0dc5cf87c35b)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  This indicates that the health check associated with the backend server group 402dbff8-58b8-4a49-bb99-0dc5cf87c35b needs to be removed. You can call the API for deleting a health check. You can also enable the health check in the ingress.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Inconsistent Health Check Settings: Health Checks Need to Be Updated
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  inconsistent: need update healthMonitor(xxx) of pool(xxx) ...
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  When the health checks of a backend server group created by CCE are modified on the ELB console, this problem arises.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  For example:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  inconsistent: need update healthMonitor(9d438b19-4342-42af-a876-77d49bbc9447) of pool(402dbff8-58b8-4a49-bb99-0dc5cf87c35b), the wanted configuration is {"delay":5,"max_retries":3,"timeout":10,"type":"HTTP","url_path":"/","monitor_port":null,"admin_state_up":true}
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  This indicates that the health check 9d438b19-4342-42af-a876-77d49bbc9447 must be updated to match the desired settings.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Common Issues
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Why is "need create" displayed when the listener, Layer 7 policy (l7policy), or pool exists?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Resources managed by CCE must have descriptions. You need to check whether the descriptions exist.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Parent topic: Cluster Upgrade
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
diff --git a/docs/cce/umn/cce_faq_00501.html b/docs/cce/umn/cce_faq_00501.html
new file mode 100644
index 000000000..69ae6ef44
--- /dev/null
+++ b/docs/cce/umn/cce_faq_00501.html
@@ -0,0 +1,76 @@
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  What Can I Do If a GPU Card Is Unavailable on a GPU Node?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Symptom
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  A GPU card on a GPU node is unavailable. The possible causes include:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • The CCE AI Suite (NVIDIA GPU) add-on is not ready or malfunctioning.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • The node driver is not ready.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • The GPU card is abnormal.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Solution
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Check whether the driver is faulty. Then, check the device-plugin component of the CCE AI Suite (NVIDIA GPU) add-on. Finally, check the GPU card.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Handling a Driver Fault
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1. Check the nvidia-driver-installer pod status.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Log in to the CCE console and click the cluster name to access the cluster Overview page. In the navigation pane, choose Nodes. In the right pane, click the Nodes tab. Locate the row containing the target node, choose More > Pods in the Operation column, and check whether the nvidia-driver-installer pod runs on the node. If the nvidia-driver-installer pod is present and is:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • In the Running state: The pod is functioning properly. Proceed to 2 to verify whether the driver was installed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Not in the Running state for an extended period: Check the pod events for any abnormalities and troubleshoot based on the reported error information. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The name of the nvidia-driver-installer pod varies depending on the OS. The details are listed in the table below.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Table 1 Names of the nvidia-driver-installer pod
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    OS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Pod Name
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    HCE OS 2.0
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    hce20-nvidia-driver-installer
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Ubuntu
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    ubuntu22-nvidia-driver-installer
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Others
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    nvidia-driver-installer
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2. Check whether the GPU driver has been installed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1. In the node list, click the name of the target node. In the dialog box displayed, click OK. On the node details page, click Remote Login in the upper right corner.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2. Check the driver installation directory.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1. Check whether the directory exists. If it is present, run the below command to go to the driver installation directory. If it is not present, skip this step and go to 3 to check whether there is an error during the driver installation.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        cd <Driver installation directory>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        The driver installation directory varies depending on the CCE AI Suite (NVIDIA GPU) add-on version. The details are as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • If the CCE AI Suite (NVIDIA GPU) add-on version is later than 2.0.0, the driver installation directory is /usr/local/nvidia.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • If the CCE AI Suite (NVIDIA GPU) add-on version is earlier than 2.0.0, the driver installation directory is /opt/cloud/cce/nvidia.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2. Run the following command in the driver installation directory to view all files in the directory:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        ls -l
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        The figure below shows a typical file directory. nvidia.run is the driver installation file. nvidia-installer.log is the installation logs generated by the NVIDIA driver. nvidia-uninstall.log, if present, is the corresponding uninstallation logs, though it may not always appear in the directory. If any files are missing, except for nvidia-uninstall.log, go to 3 to check whether there is an error during the driver installation.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      3. Run the below command to go to the bin directory of NVIDIA and check whether nvidia-smi is functioning properly. If the add-on version is earlier than 2.0.0, replace the path with opt/cloud/cce/nvidia/bin.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        cd /usr/local/nvidia/bin
+./nvidia-smi
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        If information similar to that shown in the figure below is not displayed, go to 3 to check whether there is an error during the driver installation.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  3. View the node driver installation logs to check whether there is an error during the driver installation.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Run the below command to view the logs of the nvidia-driver-installer pod. If the add-on version is earlier than 2.0.0, replace the path with /opt/cloud/cce/nvidia/nvidia-installer.log.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    cat /usr/local/nvidia/nvidia-installer.log
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If the command output contains the below information, the driver installation completed without error. Otherwise, an error occurred during the installation. 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    ...
+> Installation of the NVIDIA Accelerated Graphics Driver for xxx (version: x.x.x) is now complete.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Handling a device-plugin Fault
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  In a CCE cluster, device-plugin is responsible for reporting hardware resource statuses. In GPU scenarios, nvidia-gpu-device-plugin in the kube-system namespace reports the available GPU resources on each node. If the reported GPU resources appear incorrect or if device mounting issues occur, it is advised to first check device-plugin for potential anomalies.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Run the following command to check the device-plugin status:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  kubectl get po -A -owide|grep nvidia
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • If the device-plugin pod is in the Running state, run the following command to check its logs for errors:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    kubectl logs -n kube-system nvidia-gpu-device-plugin-9xmhr
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    If "gpu driver wasn't ready. will re-check" is displayed in the command output, go to 2 and check whether the /usr/local/nvidia/bin/nvidia-smi or /opt/cloud/cce/nvidia/bin/nvidia-smi file exists in the driver installation directory.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    ...
+I0527 11:29:06.420714 3336959 nvidia_gpu.go:76] device-plugin started
+I0527 11:29:06.521884 3336959 nodeinformer.go:124] "nodeInformer started"
+I0527 11:29:06.521964 3336959 nvidia_gpu.go:262] "gpu driver wasn't ready. will re-check in %s" 5s="(MISSING)"
+I0527 11:29:11.524882 3336959 nvidia_gpu.go:262] "gpu driver wasn't ready. will re-check in %s" 5s="(MISSING)"
+...
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Parent topic: Node Running
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
+
diff --git a/docs/cce/umn/cce_productdesc_0000.html b/docs/cce/umn/cce_productdesc_0000.html
index 429d62bac..e82a8eb30 100644
--- a/docs/cce/umn/cce_productdesc_0000.html
+++ b/docs/cce/umn/cce_productdesc_0000.html
@@ -10,7 +10,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • What Is CCE?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Product Advantages
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • CCE Advantages
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Application Scenarios
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • 
diff --git a/docs/cce/umn/cce_productdesc_0001.html b/docs/cce/umn/cce_productdesc_0001.html
index 08cb5a8b2..e9b5c30c3 100644
--- a/docs/cce/umn/cce_productdesc_0001.html
+++ b/docs/cce/umn/cce_productdesc_0001.html
@@ -3,82 +3,74 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    What Is CCE?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Cloud Container Engine (CCE) is a Kubernetes cluster hosting service for enterprises. It manages the entire lifecycle of containerized applications and delivers scalable, high-performance solutions for deploying and managing cloud native applications.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Why CCE?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    CCE is a one-stop platform integrating compute (ECS), networking (VPC, EIP, and ELB), storage (EVS, SFS, and OBS), and many other services. Multi-AZ, multi-region disaster recovery (DR) ensures high availability (HA) of Kubernetes clusters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    For more information, see Product Advantages and Application Scenarios.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    For more information, see CCE Advantages and Application Scenarios.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    CCE Cluster Types
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    There are multiple types of CCE clusters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Category
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/docs/cce/umn/cce_productdesc_0002.html b/docs/cce/umn/cce_productdesc_0002.html
index 5e080f88b..5189b9a1e 100644
--- a/docs/cce/umn/cce_productdesc_0002.html
+++ b/docs/cce/umn/cce_productdesc_0002.html
@@ -2,8 +2,8 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Permissions
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    CCE permissions management allows you to assign permissions to IAM users and user groups under your tenant accounts. CCE combines the advantages of IAM and RBAC to provide a variety of authorization methods, including IAM fine-grained/token authorization and cluster-/namespace-scoped authorization.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    CCE permissions are described as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Cluster-level permissions: Cluster-level permissions management evolves out of the system policy authorization feature of IAM. IAM users in the same user group have the same permissions. A user group is simply a group of users. By granting cluster permissions to specific user groups, you can enable those users to perform various operations on clusters, including creating or deleting clusters, nodes, node pools, charts, and add-ons. In the meantime, you can restrict other user groups to only view clusters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Cluster-level permissions involve non-Kubernetes native APIs and support fine-grained IAM policies.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Namespace-level permissions: You can regulate users' or user groups' access to Kubernetes resources, such as workloads, jobs, and Services, in a single namespace based on their Kubernetes RBAC roles. CCE has also been enhanced based on open-source capabilities. It supports RBAC authorization based on IAM user or user group, and RBAC authentication on access to APIs using IAM tokens.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Namespace-level permissions involve CCE Kubernetes APIs and are enhanced based on the Kubernetes RBAC capabilities. Namespace-level permissions can be granted to IAM users or user groups for authentication and authorization, but are independent of fine-grained IAM policies. For details, see Using RBAC Authorization.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      CCE permissions are described as follows:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Cluster-level permissions: Cluster-level permissions management evolves out of the system policy authorization feature of IAM. IAM users in the same user group have the same permissions. A user group is simply a group of users. By granting cluster permissions to specific user groups, you can enable those users to perform various operations on clusters, including creating or deleting clusters, nodes, node pools, charts, and add-ons. In the meantime, you can restrict other user groups to only view clusters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Cluster-level permissions involve non-Kubernetes native APIs and support fine-grained IAM policies.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Namespace-level permissions: You can regulate users' or user groups' access to Kubernetes resources, such as workloads, jobs, and Services, in a single namespace based on their Kubernetes RBAC roles. CCE has also been enhanced based on open-source capabilities. It supports RBAC authorization based on IAM user or user group and RBAC authentication on access to APIs using IAM tokens.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Namespace-level permissions involve CCE Kubernetes APIs and are enhanced based on the Kubernetes RBAC capabilities. Namespace-level permissions can be granted to IAM users or user groups for authentication and authorization, but are independent of fine-grained IAM policies. For details, see Using RBAC Authorization.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Cluster-level permissions are configured only for cluster-related resources (such as clusters and nodes). You must also configure namespace permissions to operate Kubernetes resources (such as workloads, jobs, and Services).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • After you create a cluster, CCE automatically assigns the cluster-admin permission to you, which means you have full control on all resources in all namespaces in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • When viewing CCE resources on the console, the resources displayed depend on the namespace permissions. If no namespace permissions are granted, the console will not show you the resources.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
diff --git a/docs/cce/umn/cce_productdesc_0003.html b/docs/cce/umn/cce_productdesc_0003.html
index ad5645ebf..ca7ee2007 100644
--- a/docs/cce/umn/cce_productdesc_0003.html
+++ b/docs/cce/umn/cce_productdesc_0003.html
@@ -1,19 +1,19 @@
 
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Product Advantages
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Why CCE?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      CCE is a container service developed on Docker and Kubernetes. It offers a wide range of features that allow you to run containers on a large scale. CCE containers are highly reliable, have high-performance, and compatible with open-source communities, making them an ideal choice for enterprise needs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      CCE Advantages
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Product Advantages
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      CCE is a container service developed on Docker and Kubernetes. It offers a wide range of features that allow you to run containers in large clusters. CCE containers are highly reliable, have high performance, and compatible with open-source communities. They are ideal for enterprises.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Easy to Use
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Creating CCE clusters (including CCE standard and Turbo clusters) is a breeze with just a few clicks on the web page. You can deploy VMs in a cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • CCE automates deployment and O&M of containerized applications throughout their lifecycle.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • You can resize clusters and workloads by setting auto scaling policies. In-the-moment load spikes are no longer headaches.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The console walks you through the steps to upgrade Kubernetes clusters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • CCE seamlessly integrates with Helm charts and add-ons to provide an out-of-the-box user experience.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Creating CCE clusters (including CCE standard and Turbo clusters) is a breeze with just a few clicks on the web page. You can deploy VMs in a cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • CCE automates deployment and O&M of containerized applications throughout their lifecycle.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • You can easily scale in or out cluster nodes and workloads on the console and flexibly combine auto scaling policies to handle ever-changing traffic surges.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The console walks you through the steps to upgrade Kubernetes clusters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • CCE seamlessly integrates with Helm charts and add-ons to provide an out-of-the-box user experience.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      High Performance
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • CCE draws on years of field experience in compute, networking, storage, and heterogeneous infrastructure and provides you high-performance cluster services. You can concurrently launch containers at scale.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • AI computing is 3x to 5x better with NUMA BMSs and high-speed InfiniBand network cards.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • CCE draws on years of field experience in compute, networking, storage, and heterogeneous infrastructure and provides you high-performance cluster services. You can concurrently launch containers at scale.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • AI computing is 3 to 5 times better with NUMA BMSs and high-speed InfiniBand network cards.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Highly Available and Secure
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • HA: Three master nodes in different AZs for your cluster management plane. Multi-active DR for your nodes and workloads. All these ensure service continuity when one of the nodes is down or an AZ gets hit by natural disasters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Figure 1 Achieving cluster HA
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Secure: Integrating IAM and Kubernetes RBAC, CCE clusters are under your full control. You can set different RBAC permissions for IAM users on the console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        CCE offers secure containers so that each pod runs on a separate micro-VM, has its own OS kernel, and is securely isolated at the virtualization layer.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • HA: CCE supports three control plane nodes on the cluster management plane. These nodes run in different regions to ensure cluster HA. Nodes and workloads in a cluster can be deployed across AZs. This helps you build a multi-active architecture and ensures that the service system can run properly in the event of node faults, data center interruption, or natural disasters. This mechanism guarantees the stability of production environments and no service breakdowns.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Figure 1 Achieving cluster HA
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Secure: Integrated with IAM and Kubernetes RBAC, CCE clusters are under your full control. You can assign different RBAC permissions for IAM users on the console.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          CCE offers secure runtimes so that each pod runs on a separate micro-VM, has its own OS kernel, and is securely isolated at the virtualization layer.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Open and Compatible
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • CCE uses Docker to simplify the management of containerized applications by providing features such as deployment, resource scheduling, networking, and auto scaling.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • CCE is compatible with native Kubernetes APIs and kubectl. Updates from Kubernetes and Docker communities are regularly incorporated into CCE.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • CCE uses Docker to simplify the management of containerized applications. It provides features such as deployment, resource scheduling, service discovery, and auto scaling. These features facilitate the management of containers in large clusters.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • CCE is developed on Kubernetes. It is fully compatible with the native Kubernetes and Docker community versions, Kubernetes APIs, and kubectl. Updates from Kubernetes and Docker communities are regularly incorporated into CCE.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Comparative Analysis of CCE and On-Premises Kubernetes Cluster Management Systems
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Comparative Analysis of CCE and On-Premises Kubernetes Clusters
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Cluster Type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Subcategory
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    CCE Standard
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    CCE Standard
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    CCE Turbo
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    CCE Turbo
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Positioning
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Positioning
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    -
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Standard clusters that provide highly reliable and secure containers for commercial use
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Standard clusters that provide highly reliable and secure containers for commercial use
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Next-generation clusters designed for Cloud Native 2.0, with accelerated compute, networking, and scheduling
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Next-generation clusters designed for Cloud Native 2.0, with accelerated compute, networking, and scheduling
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Application scenario
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Application scenario
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    -
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    For users who expect to use container clusters to manage applications, obtain elastic compute resources, and enable simplified management on compute, network, and storage resources
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    For users who expect to use container clusters to manage applications, obtain elastic compute resources, and enable simplified management on compute, network, and storage resources
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    For users who have higher requirements on performance, resource utilization, and full-scenario coverage
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    For users who have higher requirements on performance, resource utilization, and full-scenario coverage
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Specification difference
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Network model
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Network model
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Cloud native 1.0 networks: for scenarios where requirements on performance are not high and there are not so many containers
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Cloud native 1.0 networks: for scenarios where requirements on performance are not high and there are not so many containers
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Tunnel network
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Virtual Private Cloud (VPC) network
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Cloud Native 2.0 networks: for scenarios where requirements on performance are high and there are many containers
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Max networking scale: 2,000 nodes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Cloud Native 2.0 networks: for scenarios where there are many containers and need high performance
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    A maximum of 2000 nodes is supported.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    hostPort
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    hostPort
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Not supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Not supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Network performance
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Network performance
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The container network is overlaid with the VPC network, causing certain performance loss.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The container network is overlaid with the VPC network, causing certain performance loss.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The VPC network and container network are flattened into one for zero performance loss.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The VPC network and container network are flattened into one for zero performance loss.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Network isolation
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Network isolation
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Tunnel network model: network policies supported for communications within a cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • VPC network model: isolation not supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Tunnel networks: network policies for communications within a cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • VPC networks: isolation not supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Pods can be associated with security groups for isolation. This isolation policy, based on security groups, ensures consistent security isolation both within and outside of a cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Pods can be associated with security groups for isolation. This isolation policy, based on security groups, ensures consistent security isolation both within and outside a cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Container resource isolation
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Container resource isolation
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    cgroups are used to isolate common containers.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    cgroups are used to isolate common containers.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • VM-level isolation is supported for secure containers that run only on physical machines.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • cgroups are used to isolate common containers.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • VM-level isolation is supported for secure containers that run only on physical machines.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • cgroups are used to isolate common containers.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Edge infrastructure management
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Edge infrastructure management
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Not supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Not supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Management of CloudPond edge sites
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Management of CloudPond edge sites
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Table 1 CCE clusters versus on-premises Kubernetes clusters
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Area of Focus
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    On-Premises Kubernetes Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
@@ -26,18 +26,18 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    You have to handle all the complexity in deploying and managing Kubernetes clusters. Cluster upgrades are often a heavy burden to O&M personnel.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Easy to manage and use clusters
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Simplified and easy-to-use cluster management
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    You can create and update a Kubernetes container cluster in a few clicks. There is no need to set up Docker or Kubernetes environments. CCE automates deployment and O&M of containerized applications throughout their lifecycle.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    CCE supports turnkey Helm charts.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Using CCE is as simple as choosing a cluster and the workloads that you want to run in the cluster. CCE takes care of cluster management and you focus on app development.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    CCE is deeply integrated with Helm charts to offer out-of-the-box usability.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    You only need to start a cluster and specify the tasks to run. CCE helps you manage the cluster and allows you to focus on developing containerized applications.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Scalability
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    You have to assess service loads and cluster health before resizing a Kubernetes cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Managed scaling service
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    CCE auto scales clusters and workloads according to resource metrics and scaling policies.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Flexible cluster hosting and easy container scaling
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    CCE automatically scales in or out cluster nodes and workloads based on resource usage. Multiple scaling policies can be flexibly combined to handle burst traffic during peak hours.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Reliability
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
@@ -45,7 +45,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    There might be security vulnerabilities or configuration errors may occur in the OS of an on-premises Kubernetes cluster, which may cause security issues such as unauthorized access and data leakage.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Enterprise-class security and reliability
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    CCE offers container-optimized OS images that have undergone additional stability tests and security hardening. These images are based on native Kubernetes clusters and runtime versions, resulting in reduced management costs and risks, as well as improved reliability and security for applications.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    CCE offers container-optimized OS images. Based on native Kubernetes clusters and compatible runtime versions, these images undergo additional stability testing and security hardening. They can minimize management overhead and operational risks while enhancing the reliability and security of containerized applications.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Efficiency
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
@@ -53,42 +53,42 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    You have to either build an image repository or turn to a third-party one. Images are pulled in serial.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Rapid deployment with images
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    CCE connects to SWR to pull images in parallel. Faster pulls, faster container build.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    CCE works with SWR to pull images in parallel. This ensures faster image pull in high-concurrency scenarios and greatly improves container build efficiency.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Why Containerization?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Docker is written in the Go language designed by Google. It provides operating-system-level virtualization. Linux Control Groups (cgroups), namespaces, and UnionFS (for example, AUFS) isolate each software process. The isolated software processes, which are called containers, are independent from each other and from the host.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Docker has moved forward to enhance container isolation. Containers have their own file systems. They cannot see each other's processes or network interfaces. This simplifies container creation and management.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    VMs use a hypervisor to virtualize and allocate hardware resources (such as memory, CPU, network, and disk) of a host machine. A complete operating system runs on a VM. Each VM needs to run its own system processes. On the contrary, a container does not require hardware resource virtualization. It runs an application process directly in the host machine OS kernel. No resource overheads are incurred by running system processes. Therefore, Docker is lighter and faster than VMs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Figure 2 Comparison between Docker containers and VMs
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Why Containerization?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Docker is written in Go, a language designed by Google. It provides OS-level virtualization, including Linux cgroups, namespaces, and UnionFS (for example, AUFS), to isolate each software process. The isolated software processes, which are called containers, are independent from each other and from the host.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Docker further encapsulates containers, including file systems, network interconnection, and process isolation. This greatly simplifies container creation and management.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Traditional VM technology uses hypervisors to virtualize and allocate a host machine's hardware resources, such as memory, CPU, network, and disks. These virtualized resources are used to create separate VMs, each of which runs a complete OS independently. Every VM maintains its own system processes. On the contrary, a container does not require hardware resource virtualization or allocation. The application processes run directly in the OS kernel of the host node. This reduces the overhead of system processes, making Docker containers more lightweight and faster than VMs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Figure 2 Comparison between Docker containers and VMs
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    To sum up, Docker containers have many advantages over VMs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Resource use
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Containers have no overheads for virtualizing hardware and running a complete OS. They are faster than VMs in execution and file storage, while having no memory loss.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Start speed
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    It takes several minutes to start an application on a VM. Docker containers run on the host kernel without needing an independent OS. Apps in containers can start in seconds or even milliseconds. Development, testing, and deployment can be much faster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Consistent environment
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Different development, testing, and production environments sometimes prevent bug discovery before rollout. A Docker container image includes everything needed to run an application. You can deploy the same copy of configurations in different environments.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Continuous delivery and deployment
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    More Efficient Use of System Resources
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Unlike VMs, containers do not require hardware resource virtualization or allocation or the overhead of running a complete OS. As a result, Docker offers higher system resource utilization. It enables faster application execution, lower memory overhead, and more efficient file storage operations. This lightweight architecture allows a single host with the same configuration as a traditional VM to run more containerized applications.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Faster Startup
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    It takes several minutes to start an application on a VM. Docker containers run on the host kernel without needing an independent OS. Containers can start in seconds or even milliseconds. Development, testing, and deployment can be much faster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Consistent Runtime Environment
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Different development, testing, and production environments sometimes prevent bug discovery before rollout. A Docker container image provides a complete runtime environment except the kernel for applications.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Continuous Delivery and Deployment
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    "Deploy once, run everywhere" would be great for DevOps personnel.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Docker supports CI/CD by allowing you to customize container images. You compile Dockerfiles to build container images and use CI systems for testing. The Ops team can deploy images into production environments and use CD systems for auto deployment.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    The use of Dockerfiles makes the DevOps process visible to everyone in a DevOps team. Developers can better understand both user needs and the O&M headaches faced by the Ops team. The Ops team can also have some knowledge of the must-met conditions to run the application. The knowledge is helpful when the Ops personnel deploy container images in production.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Portability
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Docker ensures environmental consistency across development, testing, and production. Portable Docker containers work the same, regardless of their running environments. Physical machines, VMs, or even laptops, you name it. Apps are now free to migrate and run anywhere.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Application update
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    A Docker image is built up from a series of layers and these layers are stacked. When you create a new container, you add a container layer on top of image layers. In this way, duplicate layers are reused, which simplify application maintenance and update as well as further image extension on base images. Docker joins hands with many open source projects to maintain a variety of high-quality official images. You can directly use them in the production environment or easily build new images based on them.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Docker supports continuous integration and continuous delivery/deployment (CI/CD) by allowing you to customize container images. Using Dockerfiles, developers can build images and run integration tests with CI. O&M personnel can easily deploy images in production environments, and even automate the deployment process with CD.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Dockerfiles provide transparency in image builds. They allow the development team to understand the application runtime environments and the O&M team to understand the necessary conditions for application stability in production environments. This ensures smoother deployment of images in production environments.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Easier Application Migration
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Docker provides a consistent execution environment across many platforms, including physical machines, virtual machines, and laptops. Regardless of what platform Docker is running on, the applications run the same, which makes migrating them much easier. With Docker, you do not have to worry that an application running fine on one platform will fail in a different environment.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Simpler Application Maintenance and Image Extension
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    A Docker image is built up from a series of layers that are stacked. When you create a container, you add a container layer on top of image layers. In this way, duplicate layers are reused, which simplifies application maintenance and updates as well as image extension on base images. In addition, Docker collaborates with open-source project teams to maintain a large number of high-quality official images. You can directly use them in production environments or create your images based on these images. This greatly improves the efficiency in creating images for applications.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
-
-
@@ -106,7 +106,7 @@
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Table 2 Containers versus traditional VMs
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Feature
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Containers
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Container
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    VMs
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    VM
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Start speed
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Startup
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    In seconds
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Near-native
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Weak
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Poor
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Per-machine capacity
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
diff --git a/docs/cce/umn/cce_productdesc_0004.html b/docs/cce/umn/cce_productdesc_0004.html
index 5c8e4d6be..ed7f980be 100644
--- a/docs/cce/umn/cce_productdesc_0004.html
+++ b/docs/cce/umn/cce_productdesc_0004.html
@@ -10,7 +10,7 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • DevOps and CI/CD
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Hybrid Cloud
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Hybrid Clouds
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • 
 
 
diff --git a/docs/cce/umn/cce_productdesc_0005.html b/docs/cce/umn/cce_productdesc_0005.html
index aa1547802..228432b91 100644
--- a/docs/cce/umn/cce_productdesc_0005.html
+++ b/docs/cce/umn/cce_productdesc_0005.html
@@ -5,150 +5,182 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Clusters and Nodes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • After a cluster is created, the following items cannot be changed:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Number of master nodes: For example, a non-HA cluster (with one master node) cannot be changed to an HA cluster (with three master nodes).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • AZ where a master node is deployed
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Network configuration of the cluster, such as the VPC, subnet, container CIDR block, Service CIDR block, IPv6 settings, and kube-proxy (forwarding) settings
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Network model: For example, a container tunnel network cannot be changed to a VPC network.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • CCE underlying resources such as ECS nodes are limited by quota and their inventory. It is possible that only some nodes are created during cluster creation, cluster scaling, or auto scaling.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • ECS node specifications: CPU ≥ 2 cores, memory ≥ 4 GiB
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • To access a CCE cluster through a VPN, ensure that the VPN CIDR block does not conflict with the VPC CIDR block where the cluster resides and the container CIDR block.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Ubuntu 22.04 does not support the tunnel network model.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Networks
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • By default, a NodePort Service is accessed within a VPC. To access a NodePort Service through the Internet, bind an EIP to the node in the cluster beforehand.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • LoadBalancer Services allow workloads to be accessed from public networks through ELB. This access mode has the following restrictions:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Automatically created load balancers should not be used by other resources. Otherwise, these load balancers cannot be completely deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Do not change the listener name for the load balancer in clusters of v1.15 and earlier. Otherwise, the load balancer cannot be accessed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      Networks
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • By default, a NodePort Service is accessed within a VPC. To access a NodePort Service through the Internet, bind an EIP to the node in the cluster beforehand.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Constraints on load balancers associated with Services:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • The load balancer automatically created based on the Service configuration cannot be associated with other resources. If you associate the load balancer with other resources, the load balancer cannot be automatically deleted when the Service is deleted, resulting in residual resources.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • The names of load balancer listeners for clusters of v1.15 or earlier cannot be changed. If you change the names, access to the load balancer may be abnormal.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The table below shows the relationships between network policies and cluster types.
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Cluster Type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
-
+
-
-
-
+
-
-
-
+
-
-
-
+
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
+
-
-
-
+
-
-
-
+
-
-
-
+
-
-
-
+
-
-
-
+
-
-
-
+
-
-
-
+
-
-
-
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Cluster Type
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        CCE Standard Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        CCE Standard Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        CCE Turbo Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        CCE Standard Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        CCE Turbo Cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Network Model
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Network Model
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Tunnel
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Tunnel
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Cloud Native Network 2.0
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        VPC
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Cloud Native Network 2.0
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        NetworkPolicy
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        NetworkPolicy
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Enabled by default
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Enabled by default
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Disabled by default (To use network policies, enable DataPlane V2 when creating a cluster.)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Disabled by default (To use network policies, enable DataPlane V2 when creating a cluster.)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Disabled by default (To use network policies, enable DataPlane V2 when creating a cluster.)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Data plane implementation
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Data plane implementation
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        OpenvSwitch
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        OpenvSwitch
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        eBPF
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        eBPF
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        eBPF
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Cluster version for inbound rules
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Cluster version for ingress rules
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        All versions
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        All versions
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        v1.27.16-r10, v1.28.15-r0, v1.29.10-r0, v1.30.6-r0, or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Cluster version: v1.27.16-r30, v1.28.15-r20, v1.29.13-r0, v1.30.10-r0, v1.31.6-r0, or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Cluster version: v1.27.16-r10, v1.28.15-r0, v1.29.10-r0, v1.30.6-r0, or later
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Cluster version for outbound rules
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Cluster version for egress rules
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        v1.23 and later
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        v1.23 and later
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Selector for inbound rules
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Selector for ingress rules
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        namespaceSelector
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        namespaceSelector
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        podSelector
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        namespaceSelector
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        namespaceSelector
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        podSelector
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        IPBlock
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        namespaceSelector
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        podSelector
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        IPBlock
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Selector for outbound rules
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Selector for egress rules
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        namespaceSelector
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        namespaceSelector
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        podSelector
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        IPBlock
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Supported OS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Supported OS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        EulerOS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        HCE OS 2.0
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        EulerOS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        HCE OS 2.0
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        HCE OS 2.0
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        HCE OS 2.0
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        HCE OS 2.0
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        IPv6 network policies
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        IPv6 network policies
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Not supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Not supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Not supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Secure containers
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Secure containers
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Not supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Not supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Not supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Not supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Not supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        IPBlock scope
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        IPBlock scope
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Not limited
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Not limited
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        The CIDR blocks and node IP addresses in the container CIDR block cannot be configured.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Subnets within the pod CIDR block, Service CIDR block, and node IP addresses
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Subnets within the pod CIDR block, Service CIDR block, and node IP addresses
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Limit ClusterIP access through workload labels
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Limit ClusterIP access through workload labels
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Not supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Not supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Limit the internal cloud server CIDR block of 100.125.0.0/16
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Limit the internal cloud server CIDR block of 100.125.0.0/16
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Not supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Not supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        SCTP
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        SCTP
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Not supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Not supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Not supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Not supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Always allow access to pods on a node from other nodes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Always allow access to pods on a node from other nodes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Configure EndPort in network policies
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Configure EndPort in network policies
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Not supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Not supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Not supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Not supported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • CCE DataPlane V2 is released with restrictions. To use this feature, submit a service ticket to CCE.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Secure containers (such as Kata as the container runtime) are not supported by network policies.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • If you upgrade a CCE standard cluster with a tunnel network to a version that supports egress rules in in-place mode, the rules will not work because the node OS is not upgraded. In this case, reset the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • When a network policy is enabled for a cluster that uses a tunnel network, the source IP address of a pod accessing the CIDR block of a Service will be recorded in the optional field of the reported IP address data. This enables the configuration of network policy rules on the destination pod, taking into account the source IP address of the pod.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • CCE DataPlane V2 is released with restrictions. To use this feature, submit a service ticket to CCE.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Secure containers (such as Kata as the container runtime) are not supported by network policies.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • If you upgrade a CCE standard cluster with a tunnel network to a version that supports egress rules in in-place mode, the rules will not work because the node OS is not upgraded. In this case, reset the node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • When a network policy is enabled for a cluster with a tunnel network, a pod's source IP address is embedded in the optional field of packets it sends to any Service CIDR block. This enables the configuration of network policy rules on the destination pod, taking into account the source IP address of the pod.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Storage Volumes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Constraints on EVS volumes:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • EVS disks cannot be attached across AZs and cannot be used by multiple workloads, multiple pods of the same workload, or multiple tasks. Data sharing of a shared disk is not supported between nodes in a CCE cluster. If an EVS disk is attached to multiple nodes, I/O conflicts and data cache conflicts may occur. Therefore, select only one pod when creating a Deployment that uses EVS disks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • For clusters earlier than v1.19.10, if an HPA policy is used to scale out a workload with EVS volumes mounted, the existing pods cannot be read or written when a new pod is scheduled to another node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            For clusters of v1.19.10 and later, if an HPA policy is used to scale out a workload with EVS volumes mounted, a new pod cannot be started because EVS disks cannot be attached.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Constraints on SFS volumes:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Multiple PVs can use the same SFS or SFS Turbo file system with the following restrictions:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Do not mount multiple PVCs or PVs that use the same underlying SFS or SFS Turbo volume to a single pod. Doing so will cause pod startup failures, as not all PVCs can be mounted due to identical volumeHandle value.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • The persistentVolumeReclaimPolicy parameter in the PVs must be set to Retain. Otherwise, when a PV is deleted, the associated underlying volume may be deleted. In this case, other PVs associated with the underlying volume malfunction.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • When the underlying volume is repeatedly used, enable isolation and protection for ReadWriteMany at the application layer to prevent data overwriting and loss.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Constraints on SFS volumes:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Multiple PVs can use the same SFS or SFS Turbo file system with the following restrictions:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • If a pod mounts an SFS or SFS Turbo volume used by multiple PVCs/PVs, and the PVs have identical volumeHandle values, the pod may fail to start. To avoid this issue, do not mount the same SFS or SFS Turbo file system to the same pod.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • The persistentVolumeReclaimPolicy parameter in the PVs must be set to Retain. Otherwise, when a PV is deleted, the associated underlying volume may be deleted. In this case, other PVs associated with the underlying volume malfunction.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • When the underlying volume is repeatedly used, enable isolation and protection for ReadWriteMany at the application layer to prevent data overwriting and loss.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • SFS volumes are available only in certain regions.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Constraints on OBS volumes:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • If OBS volumes are used, the owner group and permission of the mount point cannot be modified.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Every time an OBS volume is mounted to a workload through a PVC, a resident process is created in the backend. When a workload uses too many OBS volumes or reads and writes a large number of object storage files, resident processes will consume a significant amount of memory. To ensure stable running of the workload, make sure that the number of OBS volumes used does not exceed the requested memory. For example, if the workload requests for 4 GiB of memory, the number of OBS volumes should be no more than 4.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Secure containers do not support OBS volumes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Hard links are not supported when common buckets are mounted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Constraints on OBS volumes:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • If OBS volumes are used, the owner group and permission of the mount point cannot be modified.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Every time an OBS volume is mounted to a workload through a PVC, a resident process is created in the backend. When a workload uses too many OBS volumes or reads and writes a large number of object storage files, resident processes will consume a significant amount of memory. To ensure stable running of the workload, make sure that the number of OBS volumes used does not exceed the requested memory. For example, if the workload requests for 4 GiB of memory, the number of OBS volumes should be no more than 4.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Secure containers do not support OBS volumes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Hard links are not supported when common buckets are mounted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Read-only is not supported when an OBS PVC is mounted to a workload.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Constraints on local PVs:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Local PVs are supported only when the cluster version is v1.21.2-r0 or later and the Everest add-on version is 2.1.23 or later. Version 2.1.23 or later is recommended.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Removing, deleting, resetting, or scaling in a node will cause the PVC/PV data of the local PV associated with the node to be lost, which cannot be restored or used again. In these scenarios, the pod that uses the local PV is evicted from the node. A new pod will be created and stays in the pending state. This is because the PVC used by the pod has a node label, due to which the pod cannot be scheduled. After the node is reset, the pod may be scheduled to the reset node. In this case, the pod remains in the creating state because the underlying logical volume corresponding to the PVC does not exist.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Do not manually delete the corresponding storage pool or detach data disks from the node. Otherwise, exceptions such as data loss may occur.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • A local PV cannot be mounted to multiple workloads or jobs at the same time.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Constraints on local EVs:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Local EVs are supported only when the cluster version is v1.21.2-r0 or later and the Everest add-on version is 1.2.29 or later.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Do not manually delete the corresponding storage pool or detach data disks from the node. Otherwise, exceptions such as data loss may occur.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Ensure that the /var/lib/kubelet/pods/ directory is not mounted to the pod on the node. Otherwise, the pod, mounted with such volumes, may fail to be deleted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Constraints on snapshots and backups:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • The snapshot function is available only for clusters of v1.15 or later and requires the CSI-based Everest add-on.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • The subtype (common I/O, high I/O, or ultra-high I/O), disk mode (VBD or SCSI), data encryption, sharing status, and capacity of an EVS disk created from a snapshot must be the same as those of the disk associated with the snapshot. These attributes cannot be modified after being checked or configured.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Snapshots can be created only for EVS disks that are available or in use, and a maximum of seven snapshots can be created for a single EVS disk.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Snapshots can be created only for PVCs created using the storage class (whose name starts with csi) provided by the Everest add-on. Snapshots cannot be created for PVCs created using the FlexVolume storage class whose name is ssd, sas, or sata.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Snapshot data of encrypted disks is stored encrypted, and that of non-encrypted disks is stored non-encrypted.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • A PVC of the xfs file system type can generate snapshots. The file system of the disk associated with the PVC created using these snapshots remains xfs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Constraints on LVM:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            The default backup configuration that is stored in the /etc/lvm/lvm.conf path for the node LVM has been changed. Once the CCE Container Storage (Everest) add-on (version ≥ 2.4.98) is installed, archive logs will only be kept for one day to avoid filling up disk space with historical metadata from numerous LVM operations.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Add-ons
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        CCE uses Helm charts to deploy add-ons. To modify or upgrade an add-on, perform operations on the Add-ons page or use open add-on management APIs. Do not directly modify add-on resources on the backend. Otherwise, add-on exceptions or other unexpected problems may occur.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Add-ons
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        CCE uses Helm charts to deploy add-ons. To modify or upgrade an add-on, perform operations on the Add-ons page or use open add-on management APIs. Avoid making changes to add-on resources in the backend, as this may lead to abnormal add-on behavior or unexpected issues. For example, parameter settings could be overwritten after an upgrade.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        CCE Cluster Resources
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        There are resource quotas for your CCE clusters in each region.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
diff --git a/docs/cce/umn/cce_productdesc_0007.html b/docs/cce/umn/cce_productdesc_0007.html
index 4fba78f3f..a118f58e7 100644
--- a/docs/cce/umn/cce_productdesc_0007.html
+++ b/docs/cce/umn/cce_productdesc_0007.html
@@ -2,16 +2,16 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Containerized Application Management
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Application Scenarios
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        CCE clusters enable the management of both x86 and Arm resources. With CCE, you can effortlessly create Kubernetes clusters, deploy containerized applications, and effectively manage and maintain them.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Containerized web applications: CCE clusters interconnect with middleware and support HA DR, auto scaling, public network release, and gray upgrade, helping you quickly deploy web service applications.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Middleware deployment platform: CCE clusters can be used as middleware deployment platforms to implement stateful applications with StatefulSets and PVCs. In addition, load balancers can be used to expose middleware services.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Jobs and cron jobs: Job and cron job applications can be containerized to reduce the dependency on the host system. Global resource scheduling secures the resource usage during task running and improves the overall resource usage in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Figure 1 CCE cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Containerized web applications: CCE clusters interconnect with middleware and support HA DR, auto scaling, public network release, and gray upgrade, helping you quickly deploy web service applications.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Middleware deployment platforms: CCE clusters serve as effective platforms for deploying middleware services. You can run stateful applications in CCE clusters by configuring resources like StatefulSets and PVCs and configure load balancers to expose these services to external networks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Jobs and CronJobs: Job and CronJob applications can be containerized to reduce the dependency on the host system. Global resource scheduling secures the resource usage during task running and improves the overall resource utilization in the cluster.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Figure 1 CCE cluster
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Benefits
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Containerization requires less resources to deploy application. Services are not uninterrupted during upgrades.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Benefits
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Containerization helps reduce resource costs for application deployment, enhances the efficiency of deployment and upgrades, and ensures service continuity through unified and automated O&M during upgrades.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Advantages
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Multiple types of workloads
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Runs Deployments, StatefulSets, DaemonSets, jobs, and cron jobs to meet different needs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Application upgrade
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Upgrades your apps in replace or rolling mode (by proportion or by number of pods), or rolls back the upgrades.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Auto scaling
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Auto scales your nodes and workloads according to the policies you set.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Advantages
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Multiple types of workloads
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            CCE supports Deployments, StatefulSets, DaemonSets, jobs, and CronJobs for diverse needs.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Application upgrades
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            CCE supports replace upgrades, rolling upgrades (by proportion or by number of pods), and upgrade rollback.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Auto scaling
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            CCE supports auto scaling of nodes and workloads.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Figure 2 Workload
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Figure 2 Workload
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_productdesc_0008.html b/docs/cce/umn/cce_productdesc_0008.html
index 71eadf3fc..5353a93d2 100644
--- a/docs/cce/umn/cce_productdesc_0008.html
+++ b/docs/cce/umn/cce_productdesc_0008.html
@@ -2,7 +2,7 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Related Services
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        CCE needs to be interconnected with the following cloud services. It requires permissions to access these cloud services.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Figure 1 Relationships between CCE and other services
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Figure 1 Relationships between CCE and other services
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Relationships Between CCE and Other Services
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
@@ -10,9 +10,9 @@
 
-
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Table 1 Relationships between CCE and other services
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Service
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        ECS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        ECS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        An ECS with multiple EVS disks is a node in CCE. You can choose ECS specifications during node creation.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        A node in CCE is an ECS with multiple EVS disks. You can specify the ECS flavors when creating a node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        VPC
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
@@ -38,7 +38,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        EVS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        EVS disks can be attached to cloud servers and scaled to a higher capacity whenever needed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        An ECS with multiple EVS disks is a node in CCE. You can choose ECS specifications during node creation.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        In CCE, a node is an ECS with multiple EVS disks. You can specify the EVS disk size when creating a node.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         		
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        OBS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_productdesc_0012.html b/docs/cce/umn/cce_productdesc_0012.html
index a570a745e..8740961c5 100644
--- a/docs/cce/umn/cce_productdesc_0012.html
+++ b/docs/cce/umn/cce_productdesc_0012.html
@@ -3,7 +3,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Regions and AZs
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Definition
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        A region and availability zone (AZ) identify the location of a data center. You can create resources in a specific region and AZ.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Regions are divided based on geographical location and network latency. Public services, such as Elastic Cloud Server (ECS), Elastic Volume Service (EVS), Object Storage Service (OBS), Virtual Private Cloud (VPC), Elastic IP (EIP), and Image Management Service (IMS), are shared within the same region. Regions are classified as universal regions and dedicated regions. A universal region provides universal cloud services for common domains. A dedicated region provides services of the same type only or for specific domains.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • An AZ contains one or more physical data centers. Each AZ has independent cooling, fire extinguishing, moisture-proof, and electricity facilities. Within an AZ, computing, network, storage, and other resources are logically divided into multiple clusters. AZs in a region are interconnected through high-speed optic fibers. This is helpful if you will deploy systems across AZs to achieve higher availability.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Cloud services are now available in many regions around the world. You can select a region and AZ as needed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Cloud services are now available in many regions around the world. You can select a region and AZ as needed.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        How to Select a Region?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        When selecting a region, consider the following factors:
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Location
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Select a region close to you or your target users to reduce network latency and improve access rate.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_productdesc_0017.html b/docs/cce/umn/cce_productdesc_0017.html
index 4621c45c9..a0d013a8b 100644
--- a/docs/cce/umn/cce_productdesc_0017.html
+++ b/docs/cce/umn/cce_productdesc_0017.html
@@ -11,7 +11,7 @@
 
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Related Services
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Software Repository for Container (SWR), Object Storage Service (OBS), Virtual Private Network (VPN)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Figure 1 How DevOps works
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Figure 1 How DevOps works
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
diff --git a/docs/cce/umn/cce_productdesc_0018.html b/docs/cce/umn/cce_productdesc_0018.html
index 3c91943d3..b27c2206d 100644
--- a/docs/cce/umn/cce_productdesc_0018.html
+++ b/docs/cce/umn/cce_productdesc_0018.html
@@ -1,22 +1,22 @@
 
 
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Hybrid Cloud
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        Application Scenarios
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Multi-cloud deployment and disaster recovery
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          To ensure high service availability, services need to be deployed on container services of multiple clouds. When a cloud is faulty, the unified traffic distribution mechanism automatically switches service traffic to other clouds.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Traffic distribution and auto scaling
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Large organizations often span cloud facilities in different regions. They need to communicate and auto scale — start small and then scale as system load grows. CCE takes care of these for you, cutting the costs of maintaining facilities.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Migration to the cloud and local database hosting
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Industries like finance and security have a top concern on data protection. They want to run critical systems in local IDCs while moving others to the cloud. They also expect one unified dashboard to manage all systems.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Environment decoupling
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          To ensure IP security, you can decouple development from production. Set up one on the cloud and the other in the local IDC.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Hybrid Clouds
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Application Scenarios
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Multi-cloud deployment, DR, and backup
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            To ensure high service availability, services need to be deployed on container services of multiple clouds. When a cloud is faulty, the unified traffic distribution mechanism automatically switches service traffic to other clouds.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Traffic distribution and auto scaling
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Large organizations often span cloud facilities in different regions. To optimize cost-efficiency, these facilities require auto scaling capabilities that respond dynamically to fluctuations in service demand.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Migration to the cloud and local data hosting
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            In sectors like finance and healthcare, sensitive data is required to reside in local IDCs to comply with strict security and regulatory mandates. General-purpose services are deployed on the cloud to support high concurrency, fast responses, and centralized management.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Environment decoupling
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            You may choose to deploy production environments on the cloud while keeping development environments in local IDCs to enhance IP address security.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Benefits
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Thanks to containers' environment-independent feature, CCE manages containers in a unified manner, and these containers can access each other. You can seamlessly migrate your apps and data on and off the cloud. This meets complex services' requirements for auto scaling, flexibility, security, and compliance. Additionally, resources in different cloud environments can be operated and maintained in a unified manner, providing easier resource scheduling and DR.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Benefits
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Thanks to containers' environment-independent feature, CCE manages containers centrally, and these containers can access each other. You can seamlessly migrate your applications and data on and off the cloud. This meets complex service requirements for auto scaling, flexibility, security, and compliance. Additionally, resources in different cloud environments can be operated and maintained centrally, providing easier resource scheduling and DR.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          Advantages
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • On-cloud DR
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Multicloud prevents systems from outages. When a cloud is faulty, CCE auto diverts traffic to other clouds to ensure service continuity.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Unified architecture and auto scaling
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Unified architecture on and off the cloud can flexibly implement auto scaling, smooth migration to cope with traffic peaks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Decoupling and sharing
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            CCE decouples data, environments, and compute capacity. Sensitive data vs general data. Development vs production. Compute-intensive services vs general services. Apps running on-premises can burst to the cloud. Your resources on and off the cloud can be better used.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Advantages
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • On-cloud DR
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              With CCE, service systems can be deployed on container services of multiple clouds for unified traffic distribution. If a cloud is faulty, service traffic can be automatically switched to others. Live network issues can be quickly and automatically resolved.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Unified architecture and auto scaling
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Unified architecture on and off the cloud can flexibly implement auto scaling, smooth migration, and resource expansion to handle traffic peaks.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Decoupling and sharing
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              On CCE, data, environments, and compute are decoupled, including sensitive and general service data, development and production environments, as well as compute-intensive and general services. Auto scaling and unified cluster management enable resource and capability sharing both on and off the cloud.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Lower costs
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Cloud resource pools can quickly be scaled out to handle traffic bursts. Manual operations are no longer needed and you can save big.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Related Services
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Elastic Cloud Server (ECS), Virtual Private Network (VPN), SoftWare Repository for Container (SWR)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Figure 1 How hybrid cloud works
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Related Services
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            CCE integrates with other services, including Elastic Cloud Server (ECS), Virtual Private Network (VPN), and SoftWare Repository for Container (SWR).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Figure 1 How hybrid cloud works
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
diff --git a/docs/cce/umn/cce_productdesc_0021.html b/docs/cce/umn/cce_productdesc_0021.html
index 740905683..c1dbb27e5 100644
--- a/docs/cce/umn/cce_productdesc_0021.html
+++ b/docs/cce/umn/cce_productdesc_0021.html
@@ -11,7 +11,7 @@
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Related Services
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Add-ons: autoscaler and cce-hpa-controller
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Auto scaling for workloads: CronHPA (CronHorizontalPodAutoscaler) + HPA (Horizontal Pod Autoscaling)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Auto scaling for clusters: CA (Cluster AutoScaling)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
-
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Figure 1 How auto scaling works
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
+
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            Figure 1 How auto scaling works
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
 
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
diff --git a/docs/cce/umn/en-us_image_0000002101396665.png b/docs/cce/umn/en-us_image_0000002101396665.png
index 2e3a339bf..c761f1e8c 100644
Binary files a/docs/cce/umn/en-us_image_0000002101396665.png and b/docs/cce/umn/en-us_image_0000002101396665.png differ
diff --git a/docs/cce/umn/en-us_image_0000002218659242.png b/docs/cce/umn/en-us_image_0000002218659242.png
deleted file mode 100644
index 8e32123b8..000000000
Binary files a/docs/cce/umn/en-us_image_0000002218659242.png and /dev/null differ
diff --git a/docs/cce/umn/en-us_image_0000002218660418.png b/docs/cce/umn/en-us_image_0000002218660418.png
deleted file mode 100644
index 22b0fb332..000000000
Binary files a/docs/cce/umn/en-us_image_0000002218660418.png and /dev/null differ
diff --git a/docs/cce/umn/en-us_image_0000002218660566.png b/docs/cce/umn/en-us_image_0000002218660566.png
deleted file mode 100644
index f0282b314..000000000
Binary files a/docs/cce/umn/en-us_image_0000002218660566.png and /dev/null differ
diff --git a/docs/cce/umn/en-us_image_0000002218660782.png b/docs/cce/umn/en-us_image_0000002218660782.png
deleted file mode 100644
index 1f3580df6..000000000
Binary files a/docs/cce/umn/en-us_image_0000002218660782.png and /dev/null differ
diff --git a/docs/cce/umn/en-us_image_0000002218818218.png b/docs/cce/umn/en-us_image_0000002218818218.png
deleted file mode 100644
index 290b94f19..000000000
Binary files a/docs/cce/umn/en-us_image_0000002218818218.png and /dev/null differ
diff --git a/docs/cce/umn/en-us_image_0000002218818934.png b/docs/cce/umn/en-us_image_0000002218818934.png
deleted file mode 100644
index 14303bda9..000000000
Binary files a/docs/cce/umn/en-us_image_0000002218818934.png and /dev/null differ
diff --git a/docs/cce/umn/en-us_image_0000002218819838.png b/docs/cce/umn/en-us_image_0000002218819838.png
deleted file mode 100644
index 88a6695c6..000000000
Binary files a/docs/cce/umn/en-us_image_0000002218819838.png and /dev/null differ
diff --git a/docs/cce/umn/en-us_image_0000002218820402.png b/docs/cce/umn/en-us_image_0000002218820402.png
deleted file mode 100644
index cd3b00a42..000000000
Binary files a/docs/cce/umn/en-us_image_0000002218820402.png and /dev/null differ
diff --git a/docs/cce/umn/en-us_image_0000002218820434.png b/docs/cce/umn/en-us_image_0000002218820434.png
deleted file mode 100644
index 3152d7d6e..000000000
Binary files a/docs/cce/umn/en-us_image_0000002218820434.png and /dev/null differ
diff --git a/docs/cce/umn/en-us_image_0000002253618649.png b/docs/cce/umn/en-us_image_0000002253618649.png
deleted file mode 100644
index c00668ebe..000000000
Binary files a/docs/cce/umn/en-us_image_0000002253618649.png and /dev/null differ
diff --git a/docs/cce/umn/en-us_image_0000002253618837.png b/docs/cce/umn/en-us_image_0000002253618837.png
deleted file mode 100644
index 8db4c7741..000000000
Binary files a/docs/cce/umn/en-us_image_0000002253618837.png and /dev/null differ
diff --git a/docs/cce/umn/en-us_image_0000002253619653.png b/docs/cce/umn/en-us_image_0000002253619653.png
deleted file mode 100644
index 22d56580d..000000000
Binary files a/docs/cce/umn/en-us_image_0000002253619653.png and /dev/null differ
diff --git a/docs/cce/umn/en-us_image_0000002253619705.png b/docs/cce/umn/en-us_image_0000002253619705.png
deleted file mode 100644
index afcbc03d5..000000000
Binary files a/docs/cce/umn/en-us_image_0000002253619705.png and /dev/null differ
diff --git a/docs/cce/umn/en-us_image_0000002253620097.png b/docs/cce/umn/en-us_image_0000002253620097.png
deleted file mode 100644
index 36a1a4822..000000000
Binary files a/docs/cce/umn/en-us_image_0000002253620097.png and /dev/null differ
diff --git a/docs/cce/umn/en-us_image_0000002253620365.png b/docs/cce/umn/en-us_image_0000002253620365.png
deleted file mode 100644
index 36a1a4822..000000000
Binary files a/docs/cce/umn/en-us_image_0000002253620365.png and /dev/null differ
diff --git a/docs/cce/umn/en-us_image_0000002253620433.png b/docs/cce/umn/en-us_image_0000002253620433.png
deleted file mode 100644
index 3e6e245b5..000000000
Binary files a/docs/cce/umn/en-us_image_0000002253620433.png and /dev/null differ
diff --git a/docs/cce/umn/en-us_image_0000002253620437.png b/docs/cce/umn/en-us_image_0000002253620437.png
deleted file mode 100644
index e1b6ec8dd..000000000
Binary files a/docs/cce/umn/en-us_image_0000002253620437.png and /dev/null differ
diff --git a/docs/cce/umn/en-us_image_0000002253778377.png b/docs/cce/umn/en-us_image_0000002253778377.png
deleted file mode 100644
index 1909444d2..000000000
Binary files a/docs/cce/umn/en-us_image_0000002253778377.png and /dev/null differ
diff --git a/docs/cce/umn/en-us_image_0000002253779501.png b/docs/cce/umn/en-us_image_0000002253779501.png
deleted file mode 100644
index 7e62ccdea..000000000
Binary files a/docs/cce/umn/en-us_image_0000002253779501.png and /dev/null differ
diff --git a/docs/cce/umn/en-us_image_0000002253779921.png b/docs/cce/umn/en-us_image_0000002253779921.png
deleted file mode 100644
index b3aebb2dc..000000000
Binary files a/docs/cce/umn/en-us_image_0000002253779921.png and /dev/null differ
diff --git a/docs/cce/umn/en-us_image_0000001696838310.png b/docs/cce/umn/en-us_image_0000002359774578.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000001696838310.png
rename to docs/cce/umn/en-us_image_0000002359774578.png
diff --git a/docs/cce/umn/en-us_image_0000002218817314.png b/docs/cce/umn/en-us_image_0000002434076708.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218817314.png
rename to docs/cce/umn/en-us_image_0000002434076708.png
diff --git a/docs/cce/umn/en-us_image_0000002253777197.png b/docs/cce/umn/en-us_image_0000002434076796.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253777197.png
rename to docs/cce/umn/en-us_image_0000002434076796.png
diff --git a/docs/cce/umn/en-us_image_0000002218658206.png b/docs/cce/umn/en-us_image_0000002434077688.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218658206.png
rename to docs/cce/umn/en-us_image_0000002434077688.png
diff --git a/docs/cce/umn/en-us_image_0000002254877052.png b/docs/cce/umn/en-us_image_0000002434077820.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002254877052.png
rename to docs/cce/umn/en-us_image_0000002434077820.png
diff --git a/docs/cce/umn/en-us_image_0000002218658506.png b/docs/cce/umn/en-us_image_0000002434077852.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218658506.png
rename to docs/cce/umn/en-us_image_0000002434077852.png
diff --git a/docs/cce/umn/en-us_image_0000002253777953.png b/docs/cce/umn/en-us_image_0000002434077884.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253777953.png
rename to docs/cce/umn/en-us_image_0000002434077884.png
diff --git a/docs/cce/umn/en-us_image_0000002218818146.png b/docs/cce/umn/en-us_image_0000002434077888.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218818146.png
rename to docs/cce/umn/en-us_image_0000002434077888.png
diff --git a/docs/cce/umn/en-us_image_0000002218818234.png b/docs/cce/umn/en-us_image_0000002434077952.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218818234.png
rename to docs/cce/umn/en-us_image_0000002434077952.png
diff --git a/docs/cce/umn/en-us_image_0000002253618133.png b/docs/cce/umn/en-us_image_0000002434077956.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253618133.png
rename to docs/cce/umn/en-us_image_0000002434077956.png
diff --git a/docs/cce/umn/en-us_image_0000002218658418.png b/docs/cce/umn/en-us_image_0000002434077960.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218658418.png
rename to docs/cce/umn/en-us_image_0000002434077960.png
diff --git a/docs/cce/umn/en-us_image_0000002218818158.png b/docs/cce/umn/en-us_image_0000002434077980.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218818158.png
rename to docs/cce/umn/en-us_image_0000002434077980.png
diff --git a/docs/cce/umn/en-us_image_0000002253618137.png b/docs/cce/umn/en-us_image_0000002434078060.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253618137.png
rename to docs/cce/umn/en-us_image_0000002434078060.png
diff --git a/docs/cce/umn/en-us_image_0000002253778245.png b/docs/cce/umn/en-us_image_0000002434078100.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253778245.png
rename to docs/cce/umn/en-us_image_0000002434078100.png
diff --git a/docs/cce/umn/en-us_image_0000002218658526.png b/docs/cce/umn/en-us_image_0000002434078164.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218658526.png
rename to docs/cce/umn/en-us_image_0000002434078164.png
diff --git a/docs/cce/umn/en-us_image_0000002218818442.jpg b/docs/cce/umn/en-us_image_0000002434078176.jpg
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218818442.jpg
rename to docs/cce/umn/en-us_image_0000002434078176.jpg
diff --git a/docs/cce/umn/en-us_image_0000002218658854.png b/docs/cce/umn/en-us_image_0000002434078268.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218658854.png
rename to docs/cce/umn/en-us_image_0000002434078268.png
diff --git a/docs/cce/umn/en-us_image_0000002218658614.png b/docs/cce/umn/en-us_image_0000002434078272.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218658614.png
rename to docs/cce/umn/en-us_image_0000002434078272.png
diff --git a/docs/cce/umn/en-us_image_0000002253618345.png b/docs/cce/umn/en-us_image_0000002434078288.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253618345.png
rename to docs/cce/umn/en-us_image_0000002434078288.png
diff --git a/docs/cce/umn/en-us_image_0000002218818386.png b/docs/cce/umn/en-us_image_0000002434078340.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218818386.png
rename to docs/cce/umn/en-us_image_0000002434078340.png
diff --git a/docs/cce/umn/en-us_image_0000002253778205.png b/docs/cce/umn/en-us_image_0000002434078352.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253778205.png
rename to docs/cce/umn/en-us_image_0000002434078352.png
diff --git a/docs/cce/umn/en-us_image_0000002253778453.png b/docs/cce/umn/en-us_image_0000002434078452.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253778453.png
rename to docs/cce/umn/en-us_image_0000002434078452.png
diff --git a/docs/cce/umn/en-us_image_0000002434078492.png b/docs/cce/umn/en-us_image_0000002434078492.png
new file mode 100644
index 000000000..4d2b37849
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002434078492.png differ
diff --git a/docs/cce/umn/en-us_image_0000002253778797.png b/docs/cce/umn/en-us_image_0000002434078552.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253778797.png
rename to docs/cce/umn/en-us_image_0000002434078552.png
diff --git a/docs/cce/umn/en-us_image_0000002253618457.png b/docs/cce/umn/en-us_image_0000002434078624.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253618457.png
rename to docs/cce/umn/en-us_image_0000002434078624.png
diff --git a/docs/cce/umn/en-us_image_0000002218818954.png b/docs/cce/umn/en-us_image_0000002434078744.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218818954.png
rename to docs/cce/umn/en-us_image_0000002434078744.png
diff --git a/docs/cce/umn/en-us_image_0000002218818994.png b/docs/cce/umn/en-us_image_0000002434078836.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218818994.png
rename to docs/cce/umn/en-us_image_0000002434078836.png
diff --git a/docs/cce/umn/en-us_image_0000002434078944.png b/docs/cce/umn/en-us_image_0000002434078944.png
new file mode 100644
index 000000000..2cf51ab69
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002434078944.png differ
diff --git a/docs/cce/umn/en-us_image_0000002434078948.png b/docs/cce/umn/en-us_image_0000002434078948.png
new file mode 100644
index 000000000..b62b00105
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002434078948.png differ
diff --git a/docs/cce/umn/en-us_image_0000002218659254.png b/docs/cce/umn/en-us_image_0000002434078988.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218659254.png
rename to docs/cce/umn/en-us_image_0000002434078988.png
diff --git a/docs/cce/umn/en-us_image_0000002218819094.png b/docs/cce/umn/en-us_image_0000002434079000.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218819094.png
rename to docs/cce/umn/en-us_image_0000002434079000.png
diff --git a/docs/cce/umn/en-us_image_0000002253619117.png b/docs/cce/umn/en-us_image_0000002434079036.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253619117.png
rename to docs/cce/umn/en-us_image_0000002434079036.png
diff --git a/docs/cce/umn/en-us_image_0000002253779017.png b/docs/cce/umn/en-us_image_0000002434079080.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253779017.png
rename to docs/cce/umn/en-us_image_0000002434079080.png
diff --git a/docs/cce/umn/en-us_image_0000002253778493.png b/docs/cce/umn/en-us_image_0000002434079156.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253778493.png
rename to docs/cce/umn/en-us_image_0000002434079156.png
diff --git a/docs/cce/umn/en-us_image_0000002218818734.png b/docs/cce/umn/en-us_image_0000002434079172.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218818734.png
rename to docs/cce/umn/en-us_image_0000002434079172.png
diff --git a/docs/cce/umn/en-us_image_0000002253619613.png b/docs/cce/umn/en-us_image_0000002434079816.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253619613.png
rename to docs/cce/umn/en-us_image_0000002434079816.png
diff --git a/docs/cce/umn/en-us_image_0000002434079820.png b/docs/cce/umn/en-us_image_0000002434079820.png
new file mode 100644
index 000000000..ec624ad7b
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002434079820.png differ
diff --git a/docs/cce/umn/en-us_image_0000002434079924.png b/docs/cce/umn/en-us_image_0000002434079924.png
new file mode 100644
index 000000000..6580061bb
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002434079924.png differ
diff --git a/docs/cce/umn/en-us_image_0000002253779605.png b/docs/cce/umn/en-us_image_0000002434079976.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253779605.png
rename to docs/cce/umn/en-us_image_0000002434079976.png
diff --git a/docs/cce/umn/en-us_image_0000002218660286.png b/docs/cce/umn/en-us_image_0000002434080024.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218660286.png
rename to docs/cce/umn/en-us_image_0000002434080024.png
diff --git a/docs/cce/umn/en-us_image_0000002253779941.png b/docs/cce/umn/en-us_image_0000002434080032.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253779941.png
rename to docs/cce/umn/en-us_image_0000002434080032.png
diff --git a/docs/cce/umn/en-us_image_0000002218660298.png b/docs/cce/umn/en-us_image_0000002434080044.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218660298.png
rename to docs/cce/umn/en-us_image_0000002434080044.png
diff --git a/docs/cce/umn/en-us_image_0000002218820158.png b/docs/cce/umn/en-us_image_0000002434080052.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218820158.png
rename to docs/cce/umn/en-us_image_0000002434080052.png
diff --git a/docs/cce/umn/en-us_image_0000002434080064.png b/docs/cce/umn/en-us_image_0000002434080064.png
new file mode 100644
index 000000000..9496839a0
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002434080064.png differ
diff --git a/docs/cce/umn/en-us_image_0000002253619909.png b/docs/cce/umn/en-us_image_0000002434080104.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253619909.png
rename to docs/cce/umn/en-us_image_0000002434080104.png
diff --git a/docs/cce/umn/en-us_image_0000002253779825.png b/docs/cce/umn/en-us_image_0000002434080108.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253779825.png
rename to docs/cce/umn/en-us_image_0000002434080108.png
diff --git a/docs/cce/umn/en-us_image_0000002434080164.png b/docs/cce/umn/en-us_image_0000002434080164.png
new file mode 100644
index 000000000..5161073bc
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002434080164.png differ
diff --git a/docs/cce/umn/en-us_image_0000002218660430.png b/docs/cce/umn/en-us_image_0000002434080192.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218660430.png
rename to docs/cce/umn/en-us_image_0000002434080192.png
diff --git a/docs/cce/umn/en-us_image_0000002434080236.png b/docs/cce/umn/en-us_image_0000002434080236.png
new file mode 100644
index 000000000..675346259
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002434080236.png differ
diff --git a/docs/cce/umn/en-us_image_0000002253620537.png b/docs/cce/umn/en-us_image_0000002434080356.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253620537.png
rename to docs/cce/umn/en-us_image_0000002434080356.png
diff --git a/docs/cce/umn/en-us_image_0000002434080364.png b/docs/cce/umn/en-us_image_0000002434080364.png
new file mode 100644
index 000000000..2a4410489
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002434080364.png differ
diff --git a/docs/cce/umn/en-us_image_0000002218819650.png b/docs/cce/umn/en-us_image_0000002434080444.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218819650.png
rename to docs/cce/umn/en-us_image_0000002434080444.png
diff --git a/docs/cce/umn/en-us_image_0000002434080480.png b/docs/cce/umn/en-us_image_0000002434080480.png
new file mode 100644
index 000000000..4281b6718
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002434080480.png differ
diff --git a/docs/cce/umn/en-us_image_0000002253779397.png b/docs/cce/umn/en-us_image_0000002434080488.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253779397.png
rename to docs/cce/umn/en-us_image_0000002434080488.png
diff --git a/docs/cce/umn/en-us_image_0000002253619765.png b/docs/cce/umn/en-us_image_0000002434080664.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253619765.png
rename to docs/cce/umn/en-us_image_0000002434080664.png
diff --git a/docs/cce/umn/en-us_image_0000002253619737.png b/docs/cce/umn/en-us_image_0000002434080684.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253619737.png
rename to docs/cce/umn/en-us_image_0000002434080684.png
diff --git a/docs/cce/umn/en-us_image_0000002218660238.png b/docs/cce/umn/en-us_image_0000002434080764.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218660238.png
rename to docs/cce/umn/en-us_image_0000002434080764.png
diff --git a/docs/cce/umn/en-us_image_0000002253619937.png b/docs/cce/umn/en-us_image_0000002434080772.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253619937.png
rename to docs/cce/umn/en-us_image_0000002434080772.png
diff --git a/docs/cce/umn/en-us_image_0000002253619605.png b/docs/cce/umn/en-us_image_0000002434080784.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253619605.png
rename to docs/cce/umn/en-us_image_0000002434080784.png
diff --git a/docs/cce/umn/en-us_image_0000002218660438.png b/docs/cce/umn/en-us_image_0000002434080872.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218660438.png
rename to docs/cce/umn/en-us_image_0000002434080872.png
diff --git a/docs/cce/umn/en-us_image_0000002253620209.png b/docs/cce/umn/en-us_image_0000002434080944.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253620209.png
rename to docs/cce/umn/en-us_image_0000002434080944.png
diff --git a/docs/cce/umn/en-us_image_0000002218660478.png b/docs/cce/umn/en-us_image_0000002434080952.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218660478.png
rename to docs/cce/umn/en-us_image_0000002434080952.png
diff --git a/docs/cce/umn/en-us_image_0000002218819774.png b/docs/cce/umn/en-us_image_0000002434080996.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218819774.png
rename to docs/cce/umn/en-us_image_0000002434080996.png
diff --git a/docs/cce/umn/en-us_image_0000002434081028.png b/docs/cce/umn/en-us_image_0000002434081028.png
new file mode 100644
index 000000000..b111e2dfe
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002434081028.png differ
diff --git a/docs/cce/umn/en-us_image_0000002253780361.png b/docs/cce/umn/en-us_image_0000002434081032.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253780361.png
rename to docs/cce/umn/en-us_image_0000002434081032.png
diff --git a/docs/cce/umn/en-us_image_0000002218660226.png b/docs/cce/umn/en-us_image_0000002434081060.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218660226.png
rename to docs/cce/umn/en-us_image_0000002434081060.png
diff --git a/docs/cce/umn/en-us_image_0000002253620397.png b/docs/cce/umn/en-us_image_0000002434081088.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253620397.png
rename to docs/cce/umn/en-us_image_0000002434081088.png
diff --git a/docs/cce/umn/en-us_image_0000002253620361.png b/docs/cce/umn/en-us_image_0000002434081104.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253620361.png
rename to docs/cce/umn/en-us_image_0000002434081104.png
diff --git a/docs/cce/umn/en-us_image_0000002218820570.png b/docs/cce/umn/en-us_image_0000002434081108.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218820570.png
rename to docs/cce/umn/en-us_image_0000002434081108.png
diff --git a/docs/cce/umn/en-us_image_0000002218820646.png b/docs/cce/umn/en-us_image_0000002434081112.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218820646.png
rename to docs/cce/umn/en-us_image_0000002434081112.png
diff --git a/docs/cce/umn/en-us_image_0000002218820650.png b/docs/cce/umn/en-us_image_0000002434081116.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218820650.png
rename to docs/cce/umn/en-us_image_0000002434081116.png
diff --git a/docs/cce/umn/en-us_image_0000002253620533.png b/docs/cce/umn/en-us_image_0000002434081124.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253620533.png
rename to docs/cce/umn/en-us_image_0000002434081124.png
diff --git a/docs/cce/umn/en-us_image_0000002253620541.png b/docs/cce/umn/en-us_image_0000002434081132.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253620541.png
rename to docs/cce/umn/en-us_image_0000002434081132.png
diff --git a/docs/cce/umn/en-us_image_0000002253620425.png b/docs/cce/umn/en-us_image_0000002434081240.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253620425.png
rename to docs/cce/umn/en-us_image_0000002434081240.png
diff --git a/docs/cce/umn/en-us_image_0000002253617217.png b/docs/cce/umn/en-us_image_0000002434236552.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253617217.png
rename to docs/cce/umn/en-us_image_0000002434236552.png
diff --git a/docs/cce/umn/en-us_image_0000002218817326.png b/docs/cce/umn/en-us_image_0000002434236556.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218817326.png
rename to docs/cce/umn/en-us_image_0000002434236556.png
diff --git a/docs/cce/umn/en-us_image_0000002218657514.png b/docs/cce/umn/en-us_image_0000002434236576.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218657514.png
rename to docs/cce/umn/en-us_image_0000002434236576.png
diff --git a/docs/cce/umn/en-us_image_0000002253617941.png b/docs/cce/umn/en-us_image_0000002434237560.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253617941.png
rename to docs/cce/umn/en-us_image_0000002434237560.png
diff --git a/docs/cce/umn/en-us_image_0000002289589649.png b/docs/cce/umn/en-us_image_0000002434237644.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002289589649.png
rename to docs/cce/umn/en-us_image_0000002434237644.png
diff --git a/docs/cce/umn/en-us_image_0000002289592109.png b/docs/cce/umn/en-us_image_0000002434237648.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002289592109.png
rename to docs/cce/umn/en-us_image_0000002434237648.png
diff --git a/docs/cce/umn/en-us_image_0000002254877428.png b/docs/cce/umn/en-us_image_0000002434237664.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002254877428.png
rename to docs/cce/umn/en-us_image_0000002434237664.png
diff --git a/docs/cce/umn/en-us_image_0000002254895070.png b/docs/cce/umn/en-us_image_0000002434237668.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002254895070.png
rename to docs/cce/umn/en-us_image_0000002434237668.png
diff --git a/docs/cce/umn/en-us_image_0000002254978558.png b/docs/cce/umn/en-us_image_0000002434237712.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002254978558.png
rename to docs/cce/umn/en-us_image_0000002434237712.png
diff --git a/docs/cce/umn/en-us_image_0000002253618121.png b/docs/cce/umn/en-us_image_0000002434237792.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253618121.png
rename to docs/cce/umn/en-us_image_0000002434237792.png
diff --git a/docs/cce/umn/en-us_image_0000002218658406.png b/docs/cce/umn/en-us_image_0000002434237800.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218658406.png
rename to docs/cce/umn/en-us_image_0000002434237800.png
diff --git a/docs/cce/umn/en-us_image_0000002218818222.png b/docs/cce/umn/en-us_image_0000002434237864.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218818222.png
rename to docs/cce/umn/en-us_image_0000002434237864.png
diff --git a/docs/cce/umn/en-us_image_0000002218658786.png b/docs/cce/umn/en-us_image_0000002434237960.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218658786.png
rename to docs/cce/umn/en-us_image_0000002434237960.png
diff --git a/docs/cce/umn/en-us_image_0000002218818398.png b/docs/cce/umn/en-us_image_0000002434237980.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218818398.png
rename to docs/cce/umn/en-us_image_0000002434237980.png
diff --git a/docs/cce/umn/en-us_image_0000002218818382.png b/docs/cce/umn/en-us_image_0000002434238008.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218818382.png
rename to docs/cce/umn/en-us_image_0000002434238008.png
diff --git a/docs/cce/umn/en-us_image_0000002253778265.png b/docs/cce/umn/en-us_image_0000002434238020.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253778265.png
rename to docs/cce/umn/en-us_image_0000002434238020.png
diff --git a/docs/cce/umn/en-us_image_0000002218818490.png b/docs/cce/umn/en-us_image_0000002434238076.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218818490.png
rename to docs/cce/umn/en-us_image_0000002434238076.png
diff --git a/docs/cce/umn/en-us_image_0000002253778225.png b/docs/cce/umn/en-us_image_0000002434238092.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253778225.png
rename to docs/cce/umn/en-us_image_0000002434238092.png
diff --git a/docs/cce/umn/en-us_image_0000002218818446.png b/docs/cce/umn/en-us_image_0000002434238140.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218818446.png
rename to docs/cce/umn/en-us_image_0000002434238140.png
diff --git a/docs/cce/umn/en-us_image_0000002253778269.png b/docs/cce/umn/en-us_image_0000002434238156.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253778269.png
rename to docs/cce/umn/en-us_image_0000002434238156.png
diff --git a/docs/cce/umn/en-us_image_0000002218818770.jpg b/docs/cce/umn/en-us_image_0000002434238160.jpg
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218818770.jpg
rename to docs/cce/umn/en-us_image_0000002434238160.jpg
diff --git a/docs/cce/umn/en-us_image_0000002218658934.jpg b/docs/cce/umn/en-us_image_0000002434238164.jpg
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218658934.jpg
rename to docs/cce/umn/en-us_image_0000002434238164.jpg
diff --git a/docs/cce/umn/en-us_image_0000002434238176.png b/docs/cce/umn/en-us_image_0000002434238176.png
new file mode 100644
index 000000000..17915e09d
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002434238176.png differ
diff --git a/docs/cce/umn/en-us_image_0000002253618813.png b/docs/cce/umn/en-us_image_0000002434238228.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253618813.png
rename to docs/cce/umn/en-us_image_0000002434238228.png
diff --git a/docs/cce/umn/en-us_image_0000002218818914.png b/docs/cce/umn/en-us_image_0000002434238264.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218818914.png
rename to docs/cce/umn/en-us_image_0000002434238264.png
diff --git a/docs/cce/umn/en-us_image_0000002218818630.png b/docs/cce/umn/en-us_image_0000002434238296.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218818630.png
rename to docs/cce/umn/en-us_image_0000002434238296.png
diff --git a/docs/cce/umn/en-us_image_0000002253778449.png b/docs/cce/umn/en-us_image_0000002434238492.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253778449.png
rename to docs/cce/umn/en-us_image_0000002434238492.png
diff --git a/docs/cce/umn/en-us_image_0000002253778541.png b/docs/cce/umn/en-us_image_0000002434238568.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253778541.png
rename to docs/cce/umn/en-us_image_0000002434238568.png
diff --git a/docs/cce/umn/en-us_image_0000002253618817.png b/docs/cce/umn/en-us_image_0000002434238636.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253618817.png
rename to docs/cce/umn/en-us_image_0000002434238636.png
diff --git a/docs/cce/umn/en-us_image_0000002253618841.png b/docs/cce/umn/en-us_image_0000002434238660.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253618841.png
rename to docs/cce/umn/en-us_image_0000002434238660.png
diff --git a/docs/cce/umn/en-us_image_0000002218659274.png b/docs/cce/umn/en-us_image_0000002434238776.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218659274.png
rename to docs/cce/umn/en-us_image_0000002434238776.png
diff --git a/docs/cce/umn/en-us_image_0000002253778885.png b/docs/cce/umn/en-us_image_0000002434238836.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253778885.png
rename to docs/cce/umn/en-us_image_0000002434238836.png
diff --git a/docs/cce/umn/en-us_image_0000002218819126.png b/docs/cce/umn/en-us_image_0000002434238848.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218819126.png
rename to docs/cce/umn/en-us_image_0000002434238848.png
diff --git a/docs/cce/umn/en-us_image_0000002253778965.png b/docs/cce/umn/en-us_image_0000002434238868.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253778965.png
rename to docs/cce/umn/en-us_image_0000002434238868.png
diff --git a/docs/cce/umn/en-us_image_0000002218819222.png b/docs/cce/umn/en-us_image_0000002434238916.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218819222.png
rename to docs/cce/umn/en-us_image_0000002434238916.png
diff --git a/docs/cce/umn/en-us_image_0000002253618549.png b/docs/cce/umn/en-us_image_0000002434238964.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253618549.png
rename to docs/cce/umn/en-us_image_0000002434238964.png
diff --git a/docs/cce/umn/en-us_image_0000002434238992.png b/docs/cce/umn/en-us_image_0000002434238992.png
new file mode 100644
index 000000000..387218f27
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002434238992.png differ
diff --git a/docs/cce/umn/en-us_image_0000002253778497.png b/docs/cce/umn/en-us_image_0000002434239004.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253778497.png
rename to docs/cce/umn/en-us_image_0000002434239004.png
diff --git a/docs/cce/umn/en-us_image_0000002253618605.png b/docs/cce/umn/en-us_image_0000002434239008.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253618605.png
rename to docs/cce/umn/en-us_image_0000002434239008.png
diff --git a/docs/cce/umn/en-us_image_0000002218658914.png b/docs/cce/umn/en-us_image_0000002434239016.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218658914.png
rename to docs/cce/umn/en-us_image_0000002434239016.png
diff --git a/docs/cce/umn/en-us_image_0000002218818982.png b/docs/cce/umn/en-us_image_0000002434239032.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218818982.png
rename to docs/cce/umn/en-us_image_0000002434239032.png
diff --git a/docs/cce/umn/en-us_image_0000002218819786.png b/docs/cce/umn/en-us_image_0000002434239688.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218819786.png
rename to docs/cce/umn/en-us_image_0000002434239688.png
diff --git a/docs/cce/umn/en-us_image_0000002218660018.png b/docs/cce/umn/en-us_image_0000002434239756.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218660018.png
rename to docs/cce/umn/en-us_image_0000002434239756.png
diff --git a/docs/cce/umn/en-us_image_0000002218659938.png b/docs/cce/umn/en-us_image_0000002434239760.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218659938.png
rename to docs/cce/umn/en-us_image_0000002434239760.png
diff --git a/docs/cce/umn/en-us_image_0000002253619713.png b/docs/cce/umn/en-us_image_0000002434239808.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253619713.png
rename to docs/cce/umn/en-us_image_0000002434239808.png
diff --git a/docs/cce/umn/en-us_image_0000002253620001.png b/docs/cce/umn/en-us_image_0000002434239840.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253620001.png
rename to docs/cce/umn/en-us_image_0000002434239840.png
diff --git a/docs/cce/umn/en-us_image_0000002218660294.png b/docs/cce/umn/en-us_image_0000002434239860.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218660294.png
rename to docs/cce/umn/en-us_image_0000002434239860.png
diff --git a/docs/cce/umn/en-us_image_0000002253620049.png b/docs/cce/umn/en-us_image_0000002434239864.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253620049.png
rename to docs/cce/umn/en-us_image_0000002434239864.png
diff --git a/docs/cce/umn/en-us_image_0000002218820018.png b/docs/cce/umn/en-us_image_0000002434239928.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218820018.png
rename to docs/cce/umn/en-us_image_0000002434239928.png
diff --git a/docs/cce/umn/en-us_image_0000002218660486.png b/docs/cce/umn/en-us_image_0000002434239996.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218660486.png
rename to docs/cce/umn/en-us_image_0000002434239996.png
diff --git a/docs/cce/umn/en-us_image_0000002253620189.png b/docs/cce/umn/en-us_image_0000002434240060.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253620189.png
rename to docs/cce/umn/en-us_image_0000002434240060.png
diff --git a/docs/cce/umn/en-us_image_0000002218820166.png b/docs/cce/umn/en-us_image_0000002434240112.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218820166.png
rename to docs/cce/umn/en-us_image_0000002434240112.png
diff --git a/docs/cce/umn/en-us_image_0000002434240204.png b/docs/cce/umn/en-us_image_0000002434240204.png
new file mode 100644
index 000000000..6877aabe9
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002434240204.png differ
diff --git a/docs/cce/umn/en-us_image_0000002434240212.png b/docs/cce/umn/en-us_image_0000002434240212.png
new file mode 100644
index 000000000..218185e3b
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002434240212.png differ
diff --git a/docs/cce/umn/en-us_image_0000002218820674.png b/docs/cce/umn/en-us_image_0000002434240216.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218820674.png
rename to docs/cce/umn/en-us_image_0000002434240216.png
diff --git a/docs/cce/umn/en-us_image_0000002253620561.png b/docs/cce/umn/en-us_image_0000002434240224.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253620561.png
rename to docs/cce/umn/en-us_image_0000002434240224.png
diff --git a/docs/cce/umn/en-us_image_0000002218659818.png b/docs/cce/umn/en-us_image_0000002434240328.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218659818.png
rename to docs/cce/umn/en-us_image_0000002434240328.png
diff --git a/docs/cce/umn/en-us_image_0000002253780381.png b/docs/cce/umn/en-us_image_0000002434240340.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253780381.png
rename to docs/cce/umn/en-us_image_0000002434240340.png
diff --git a/docs/cce/umn/en-us_image_0000002218659866.png b/docs/cce/umn/en-us_image_0000002434240368.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218659866.png
rename to docs/cce/umn/en-us_image_0000002434240368.png
diff --git a/docs/cce/umn/en-us_image_0000002218820702.png b/docs/cce/umn/en-us_image_0000002434240380.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218820702.png
rename to docs/cce/umn/en-us_image_0000002434240380.png
diff --git a/docs/cce/umn/en-us_image_0000002434240392.png b/docs/cce/umn/en-us_image_0000002434240392.png
new file mode 100644
index 000000000..774c0d649
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002434240392.png differ
diff --git a/docs/cce/umn/en-us_image_0000002218819982.png b/docs/cce/umn/en-us_image_0000002434240500.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218819982.png
rename to docs/cce/umn/en-us_image_0000002434240500.png
diff --git a/docs/cce/umn/en-us_image_0000002253779469.png b/docs/cce/umn/en-us_image_0000002434240556.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253779469.png
rename to docs/cce/umn/en-us_image_0000002434240556.png
diff --git a/docs/cce/umn/en-us_image_0000002218660194.png b/docs/cce/umn/en-us_image_0000002434240588.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218660194.png
rename to docs/cce/umn/en-us_image_0000002434240588.png
diff --git a/docs/cce/umn/en-us_image_0000002218659930.png b/docs/cce/umn/en-us_image_0000002434240692.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218659930.png
rename to docs/cce/umn/en-us_image_0000002434240692.png
diff --git a/docs/cce/umn/en-us_image_0000002253780085.png b/docs/cce/umn/en-us_image_0000002434240696.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253780085.png
rename to docs/cce/umn/en-us_image_0000002434240696.png
diff --git a/docs/cce/umn/en-us_image_0000002218660466.png b/docs/cce/umn/en-us_image_0000002434240756.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218660466.png
rename to docs/cce/umn/en-us_image_0000002434240756.png
diff --git a/docs/cce/umn/en-us_image_0000002218660474.png b/docs/cce/umn/en-us_image_0000002434240760.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218660474.png
rename to docs/cce/umn/en-us_image_0000002434240760.png
diff --git a/docs/cce/umn/en-us_image_0000002253780093.png b/docs/cce/umn/en-us_image_0000002434240800.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253780093.png
rename to docs/cce/umn/en-us_image_0000002434240800.png
diff --git a/docs/cce/umn/en-us_image_0000002253620497.png b/docs/cce/umn/en-us_image_0000002434240840.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253620497.png
rename to docs/cce/umn/en-us_image_0000002434240840.png
diff --git a/docs/cce/umn/en-us_image_0000002253620305.png b/docs/cce/umn/en-us_image_0000002434240844.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253620305.png
rename to docs/cce/umn/en-us_image_0000002434240844.png
diff --git a/docs/cce/umn/en-us_image_0000002434240884.png b/docs/cce/umn/en-us_image_0000002434240884.png
new file mode 100644
index 000000000..26ba28c24
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002434240884.png differ
diff --git a/docs/cce/umn/en-us_image_0000002253780457.png b/docs/cce/umn/en-us_image_0000002434240896.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253780457.png
rename to docs/cce/umn/en-us_image_0000002434240896.png
diff --git a/docs/cce/umn/en-us_image_0000002434240904.png b/docs/cce/umn/en-us_image_0000002434240904.png
new file mode 100644
index 000000000..74eadfd69
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002434240904.png differ
diff --git a/docs/cce/umn/en-us_image_0000002218660706.png b/docs/cce/umn/en-us_image_0000002434240924.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218660706.png
rename to docs/cce/umn/en-us_image_0000002434240924.png
diff --git a/docs/cce/umn/en-us_image_0000002218660710.png b/docs/cce/umn/en-us_image_0000002434240932.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218660710.png
rename to docs/cce/umn/en-us_image_0000002434240932.png
diff --git a/docs/cce/umn/en-us_image_0000002218660810.png b/docs/cce/umn/en-us_image_0000002434240944.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218660810.png
rename to docs/cce/umn/en-us_image_0000002434240944.png
diff --git a/docs/cce/umn/en-us_image_0000002253780145.png b/docs/cce/umn/en-us_image_0000002434241048.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253780145.png
rename to docs/cce/umn/en-us_image_0000002434241048.png
diff --git a/docs/cce/umn/en-us_image_0000002218657498.png b/docs/cce/umn/en-us_image_0000002467675109.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218657498.png
rename to docs/cce/umn/en-us_image_0000002467675109.png
diff --git a/docs/cce/umn/en-us_image_0000002289476265.png b/docs/cce/umn/en-us_image_0000002467676153.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002289476265.png
rename to docs/cce/umn/en-us_image_0000002467676153.png
diff --git a/docs/cce/umn/en-us_image_0000002254879860.png b/docs/cce/umn/en-us_image_0000002467676157.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002254879860.png
rename to docs/cce/umn/en-us_image_0000002467676157.png
diff --git a/docs/cce/umn/en-us_image_0000002254895574.png b/docs/cce/umn/en-us_image_0000002467676197.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002254895574.png
rename to docs/cce/umn/en-us_image_0000002467676197.png
diff --git a/docs/cce/umn/en-us_image_0000002253777937.png b/docs/cce/umn/en-us_image_0000002467676209.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253777937.png
rename to docs/cce/umn/en-us_image_0000002467676209.png
diff --git a/docs/cce/umn/en-us_image_0000002253777941.png b/docs/cce/umn/en-us_image_0000002467676217.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253777941.png
rename to docs/cce/umn/en-us_image_0000002467676217.png
diff --git a/docs/cce/umn/en-us_image_0000002218658322.png b/docs/cce/umn/en-us_image_0000002467676241.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218658322.png
rename to docs/cce/umn/en-us_image_0000002467676241.png
diff --git a/docs/cce/umn/en-us_image_0000002218658326.png b/docs/cce/umn/en-us_image_0000002467676245.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218658326.png
rename to docs/cce/umn/en-us_image_0000002467676245.png
diff --git a/docs/cce/umn/en-us_image_0000002218818366.png b/docs/cce/umn/en-us_image_0000002467676473.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218818366.png
rename to docs/cce/umn/en-us_image_0000002467676473.png
diff --git a/docs/cce/umn/en-us_image_0000002253778437.png b/docs/cce/umn/en-us_image_0000002467676509.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253778437.png
rename to docs/cce/umn/en-us_image_0000002467676509.png
diff --git a/docs/cce/umn/en-us_image_0000002218818310.png b/docs/cce/umn/en-us_image_0000002467676597.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218818310.png
rename to docs/cce/umn/en-us_image_0000002467676597.png
diff --git a/docs/cce/umn/en-us_image_0000002218658606.png b/docs/cce/umn/en-us_image_0000002467676609.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218658606.png
rename to docs/cce/umn/en-us_image_0000002467676609.png
diff --git a/docs/cce/umn/en-us_image_0000002467676697.png b/docs/cce/umn/en-us_image_0000002467676697.png
new file mode 100644
index 000000000..e2b26b1d9
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002467676697.png differ
diff --git a/docs/cce/umn/en-us_image_0000002253778733.png b/docs/cce/umn/en-us_image_0000002467676737.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253778733.png
rename to docs/cce/umn/en-us_image_0000002467676737.png
diff --git a/docs/cce/umn/en-us_image_0000002218818546.png b/docs/cce/umn/en-us_image_0000002467676785.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218818546.png
rename to docs/cce/umn/en-us_image_0000002467676785.png
diff --git a/docs/cce/umn/en-us_image_0000002218659110.png b/docs/cce/umn/en-us_image_0000002467676789.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218659110.png
rename to docs/cce/umn/en-us_image_0000002467676789.png
diff --git a/docs/cce/umn/en-us_image_0000002253618529.png b/docs/cce/umn/en-us_image_0000002467676797.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253618529.png
rename to docs/cce/umn/en-us_image_0000002467676797.png
diff --git a/docs/cce/umn/en-us_image_0000002218660718.png b/docs/cce/umn/en-us_image_0000002467676837.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218660718.png
rename to docs/cce/umn/en-us_image_0000002467676837.png
diff --git a/docs/cce/umn/en-us_image_0000002218659046.png b/docs/cce/umn/en-us_image_0000002467676981.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218659046.png
rename to docs/cce/umn/en-us_image_0000002467676981.png
diff --git a/docs/cce/umn/en-us_image_0000002253618569.png b/docs/cce/umn/en-us_image_0000002467677037.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253618569.png
rename to docs/cce/umn/en-us_image_0000002467677037.png
diff --git a/docs/cce/umn/en-us_image_0000002467677085.png b/docs/cce/umn/en-us_image_0000002467677085.png
new file mode 100644
index 000000000..c7854e2a2
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002467677085.png differ
diff --git a/docs/cce/umn/en-us_image_0000002253778737.png b/docs/cce/umn/en-us_image_0000002467677145.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253778737.png
rename to docs/cce/umn/en-us_image_0000002467677145.png
diff --git a/docs/cce/umn/en-us_image_0000002218818946.png b/docs/cce/umn/en-us_image_0000002467677157.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218818946.png
rename to docs/cce/umn/en-us_image_0000002467677157.png
diff --git a/docs/cce/umn/en-us_image_0000002253618897.png b/docs/cce/umn/en-us_image_0000002467677169.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253618897.png
rename to docs/cce/umn/en-us_image_0000002467677169.png
diff --git a/docs/cce/umn/en-us_image_0000002253778813.png b/docs/cce/umn/en-us_image_0000002467677189.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253778813.png
rename to docs/cce/umn/en-us_image_0000002467677189.png
diff --git a/docs/cce/umn/en-us_image_0000002253619133.png b/docs/cce/umn/en-us_image_0000002467677221.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253619133.png
rename to docs/cce/umn/en-us_image_0000002467677221.png
diff --git a/docs/cce/umn/en-us_image_0000002253778901.png b/docs/cce/umn/en-us_image_0000002467677273.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253778901.png
rename to docs/cce/umn/en-us_image_0000002467677273.png
diff --git a/docs/cce/umn/en-us_image_0000002253778853.png b/docs/cce/umn/en-us_image_0000002467677277.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253778853.png
rename to docs/cce/umn/en-us_image_0000002467677277.png
diff --git a/docs/cce/umn/en-us_image_0000002218659906.png b/docs/cce/umn/en-us_image_0000002467677281.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218659906.png
rename to docs/cce/umn/en-us_image_0000002467677281.png
diff --git a/docs/cce/umn/en-us_image_0000002218659314.png b/docs/cce/umn/en-us_image_0000002467677345.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218659314.png
rename to docs/cce/umn/en-us_image_0000002467677345.png
diff --git a/docs/cce/umn/en-us_image_0000002253779013.png b/docs/cce/umn/en-us_image_0000002467677433.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253779013.png
rename to docs/cce/umn/en-us_image_0000002467677433.png
diff --git a/docs/cce/umn/en-us_image_0000002253778485.png b/docs/cce/umn/en-us_image_0000002467677505.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253778485.png
rename to docs/cce/umn/en-us_image_0000002467677505.png
diff --git a/docs/cce/umn/en-us_image_0000002253619521.png b/docs/cce/umn/en-us_image_0000002467678045.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253619521.png
rename to docs/cce/umn/en-us_image_0000002467678045.png
diff --git a/docs/cce/umn/en-us_image_0000002467678129.png b/docs/cce/umn/en-us_image_0000002467678129.png
new file mode 100644
index 000000000..cbcc1dc01
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002467678129.png differ
diff --git a/docs/cce/umn/en-us_image_0000002253619621.png b/docs/cce/umn/en-us_image_0000002467678137.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253619621.png
rename to docs/cce/umn/en-us_image_0000002467678137.png
diff --git a/docs/cce/umn/en-us_image_0000002467678141.png b/docs/cce/umn/en-us_image_0000002467678141.png
new file mode 100644
index 000000000..9bd600e3a
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002467678141.png differ
diff --git a/docs/cce/umn/en-us_image_0000002467678173.png b/docs/cce/umn/en-us_image_0000002467678173.png
new file mode 100644
index 000000000..40105a533
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002467678173.png differ
diff --git a/docs/cce/umn/en-us_image_0000002467678177.png b/docs/cce/umn/en-us_image_0000002467678177.png
new file mode 100644
index 000000000..8f971f75f
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002467678177.png differ
diff --git a/docs/cce/umn/en-us_image_0000002467678225.png b/docs/cce/umn/en-us_image_0000002467678225.png
new file mode 100644
index 000000000..35e977876
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002467678225.png differ
diff --git a/docs/cce/umn/en-us_image_0000002253619901.png b/docs/cce/umn/en-us_image_0000002467678261.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253619901.png
rename to docs/cce/umn/en-us_image_0000002467678261.png
diff --git a/docs/cce/umn/en-us_image_0000002253619005.png b/docs/cce/umn/en-us_image_0000002467678269.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253619005.png
rename to docs/cce/umn/en-us_image_0000002467678269.png
diff --git a/docs/cce/umn/en-us_image_0000002253779617.png b/docs/cce/umn/en-us_image_0000002467678313.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253779617.png
rename to docs/cce/umn/en-us_image_0000002467678313.png
diff --git a/docs/cce/umn/en-us_image_0000002253779625.png b/docs/cce/umn/en-us_image_0000002467678317.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253779625.png
rename to docs/cce/umn/en-us_image_0000002467678317.png
diff --git a/docs/cce/umn/en-us_image_0000002253620029.png b/docs/cce/umn/en-us_image_0000002467678321.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253620029.png
rename to docs/cce/umn/en-us_image_0000002467678321.png
diff --git a/docs/cce/umn/en-us_image_0000002253620033.png b/docs/cce/umn/en-us_image_0000002467678353.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253620033.png
rename to docs/cce/umn/en-us_image_0000002467678353.png
diff --git a/docs/cce/umn/en-us_image_0000002253779949.png b/docs/cce/umn/en-us_image_0000002467678365.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253779949.png
rename to docs/cce/umn/en-us_image_0000002467678365.png
diff --git a/docs/cce/umn/en-us_image_0000002218820242.png b/docs/cce/umn/en-us_image_0000002467678445.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218820242.png
rename to docs/cce/umn/en-us_image_0000002467678445.png
diff --git a/docs/cce/umn/en-us_image_0000002467678485.png b/docs/cce/umn/en-us_image_0000002467678485.png
new file mode 100644
index 000000000..1c4d6b74e
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002467678485.png differ
diff --git a/docs/cce/umn/en-us_image_0000002467678505.png b/docs/cce/umn/en-us_image_0000002467678505.png
new file mode 100644
index 000000000..8a31138c5
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002467678505.png differ
diff --git a/docs/cce/umn/en-us_image_0000002218820410.png b/docs/cce/umn/en-us_image_0000002467678561.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218820410.png
rename to docs/cce/umn/en-us_image_0000002467678561.png
diff --git a/docs/cce/umn/en-us_image_0000002467678629.png b/docs/cce/umn/en-us_image_0000002467678629.png
new file mode 100644
index 000000000..29444a6f4
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002467678629.png differ
diff --git a/docs/cce/umn/en-us_image_0000002467678641.png b/docs/cce/umn/en-us_image_0000002467678641.png
new file mode 100644
index 000000000..07ca4ffc7
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002467678641.png differ
diff --git a/docs/cce/umn/en-us_image_0000002218820658.png b/docs/cce/umn/en-us_image_0000002467678685.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218820658.png
rename to docs/cce/umn/en-us_image_0000002467678685.png
diff --git a/docs/cce/umn/en-us_image_0000002253780433.png b/docs/cce/umn/en-us_image_0000002467678717.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253780433.png
rename to docs/cce/umn/en-us_image_0000002467678717.png
diff --git a/docs/cce/umn/en-us_image_0000002218820586.png b/docs/cce/umn/en-us_image_0000002467678845.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218820586.png
rename to docs/cce/umn/en-us_image_0000002467678845.png
diff --git a/docs/cce/umn/en-us_image_0000002253620477.png b/docs/cce/umn/en-us_image_0000002467678853.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253620477.png
rename to docs/cce/umn/en-us_image_0000002467678853.png
diff --git a/docs/cce/umn/en-us_image_0000002218660734.png b/docs/cce/umn/en-us_image_0000002467678877.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218660734.png
rename to docs/cce/umn/en-us_image_0000002467678877.png
diff --git a/docs/cce/umn/en-us_image_0000002467678893.png b/docs/cce/umn/en-us_image_0000002467678893.png
new file mode 100644
index 000000000..ad7806f1a
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002467678893.png differ
diff --git a/docs/cce/umn/en-us_image_0000002218660022.png b/docs/cce/umn/en-us_image_0000002467678985.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218660022.png
rename to docs/cce/umn/en-us_image_0000002467678985.png
diff --git a/docs/cce/umn/en-us_image_0000002253779849.png b/docs/cce/umn/en-us_image_0000002467679005.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253779849.png
rename to docs/cce/umn/en-us_image_0000002467679005.png
diff --git a/docs/cce/umn/en-us_image_0000002218820034.png b/docs/cce/umn/en-us_image_0000002467679025.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218820034.png
rename to docs/cce/umn/en-us_image_0000002467679025.png
diff --git a/docs/cce/umn/en-us_image_0000002253619569.png b/docs/cce/umn/en-us_image_0000002467679061.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253619569.png
rename to docs/cce/umn/en-us_image_0000002467679061.png
diff --git a/docs/cce/umn/en-us_image_0000002253779473.png b/docs/cce/umn/en-us_image_0000002467679065.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253779473.png
rename to docs/cce/umn/en-us_image_0000002467679065.png
diff --git a/docs/cce/umn/en-us_image_0000002253619601.png b/docs/cce/umn/en-us_image_0000002467679101.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253619601.png
rename to docs/cce/umn/en-us_image_0000002467679101.png
diff --git a/docs/cce/umn/en-us_image_0000002253779993.png b/docs/cce/umn/en-us_image_0000002467679137.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253779993.png
rename to docs/cce/umn/en-us_image_0000002467679137.png
diff --git a/docs/cce/umn/en-us_image_0000002253619977.png b/docs/cce/umn/en-us_image_0000002467679205.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253619977.png
rename to docs/cce/umn/en-us_image_0000002467679205.png
diff --git a/docs/cce/umn/en-us_image_0000002218820382.png b/docs/cce/umn/en-us_image_0000002467679233.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218820382.png
rename to docs/cce/umn/en-us_image_0000002467679233.png
diff --git a/docs/cce/umn/en-us_image_0000002253620213.png b/docs/cce/umn/en-us_image_0000002467679261.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253620213.png
rename to docs/cce/umn/en-us_image_0000002467679261.png
diff --git a/docs/cce/umn/en-us_image_0000002253779809.png b/docs/cce/umn/en-us_image_0000002467679301.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253779809.png
rename to docs/cce/umn/en-us_image_0000002467679301.png
diff --git a/docs/cce/umn/en-us_image_0000002218820458.png b/docs/cce/umn/en-us_image_0000002467679305.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218820458.png
rename to docs/cce/umn/en-us_image_0000002467679305.png
diff --git a/docs/cce/umn/en-us_image_0000002218820526.png b/docs/cce/umn/en-us_image_0000002467679373.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218820526.png
rename to docs/cce/umn/en-us_image_0000002467679373.png
diff --git a/docs/cce/umn/en-us_image_0000002218660654.png b/docs/cce/umn/en-us_image_0000002467679385.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218660654.png
rename to docs/cce/umn/en-us_image_0000002467679385.png
diff --git a/docs/cce/umn/en-us_image_0000002467679405.png b/docs/cce/umn/en-us_image_0000002467679405.png
new file mode 100644
index 000000000..ab1b9f2fb
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002467679405.png differ
diff --git a/docs/cce/umn/en-us_image_0000002218820214.png b/docs/cce/umn/en-us_image_0000002467679431.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218820214.png
rename to docs/cce/umn/en-us_image_0000002467679431.png
diff --git a/docs/cce/umn/en-us_image_0000002218660366.png b/docs/cce/umn/en-us_image_0000002467679437.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218660366.png
rename to docs/cce/umn/en-us_image_0000002467679437.png
diff --git a/docs/cce/umn/en-us_image_0000002253777129.png b/docs/cce/umn/en-us_image_0000002467715213.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253777129.png
rename to docs/cce/umn/en-us_image_0000002467715213.png
diff --git a/docs/cce/umn/en-us_image_0000002253777225.png b/docs/cce/umn/en-us_image_0000002467715337.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253777225.png
rename to docs/cce/umn/en-us_image_0000002467715337.png
diff --git a/docs/cce/umn/en-us_image_0000002218818034.png b/docs/cce/umn/en-us_image_0000002467716173.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218818034.png
rename to docs/cce/umn/en-us_image_0000002467716173.png
diff --git a/docs/cce/umn/en-us_image_0000002254895914.png b/docs/cce/umn/en-us_image_0000002467716313.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002254895914.png
rename to docs/cce/umn/en-us_image_0000002467716313.png
diff --git a/docs/cce/umn/en-us_image_0000002255002834.png b/docs/cce/umn/en-us_image_0000002467716341.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002255002834.png
rename to docs/cce/umn/en-us_image_0000002467716341.png
diff --git a/docs/cce/umn/en-us_image_0000002218818126.png b/docs/cce/umn/en-us_image_0000002467716349.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218818126.png
rename to docs/cce/umn/en-us_image_0000002467716349.png
diff --git a/docs/cce/umn/en-us_image_0000002218658310.png b/docs/cce/umn/en-us_image_0000002467716361.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218658310.png
rename to docs/cce/umn/en-us_image_0000002467716361.png
diff --git a/docs/cce/umn/en-us_image_0000002218818142.png b/docs/cce/umn/en-us_image_0000002467716365.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218818142.png
rename to docs/cce/umn/en-us_image_0000002467716365.png
diff --git a/docs/cce/umn/en-us_image_0000002218818246.png b/docs/cce/umn/en-us_image_0000002467716449.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218818246.png
rename to docs/cce/umn/en-us_image_0000002467716449.png
diff --git a/docs/cce/umn/en-us_image_0000002253618117.png b/docs/cce/umn/en-us_image_0000002467716489.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253618117.png
rename to docs/cce/umn/en-us_image_0000002467716489.png
diff --git a/docs/cce/umn/en-us_image_0000002253778017.png b/docs/cce/umn/en-us_image_0000002467716501.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253778017.png
rename to docs/cce/umn/en-us_image_0000002467716501.png
diff --git a/docs/cce/umn/en-us_image_0000002253778021.png b/docs/cce/umn/en-us_image_0000002467716505.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253778021.png
rename to docs/cce/umn/en-us_image_0000002467716505.png
diff --git a/docs/cce/umn/en-us_image_0000002467716521.png b/docs/cce/umn/en-us_image_0000002467716521.png
new file mode 100644
index 000000000..9892af0c4
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002467716521.png differ
diff --git a/docs/cce/umn/en-us_image_0000002218658654.png b/docs/cce/umn/en-us_image_0000002467716601.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218658654.png
rename to docs/cce/umn/en-us_image_0000002467716601.png
diff --git a/docs/cce/umn/en-us_image_0000002253618517.png b/docs/cce/umn/en-us_image_0000002467716629.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253618517.png
rename to docs/cce/umn/en-us_image_0000002467716629.png
diff --git a/docs/cce/umn/en-us_image_0000002253778301.png b/docs/cce/umn/en-us_image_0000002467716657.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253778301.png
rename to docs/cce/umn/en-us_image_0000002467716657.png
diff --git a/docs/cce/umn/en-us_image_0000002253618329.png b/docs/cce/umn/en-us_image_0000002467716749.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253618329.png
rename to docs/cce/umn/en-us_image_0000002467716749.png
diff --git a/docs/cce/umn/en-us_image_0000002253778253.png b/docs/cce/umn/en-us_image_0000002467716761.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253778253.png
rename to docs/cce/umn/en-us_image_0000002467716761.png
diff --git a/docs/cce/umn/en-us_image_0000002467716769.png b/docs/cce/umn/en-us_image_0000002467716769.png
new file mode 100644
index 000000000..00231259d
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002467716769.png differ
diff --git a/docs/cce/umn/en-us_image_0000002218818458.png b/docs/cce/umn/en-us_image_0000002467716805.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218818458.png
rename to docs/cce/umn/en-us_image_0000002467716805.png
diff --git a/docs/cce/umn/en-us_image_0000002253618289.png b/docs/cce/umn/en-us_image_0000002467716841.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253618289.png
rename to docs/cce/umn/en-us_image_0000002467716841.png
diff --git a/docs/cce/umn/en-us_image_0000002218818530.png b/docs/cce/umn/en-us_image_0000002467716881.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218818530.png
rename to docs/cce/umn/en-us_image_0000002467716881.png
diff --git a/docs/cce/umn/en-us_image_0000002218658938.png b/docs/cce/umn/en-us_image_0000002467716901.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218658938.png
rename to docs/cce/umn/en-us_image_0000002467716901.png
diff --git a/docs/cce/umn/en-us_image_0000002218659118.png b/docs/cce/umn/en-us_image_0000002467716909.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218659118.png
rename to docs/cce/umn/en-us_image_0000002467716909.png
diff --git a/docs/cce/umn/en-us_image_0000002218818590.png b/docs/cce/umn/en-us_image_0000002467716933.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218818590.png
rename to docs/cce/umn/en-us_image_0000002467716933.png
diff --git a/docs/cce/umn/en-us_image_0000002218659142.png b/docs/cce/umn/en-us_image_0000002467716953.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218659142.png
rename to docs/cce/umn/en-us_image_0000002467716953.png
diff --git a/docs/cce/umn/en-us_image_0000002218659182.jpg b/docs/cce/umn/en-us_image_0000002467717097.jpg
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218659182.jpg
rename to docs/cce/umn/en-us_image_0000002467717097.jpg
diff --git a/docs/cce/umn/en-us_image_0000002218659302.png b/docs/cce/umn/en-us_image_0000002467717261.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218659302.png
rename to docs/cce/umn/en-us_image_0000002467717261.png
diff --git a/docs/cce/umn/en-us_image_0000002218659098.png b/docs/cce/umn/en-us_image_0000002467717277.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218659098.png
rename to docs/cce/umn/en-us_image_0000002467717277.png
diff --git a/docs/cce/umn/en-us_image_0000002218659174.png b/docs/cce/umn/en-us_image_0000002467717329.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218659174.png
rename to docs/cce/umn/en-us_image_0000002467717329.png
diff --git a/docs/cce/umn/en-us_image_0000002253618845.png b/docs/cce/umn/en-us_image_0000002467717421.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253618845.png
rename to docs/cce/umn/en-us_image_0000002467717421.png
diff --git a/docs/cce/umn/en-us_image_0000002218819242.png b/docs/cce/umn/en-us_image_0000002467717529.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218819242.png
rename to docs/cce/umn/en-us_image_0000002467717529.png
diff --git a/docs/cce/umn/en-us_image_0000002253619089.png b/docs/cce/umn/en-us_image_0000002467717557.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253619089.png
rename to docs/cce/umn/en-us_image_0000002467717557.png
diff --git a/docs/cce/umn/en-us_image_0000002467717625.png b/docs/cce/umn/en-us_image_0000002467717625.png
new file mode 100644
index 000000000..0c936a710
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002467717625.png differ
diff --git a/docs/cce/umn/en-us_image_0261818867.png b/docs/cce/umn/en-us_image_0000002467717633.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0261818867.png
rename to docs/cce/umn/en-us_image_0000002467717633.png
diff --git a/docs/cce/umn/en-us_image_0000002218818686.png b/docs/cce/umn/en-us_image_0000002467717641.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218818686.png
rename to docs/cce/umn/en-us_image_0000002467717641.png
diff --git a/docs/cce/umn/en-us_image_0000002218818738.png b/docs/cce/umn/en-us_image_0000002467717649.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218818738.png
rename to docs/cce/umn/en-us_image_0000002467717649.png
diff --git a/docs/cce/umn/en-us_image_0000002467718269.png b/docs/cce/umn/en-us_image_0000002467718269.png
new file mode 100644
index 000000000..fd0f87e93
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002467718269.png differ
diff --git a/docs/cce/umn/en-us_image_0000002218819718.png b/docs/cce/umn/en-us_image_0000002467718301.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218819718.png
rename to docs/cce/umn/en-us_image_0000002467718301.png
diff --git a/docs/cce/umn/en-us_image_0000002253779633.png b/docs/cce/umn/en-us_image_0000002467718381.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253779633.png
rename to docs/cce/umn/en-us_image_0000002467718381.png
diff --git a/docs/cce/umn/en-us_image_0000002253619701.png b/docs/cce/umn/en-us_image_0000002467718461.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253619701.png
rename to docs/cce/umn/en-us_image_0000002467718461.png
diff --git a/docs/cce/umn/en-us_image_0000002253779773.jpg b/docs/cce/umn/en-us_image_0000002467718465.jpg
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253779773.jpg
rename to docs/cce/umn/en-us_image_0000002467718465.jpg
diff --git a/docs/cce/umn/en-us_image_0000002218820038.png b/docs/cce/umn/en-us_image_0000002467718541.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218820038.png
rename to docs/cce/umn/en-us_image_0000002467718541.png
diff --git a/docs/cce/umn/en-us_image_0000002467718549.png b/docs/cce/umn/en-us_image_0000002467718549.png
new file mode 100644
index 000000000..9ac948678
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002467718549.png differ
diff --git a/docs/cce/umn/en-us_image_0000002218660514.png b/docs/cce/umn/en-us_image_0000002467718661.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218660514.png
rename to docs/cce/umn/en-us_image_0000002467718661.png
diff --git a/docs/cce/umn/en-us_image_0000002467718693.png b/docs/cce/umn/en-us_image_0000002467718693.png
new file mode 100644
index 000000000..234ebc973
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002467718693.png differ
diff --git a/docs/cce/umn/en-us_image_0000002467718709.png b/docs/cce/umn/en-us_image_0000002467718709.png
new file mode 100644
index 000000000..19286cd5f
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002467718709.png differ
diff --git a/docs/cce/umn/en-us_image_0000002253780329.png b/docs/cce/umn/en-us_image_0000002467718757.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253780329.png
rename to docs/cce/umn/en-us_image_0000002467718757.png
diff --git a/docs/cce/umn/en-us_image_0000002253780209.png b/docs/cce/umn/en-us_image_0000002467718781.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253780209.png
rename to docs/cce/umn/en-us_image_0000002467718781.png
diff --git a/docs/cce/umn/en-us_image_0000002218659822.png b/docs/cce/umn/en-us_image_0000002467718921.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218659822.png
rename to docs/cce/umn/en-us_image_0000002467718921.png
diff --git a/docs/cce/umn/en-us_image_0000002467718941.png b/docs/cce/umn/en-us_image_0000002467718941.png
new file mode 100644
index 000000000..61073434c
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002467718941.png differ
diff --git a/docs/cce/umn/en-us_image_0000002253619517.png b/docs/cce/umn/en-us_image_0000002467718953.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253619517.png
rename to docs/cce/umn/en-us_image_0000002467718953.png
diff --git a/docs/cce/umn/en-us_image_0000002467719021.png b/docs/cce/umn/en-us_image_0000002467719021.png
new file mode 100644
index 000000000..15e3d411f
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002467719021.png differ
diff --git a/docs/cce/umn/en-us_image_0000002467719025.png b/docs/cce/umn/en-us_image_0000002467719025.png
new file mode 100644
index 000000000..09d01751b
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002467719025.png differ
diff --git a/docs/cce/umn/en-us_image_0000002467719029.png b/docs/cce/umn/en-us_image_0000002467719029.png
new file mode 100644
index 000000000..e882c2433
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002467719029.png differ
diff --git a/docs/cce/umn/en-us_image_0000002467719033.png b/docs/cce/umn/en-us_image_0000002467719033.png
new file mode 100644
index 000000000..fa9a25d77
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002467719033.png differ
diff --git a/docs/cce/umn/en-us_image_0000002467719037.png b/docs/cce/umn/en-us_image_0000002467719037.png
new file mode 100644
index 000000000..bb39b6926
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002467719037.png differ
diff --git a/docs/cce/umn/en-us_image_0000002467719041.png b/docs/cce/umn/en-us_image_0000002467719041.png
new file mode 100644
index 000000000..9fb896b0b
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002467719041.png differ
diff --git a/docs/cce/umn/en-us_image_0000002467719053.png b/docs/cce/umn/en-us_image_0000002467719053.png
new file mode 100644
index 000000000..7dd999c8e
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002467719053.png differ
diff --git a/docs/cce/umn/en-us_image_0000002467719057.png b/docs/cce/umn/en-us_image_0000002467719057.png
new file mode 100644
index 000000000..96ba98f4f
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002467719057.png differ
diff --git a/docs/cce/umn/en-us_image_0000002253779657.png b/docs/cce/umn/en-us_image_0000002467719105.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253779657.png
rename to docs/cce/umn/en-us_image_0000002467719105.png
diff --git a/docs/cce/umn/en-us_image_0000002218819854.png b/docs/cce/umn/en-us_image_0000002467719125.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218819854.png
rename to docs/cce/umn/en-us_image_0000002467719125.png
diff --git a/docs/cce/umn/en-us_image_0000002253619725.png b/docs/cce/umn/en-us_image_0000002467719133.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253619725.png
rename to docs/cce/umn/en-us_image_0000002467719133.png
diff --git a/docs/cce/umn/en-us_image_0000002467719141.png b/docs/cce/umn/en-us_image_0000002467719141.png
new file mode 100644
index 000000000..9b8c06434
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002467719141.png differ
diff --git a/docs/cce/umn/en-us_image_0000002253619981.png b/docs/cce/umn/en-us_image_0000002467719233.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253619981.png
rename to docs/cce/umn/en-us_image_0000002467719233.png
diff --git a/docs/cce/umn/en-us_image_0000002253779505.png b/docs/cce/umn/en-us_image_0000002467719245.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253779505.png
rename to docs/cce/umn/en-us_image_0000002467719245.png
diff --git a/docs/cce/umn/en-us_image_0000002467719381.png b/docs/cce/umn/en-us_image_0000002467719381.png
new file mode 100644
index 000000000..d714e168e
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002467719381.png differ
diff --git a/docs/cce/umn/en-us_image_0000002467719393.png b/docs/cce/umn/en-us_image_0000002467719393.png
new file mode 100644
index 000000000..68a0696d6
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002467719393.png differ
diff --git a/docs/cce/umn/en-us_image_0000002253779681.png b/docs/cce/umn/en-us_image_0000002467719409.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253779681.png
rename to docs/cce/umn/en-us_image_0000002467719409.png
diff --git a/docs/cce/umn/en-us_image_0000002253620349.png b/docs/cce/umn/en-us_image_0000002467719473.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253620349.png
rename to docs/cce/umn/en-us_image_0000002467719473.png
diff --git a/docs/cce/umn/en-us_image_0000002253780305.png b/docs/cce/umn/en-us_image_0000002467719549.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002253780305.png
rename to docs/cce/umn/en-us_image_0000002467719549.png
diff --git a/docs/cce/umn/en-us_image_0000002218820226.png b/docs/cce/umn/en-us_image_0000002467719573.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002218820226.png
rename to docs/cce/umn/en-us_image_0000002467719573.png
diff --git a/docs/cce/umn/en-us_image_0000002274473989.png b/docs/cce/umn/en-us_image_0000002467719689.png
similarity index 100%
rename from docs/cce/umn/en-us_image_0000002274473989.png
rename to docs/cce/umn/en-us_image_0000002467719689.png
diff --git a/docs/cce/umn/en-us_image_0000002467719741.png b/docs/cce/umn/en-us_image_0000002467719741.png
new file mode 100644
index 000000000..eb423adc3
Binary files /dev/null and b/docs/cce/umn/en-us_image_0000002467719741.png differ
diff --git a/docs/cce/umn/en-us_image_0258894622.png b/docs/cce/umn/en-us_image_0258894622.png
deleted file mode 100644
index 8d6779c6d..000000000
Binary files a/docs/cce/umn/en-us_image_0258894622.png and /dev/null differ